You are here

Enterprise Botnet Detection System

Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: NBCH060136
Agency Tracking Number: 611149
Amount: $100,000.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: H-SB06.1-008
Solicitation Number: N/A
Solicitation Year: N/A
Award Year: 2006
Award Start Date (Proposal Award Date): N/A
Award End Date (Contract End Date): N/A
Small Business Information
6900 Wisconsin Avenue, Suite 706, Chevy Chase, MD, 20815
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Greg Hoglund
 Chief Executive Officer
 (408) 529-4370
Business Contact
 Robert Slapnik
Title: Vice President
Phone: (301) 652-8885
Research Institution
A botnet is a network of robots or ¿bots¿ installed surreptitiously on computer hosts and controller to do the attacker¿s bidding via remote command and control systems. Most bots employ stealth methods to hide communications and bot installation. Detecting a botnet by examining network traffic is extremely difficult since botnets frequently mask their existence by using multiple host proxies and network connections, different protocols, and encryption. The ¿weak link¿ in the botnet architecture component is the host-based bot component itself. While the bot may employ obfuscation or software protection mechanisms, ultimately it must become unobfuscated and unpacked in order to execute, and it leaves behind telltale evidence of its existence. Detection and forensics of the host based bot is the basis of this proposal. Current bot and botnet detection methods rely mostly on static signatures of known bots. HBGary proposes the Enterprise Botnet Detection System (EBDS) which will overcome the stealthy nature of advanced bots, detect and assess previously unknown bots, and provide remote forensics technologies to mitigate future botnet attacks.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government