Dynamic Kernel Monitoring for Attack Detection and Mitigation
Small Business Information
COMPUTER MEASUREMENT LABORATORY, INC.
11985 W. Bowmont St., Boise, ID, 83713
AbstractIn an information warfare scenario, the enemy will deploy an attack that has never been seen before. This attack will completely debilitate both defensive and offensive software capabilities. We have designed and developed a system that will defend against such attacks. The project's major innovation has been a comprehensive approach for tolerating security violations in mission/safety critical software systems. This was accomplished through the use of a security processor that executes in parallel to the main CPU. The monitoring functionality for the monitored application was implemented on a specific hardware device. This adjunct hardware system is able to monitor the execution environment of the total software system unobtrusively. CML has designed and developed an engineering methodology for software process control. If a software system has been compromised, its normal activity profile will change. Processes may then be instituted to restore the system to a nominal state. CML has leveraged dynamic measurement technology to develop an engineering approach to software process control. The objective of this approach is to break the traditional software vulnerability cycle. Through the use of software process control, a software system may be monitored, in real time, for evidence that it has been compromised.
* information listed above is at the time of submission.