The Design of Defensive Software Systems

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$99,941.00
Award Year:
2009
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-10-M-1768
Agency Tracking Number:
O092-IA3-1020
Solicitation Year:
2009
Solicitation Topic Code:
OSD09-IA3
Solicitation Number:
2009.2
Small Business Information
Computer Measurement Laboratory, Inc.
128 E Pine Avenue, Meridian, ID, 83642
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
800427838
Principal Investigator:
John Munson
Director of Research
(208) 884-2138
jmunson@cmlab.biz
Business Contact:
Rick Hoover
Principal
(208) 884-2138
rphoover@cmlab.biz
Research Institution:
n/a
Abstract
CML proposes to extend its current work in dynamic kernel monitoring for attack recognition and mitigation. The focus of this proposal is on mitigating the effects of an attack on executing software process by an individual user. The object of interest is the mapping of the activity of a user of a software system onto a model of their normal use of this software. In the construction of a mathematical model of certified software activity there two distinct sources of variation in the actual execution vocabulary of the software: the variation that is due to the differences between users of the application and the variation with each user in the way that they use the software. In our previous research investigations we have focused on the total variation of activity across all users. To establish a defensive posture for software that is being misused by an authenticated user, we must construct multiple models of normal activity; one for each user. In this new research aspect we will increase the level resolution for software activity to the individual user level. This will, in turn, permit the system to recognize and react to the abnormal activity per individual user.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government