You are here

Eliminating Ransomware Attacks with Program Access Control (PAC)

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8649-19-P-A051
Agency Tracking Number: F19B-001-0034
Amount: $25,000.00
Phase: Phase I
Program: STTR
Solicitation Topic Code: AF19B-T001
Solicitation Number: 19.B
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-08-02
Award End Date (Contract End Date): 2020-08-02
Small Business Information
1197 Gazania Court
San Marcos, CA 92078
United States
DUNS: 050176942
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: Yes
Principal Investigator
 Marc Perez
 (760) 542-6646
Business Contact
 Marc Perez
Phone: (760) 533-9487
Research Institution
 San Diego State University Foundation
 Bongsik Shin, PHD Bongsik Shin, PHD
5500 Campanile Dr
San Diego, CA 92120
United States

 (619) 594-2133
 Nonprofit College or University

In the wake of ransomware reaching epidemic proportions and the current anti-ransomware products’ inability to stop its march, there is a great deal of urgency in creating effective countermeasures. Our proposal is to design and subsequently develop a technology called Program Access Control (PAC), that can positively protect data on both consumer and enterprise systems. If successfully deployed, PAC is expected to make the current crop of ransomware and their future mutations useless. It can automatically block ransomware attempts even under severe conditions such as elevated file access privileges. As a never-before tried mechanism, it provides ransomware protection EVEN when the malware is inadvertently executed on the client or server system. The technology is designed to strangle ransomware actions (i.e., data encryption) at the very last stage of the Cyber Kill Chain, leaving no maneuvering space for attackers. This makes it impossible to evade PAC’s defense. The technology achieves this GUARANTEED blocking of ransomware attacks by taking an approach completely different from application whitelisting, which is not a proclaimed security solution. While whitelisting allows only pre-listed applications to run on a system, our solution doesn’t restrict ANY applications from running and thus compensates for user mistakes.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government