USA flag logo/image

An Official Website of the United States Government

EXploit And Malware INcubator (EXAMIN)

Award Information

Agency:
Department of Defense
Branch:
Office of the Secretary of Defense
Award ID:
78662
Program Year/Program:
2007 / SBIR
Agency Tracking Number:
O053-SP2-1033
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
ATC - NY
33 Thornwood Drive, Suite 500 Ithaca, NY 14850-
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 2
Fiscal Year: 2007
Title: EXploit And Malware INcubator (EXAMIN)
Agency / Branch: DOD / OSD
Contract: FA8750-07-C-0106
Award Amount: $745,599.00
 

Abstract:

To mitigate the problem of obtaining potentially insecure software, ATC-NY, Architecture Technology Corporation, and Lockheed Martin are creating the EXploit And Malware INcubator (EXAMIN), a product designed to assist in the safe triggering and detection of malicious code in binaries. EXAMIN will consist of two main components: (1) an isolated sandbox built using virtual machines (VMs) that is capable of realistically simulating deployment environments, and (2) an instrumentation system that monitors an executable's activity inside the sandbox and logs its resource usage. EXAMIN will be a flexible and extensible platform capable of simulating a variety of environments and supporting a spectrum of static and dynamic analysis tools. A primary innovation of EXAMIN will be the incorporation of VM introspection as a security device: a method of monitoring activity inside of a virtual machine that does not rely on the integrity of the guest operating system within that VM.

Principal Investigator:

Steven Brueckner
Senior Cpmputer Scientist
6072571975
steve@atc-nycorp.com

Business Contact:

Richard Smith
Controller
6072571975
rick@atc-nycorp.com
Small Business Information at Submission:

ATC - NY
33 Thornwood Drive, Suite 500 Ithaca, NY 14850

EIN/Tax ID: 161549760
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No