Sanitizing Software of Malicious and Unauthorized Code

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-05-C-8036
Agency Tracking Number: O043-SP6-1119
Amount: $99,919.00
Phase: Phase I
Program: SBIR
Awards Year: 2005
Solicitation Year: 2004
Solicitation Topic Code: OSD04-SP6
Solicitation Number: 2004.3
Small Business Information
317 N. Aurora Street, Ithaca, NY, 14850
DUNS: N/A
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Paul Anderson
 Senior Scientist
 (607) 273-7340
 paul@grammatech.com
Business Contact
 Ray Teitelbaum
Title: CEO
Phone: (607) 273-7340
Email: tt@grammatech.com
Research Institution
N/A
Abstract
Development of modern software applications involves the use (or reuse) of a large number of software components from many different developers - some of whom may be unknown, untrustworthy, or even hostile parties. A comprehensive approach is needed for identifying malicious and unauthorized code in large software systems. We propose to do a comprehensive review of techniques for detecting malicious and unauthorized code, and to develop prototypes of the most promising approaches. Our review will focus on static analysis techniques that may prove the absence of some malicious code. Our initial efforts will focus on software model checking, clone detection, and buffer overrun analysis.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government