Software Protection Vulnerability Assessment through Kernel Analysis and Relationship Maps

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-06-M-8076
Agency Tracking Number: O064-NC4-1011
Amount: $99,999.00
Phase: Phase I
Program: STTR
Awards Year: 2006
Solicitation Year: 2006
Solicitation Topic Code: OSD06-NC4
Solicitation Number: N/A
Small Business Information
PIKEWERKS CORPORATION
2308 Mount Vernon Avenue #212, Alexandria, VA, 22301
DUNS: 152119025
HUBZone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: N
Principal Investigator
 Sandra Ring
 CTO
 (703) 969-6404
 sandy@pikewerks.com
Business Contact
 Sandra Ring
Title: CEO
Phone: (703) 969-6404
Email: sandy@pikewerks.com
Research Institution
 PURDUE UNIV.
 Eugene Spafford
 CERIAS, 656 Oval Drive
West Lafayette, IN, 47907
 (765) 494-7841
 Nonprofit college or university
Abstract
Traditional development efforts leave software vulnerable to reverse engineering, tamper, and access by unauthorized individuals (insider threat). While these threats are not new, advancements in easily hidden removable media such as USB drives and memory cards make them more prevalent. One low-cost technique for software protection is to utilize a kernel module capable of securely decrypting and executing protected software without inhibiting the users’ activity. To some extent, this approach mimics the concepts employed by kernel “rootkits,” or toolkits used by attackers to conceal unauthorized access. Because this approach to software protection is relatively new, few capabilities exist to conduct comprehensive vulnerability analysis. We propose to demonstrate the use of relationship maps as a means of analyzing the strength of these protection capabilities. The maps generated will enable AT-SPI to gather detailed forensics data about the executing software (including the kernel functionality) in a visual form. In addition to beneficial red-team analysis, this technology can be utilized as a security tool to detect and reverse engineer sophisticated kernel rootkits. As our past research has demonstrated, these are highly efficient methods that can be incorporated into both Government and commercial applications with tremendous success.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government