Hardware-based Computer Security System

Award Information
Agency:
Department of Homeland Security
Amount:
$749,937.00
Program:
SBIR
Contract:
NBCHC070050
Solitcitation Year:
2005
Solicitation Number:
FY05.2
Branch:
N/A
Award Year:
2011
Phase:
Phase II
Agency Tracking Number:
0522003
Solicitation Topic Code:
H-SB05.2-004
Small Business Information
Cybernet Systems Corporation
727 Airport Boulevard, Ann Arbor, MI, 48108-1639
Hubzone Owned:
N
Woman Owned:
Y
Socially and Economically Disadvantaged:
Y
Duns:
197187602
Principal Investigator
 Chris Lomont
 Ph.D.
 (734) 668-2567
 clomont@cybernet.com
Business Contact
 Daniel Jarrell
Title: Contracts Manager
Phone: (734) 668-2567
Email: proposals@cybernet.com
Research Institution
N/A
Abstract
Rootkits are programs that hide pieces of software from the operating system. Rootkits replace or modify intrusion and system status applications, falsely reporting a clean system, when in fact the system has been compromised. A recent McAfee article stated rootkit infections for Windows-based PCs were up 700% for first quarter 2006, and this trend is expected to continue. A compromised system cannot audit itself; our solution relies on a PCI-Express add-on card running Linux that can monitor file accesses, prevent designated sectors modification, and can scan physical memory. This card provides a physically isolated process that monitors the host system, making it impossible for a rootkit to hide completely on the host. The card also logs forensic information and monitors network traffic to scan for malicious behavior. Software developed for our Phase I feasibility study demonstrated that our key components, file hashing and memory scanning, are capable of detecting current and expected rootkit technologies.Another component allows enterprise administration and information gathering across large organizations, and aggregates periodic information snapshots for security auditing and forensics. Requiring physical USB port access for configuration is an option.A bootable CD-ROM rootkit detection and repair tool for Windows would be a valuable spin-off.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government