Software Protection to Fight through an Attack

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$100,000.00
Award Year:
2009
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-10-M-1769
Award Id:
91407
Agency Tracking Number:
O092-IA3-1105
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
317 N. Aurora Street, Ithaca, NY, 14850
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
603978321
Principal Investigator:
Alexey Loginov
Senior Scientist
(607) 273-7340
alexey@grammatech.com
Business Contact:
Ray Teitelbaum
CEO
(607) 273-7340
tt@grammatech.com
Research Institute:
n/a
Abstract
New vulnerabilities and attacks on software applications and the underlying systems are discovered daily. Most security research focuses on detection of attacks--typically, by monitoring the execution of an application and detecting anomalous behavior. Little attention has been paid to how an application should respond to an attack. Generally, it is assumed that the application under attack is terminated and, possibly, restarted. While such a response eliminates the threat of being compromised, it is not appropriate for many types of systems: for safety-critical systems, systems that must remain operational for long periods of time, and systems that use persistent data (such as file systems and databases), rebooting to restore a safe state (even when an attack is detected) is often not an option. We propose a tool that will allow applications to recover from attacks and remain operational. The tool will monitor the execution of a program and, once an attack is detected, will repair the application's run-time state corrupted by the attack to keep the application operational. As a separate once-per-application task performed offline, the tool will use a combination of advanced dynamic and static program-analysis techniques to learn the invariants necessary for repairing the application's run-time state.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government