Eliminating Ransomware Attacks with Program Access Control (PAC)

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8649-19-P-A051
Agency Tracking Number: F19B-001-0034
Amount: $25,000.00
Phase: Phase I
Program: STTR
Solicitation Topic Code: AF19B-T001
Solicitation Number: 2019.2
Timeline
Solicitation Year: 2019
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-08-02
Award End Date (Contract End Date): 2020-08-02
Small Business Information
1197 Gazania Court, San Marcos, CA, 92078
DUNS: 050176942
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: Y
Principal Investigator
 Marc Perez
 (760) 542-6646
 marcperez@gmail.com
Business Contact
 Marc Perez
Phone: (760) 542-6646
Email: marcperez@gmail.com
Research Institution
 San Diego State University Foundation
 Bongsik Shin, PHD
 5500 Campanile Dr
San Diego, CA, 92120
 (619) 594-2133
 Nonprofit college or university
Abstract
In the wake of ransomware reaching epidemic proportions and the current anti-ransomware products inability to stop its march, there is a great deal of urgency in creating effective countermeasures. Our proposal is to design and subsequently develop a technology called Program Access Control (PAC), that can positively protect data on both consumer and enterprise systems. If successfully deployed, PAC is expected to make the current crop of ransomware and their future mutations useless. It can automatically block ransomware attempts even under severe conditions such as elevated file access privileges. As a never-before tried mechanism, it provides ransomware protection EVEN when the malware is inadvertently executed on the client or server system. The technology is designed to strangle ransomware actions (i.e., data encryption) at the very last stage of the Cyber Kill Chain, leaving no maneuvering space for attackers. This makes it impossible to evade PACs defense. The technology achieves this GUARANTEED blocking of ransomware attacks by taking an approach completely different from application whitelisting, which is not a proclaimed security solution. While whitelisting allows only pre-listed applications to run on a system, our solution doesnt restrict ANY applications from running and thus compensates for user mistakes.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government