You are here

Dynamic Kernel Monitoring for Attack Detection and Mitigation

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-07-M-1233
Agency Tracking Number: O072-I05-1037
Amount: $99,696.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: OSD07-I05
Solicitation Number: 2007.2
Solicitation Year: 2007
Award Year: 2007
Award Start Date (Proposal Award Date): 2007-09-24
Award End Date (Contract End Date): 2008-09-24
Small Business Information
11985 W. Bowmont St.
Boise, ID 83713
United States
DUNS: 800427838
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 John Munson
 (509) 330-0455
Business Contact
 Rick Hoover
Title: Member
Phone: (208) 376-6850
Research Institution

The activity of an OS kernel may be monitored dynamically in real time. As the kernel executes, the transition among the constituent components of the kernel will follow a predictable pattern representing the normal operation of the kernel. An attack on the operating system will induce a significant and immediately recognizable disturbance in this pattern of normal activity. The Attack Recognition and Mitigation (ARM) will monitor the kernel activity through the use of a security co-processor. This co-processor will operate in parallel with the main CPU to detect changes in the nominal execution patterns of the kernel. When departures from the normal execution patterns are detected, an interrupt on the main CPU can be created which will permit the analysis by a mitigation routine of the currently executing task that created the anomalous kernel activity. The security monitoring system represents a hybrid extension of the operating system kernel with an active security monitor and a software interrupt service routine to analyze and manage the specific nature of the attack on the OS kernel. The primary objective of ARM project is to create the infrastructure for an autonomic kernel protection system and then productize this infrastructure.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government