Hardware-Assisted System Security Monitor
AFCO Systems Development proposes a PCI based system security monitor that combines an adaptable and update-capable platform with remote management and the capability to examine the host?s memory. The ability to scan the host memory is used to detect an infected computer whose operating system has been subverted. In particular the proposal targets the following types of scenarios: system call interposition, insertion of new system calls, and modification of kernel functions. A major innovation of this solution is its ability to support multiple operating systems with the same hardware. ASD proposes a multiple stage development. The first stage of this hardware development will target a Linux platform with a subsequent phase focusing on Windows. Anticipated Benefits and Potential Commercial Applications ? A low cost monitor that will directly address attacks that stem from rootkit technology. ? A security monitor that can be integrated, upgraded, extended and configured to monitor different operating systems. ? A packet filtering mechanism that is configurable and runs in parallel with the memory monitoring capability. ? A remote console solution that will support remote boot and management of a headless server.
Small Business Information at Submission:
Principal Investigator:Godfrey R. Vassallo
AFCO Systems Development Inc
200 Finn Ct. Farmingdale, NY 11735
Number of Employees: