Software Protection by Polymorphic and Metamorphic Transformations

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8650-06-C-8051
Agency Tracking Number: O043-SP4-1130
Amount: $2,495,910.00
Phase: Phase II
Program: SBIR
Awards Year: 2006
Solicitation Year: 2004
Solicitation Topic Code: OSD04-SP4
Solicitation Number: 2004.3
Small Business Information
PIKEWERKS CORP.
9 Forrest Street, Alexandria, VA, 22305
DUNS: 152119025
HUBZone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: N
Principal Investigator
 Sandra Ring
 Chief Scientist
 (703) 969-6404
 sandy@pikewerks.com
Business Contact
 Sandra Ring
Title: CEO
Phone: (703) 969-6404
Email: sandy@pikewerks.com
Research Institution
N/A
Abstract
Software critical to national security and essential to a corporation’s survival can easily be exploited through reverse engineering and unauthorized access. Without innovative protection initiatives, these vulnerabilities can be leveraged by an attacker to distribute a program without proper authority, tamper with its intended functionality, expose proprietary algorithms, and launch viruses/worms against identical applications on distributed hosts. When the attacker is a malicious insider, the challenge grows more complex because they may have decryption keys and are likely knowledgeable of auditing and detection capabilities. Therefore, to be successful, software protection mechanisms must be capable of defending against all methods of attack, including insider threats. During Phase I, Pikewerks drew upon the importance of diversity in application binaries to develop a prototype, ELECTRONIC ARMOR, that is capable of protecting software from various types of attacks. In Phase II, the prototype will be expanded and matured to include additional layers of polymorphic/metamorphic transformations, deception, and anti-tamper mechanisms that can be embedded within a binary. The product of Phase II will be a software security and digital rights management technology that can be successfully incorporated into both Government and commercial applications with minimal performance impact.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government