Software Protection to Fight through an Attack

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-10-M-1769
Agency Tracking Number: O092-IA3-1105
Amount: $100,000.00
Phase: Phase I
Program: SBIR
Awards Year: 2009
Solicitation Year: 2009
Solicitation Topic Code: OSD09-IA3
Solicitation Number: 2009.2
Small Business Information
GrammaTech, Inc
317 N. Aurora Street, Ithaca, NY, 14850
DUNS: 603978321
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Alexey Loginov
 Senior Scientist
 (607) 273-7340
 alexey@grammatech.com
Business Contact
 Ray Teitelbaum
Title: CEO
Phone: (607) 273-7340
Email: tt@grammatech.com
Research Institution
N/A
Abstract
New vulnerabilities and attacks on software applications and the underlying systems are discovered daily. Most security research focuses on detection of attacks--typically, by monitoring the execution of an application and detecting anomalous behavior. Little attention has been paid to how an application should respond to an attack. Generally, it is assumed that the application under attack is terminated and, possibly, restarted. While such a response eliminates the threat of being compromised, it is not appropriate for many types of systems: for safety-critical systems, systems that must remain operational for long periods of time, and systems that use persistent data (such as file systems and databases), rebooting to restore a safe state (even when an attack is detected) is often not an option. We propose a tool that will allow applications to recover from attacks and remain operational. The tool will monitor the execution of a program and, once an attack is detected, will repair the application’s run-time state corrupted by the attack to keep the application operational. As a separate once-per-application task performed offline, the tool will use a combination of advanced dynamic and static program-analysis techniques to learn the invariants necessary for repairing the application’s run-time state.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government