You are here

Inline Botnet Extraction and Prevention

Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: D07PC75274 (formerly NBCHC070120)
Agency Tracking Number: 0612013
Amount: $749,996.11
Phase: Phase II
Program: SBIR
Solicitation Topic Code: H-SB06.1-008
Solicitation Number: N/A
Timeline
Solicitation Year: 2006
Award Year: 2007
Award Start Date (Proposal Award Date): 2007-09-11
Award End Date (Contract End Date): 2010-03-10
Small Business Information
1420 Spring Hill Road, Suite 600
Mclean, VA 22102-3006
United States
DUNS: 118229819
HUBZone Owned: No
Woman Owned: Yes
Socially and Economically Disadvantaged: Yes
Principal Investigator
 Christopher Jordan
 (703) 728-6778
 cjordan@endeavorsystems.com
Business Contact
 Jiemin Jordan
Title: President
Phone: (703) 728-3002
Email: jiemin@endeavorsystems.com
Research Institution
N/A
Abstract

<p>Inline Botnet Extraction And Response, iBEAR is a holistic solution of addressing botnets with collection, analysis, and prevention capability. The iBEAR is built on the success of our phase I research of botnet collection. Collection of malware is done through decoy and inline network prevention system to capture target malware and scanning malware without risking the end systems. A hybrid analysis approach uses both Pattern Recognition and Control Flow Graphs,CFG, to determine invariant attributes of the malware communications. The system then implements prevention rules to deny any botnet communication. While excited about our high quality botnet collections being used in Microsoft MSRT, Live OneCare and Window Defender, Endeavor proposes to develop a robust, automated iBEAR which is capable of handling large volume of botnets. Leveraging the FirstLight infrastructure, the generated signatures from iBEAR can be distributed globally across organizations.</p>

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government