Inline Botnet Extraction and Prevention

Award Information
Agency:
Department of Homeland Security
Branch
n/a
Amount:
$749,996.11
Award Year:
2007
Program:
SBIR
Phase:
Phase II
Contract:
D07PC75274 (formerly NBCHC070120)
Agency Tracking Number:
0612013
Solicitation Year:
2006
Solicitation Topic Code:
H-SB06.1-008
Solicitation Number:
n/a
Small Business Information
Endeavor Systems, Inc.
1420 Spring Hill Road, Suite 600, Mclean, VA, 22102-3006
Hubzone Owned:
N
Socially and Economically Disadvantaged:
Y
Woman Owned:
Y
Duns:
118229819
Principal Investigator:
Christopher Jordan
(703) 728-6778
cjordan@endeavorsystems.com
Business Contact:
Jiemin Jordan
President
(703) 728-3002
jiemin@endeavorsystems.com
Research Institution:
n/a
Abstract

Inline Botnet Extraction And Response, iBEAR is a holistic solution of addressing botnets with collection, analysis, and prevention capability. The iBEAR is built on the success of our phase I research of botnet collection. Collection of malware is done through decoy and inline network prevention system to capture target malware and scanning malware without risking the end systems. A hybrid analysis approach uses both Pattern Recognition and Control Flow Graphs,CFG, to determine invariant attributes of the malware communications. The system then implements prevention rules to deny any botnet communication. While excited about our high quality botnet collections being used in Microsoft MSRT, Live OneCare and Window Defender, Endeavor proposes to develop a robust, automated iBEAR which is capable of handling large volume of botnets. Leveraging the FirstLight infrastructure, the generated signatures from iBEAR can be distributed globally across organizations.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government