Hardware-based Computer Security System

Award Information
Agency:
Department of Homeland Security
Branch
n/a
Amount:
$749,937.00
Award Year:
2007
Program:
SBIR
Phase:
Phase II
Contract:
NBCHC070050
Agency Tracking Number:
0522003
Solicitation Year:
2005
Solicitation Topic Code:
H-SB05.2-004
Solicitation Number:
n/a
Small Business Information
Cybernet Systems Corporation
727 Airport Boulevard, Ann Arbor, MI, 48108-1639
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
Y
Duns:
197187602
Principal Investigator:
Chris Lomont
Ph.D.
(734) 668-2567
clomont@cybernet.com
Business Contact:
Daniel Jarrell
Contracts Manager
(734) 668-2567
proposals@cybernet.com
Research Institution:
n/a
Abstract
Rootkits are programs that hide pieces of software from the operating system. Rootkits replace or modify intrusion and system status applications, falsely reporting a clean system, when in fact the system has been compromised. A recent McAfee article stated rootkit infections for Windowsbased PCs were up 700% for first quarter 2006, and this trend is expected to continue. A compromised system cannot audit itself; our solution relies on a PCIExpress addon card running Linux that can monitor file accesses, prevent designated sectors modification, and can scan physical memory. This card provides a physically isolated process that monitors the host system, making it impossible for a rootkit to hide completely on the host. The card also logs forensic information and monitors network traffic to scan for malicious behavior. Software developed for our Phase I feasibility study demonstrated that our key components, file hashing and memory scanning, are capable of detecting current and expected rootkit technologies.Another component allows enterprise administration and information gathering across large organizations, and aggregates periodic information snapshots for security auditing and forensics. Requiring physical USB port access for configuration is an option.A bootable CDROM rootkit detection and repair tool for Windows would be a valuable spinoff.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government