Software Protection by Polymorphic and Metamorphic Transformations

Award Information
Agency:
Department of Defense
Branch:
Air Force
Amount:
$99,999.00
Award Year:
2005
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-05-C-8031
Agency Tracking Number:
O043-SP4-1130
Solicitation Year:
2004
Solicitation Topic Code:
OSD04-SP4
Solicitation Number:
2004.3
Small Business Information
PIKEWERKS CORP.
9 Forrest Street, Alexandria, VA, 22305
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
Y
Duns:
N/A
Principal Investigator
 Sandra Ring
 Chief Scientist
 (703) 969-6404
 sandy@pikewerks.com
Business Contact
 Sandra Ring
Title: President / Owner
Phone: (703) 969-6404
Email: sandy@pikewerks.com
Research Institution
N/A
Abstract
Integrity and security of application programs critical to National Security are vulnerable to differential analysis, reverse engineering, and exploitation of static buffer overflows. Without incorporating software protection initiatives, these vulnerabilities can be leveraged by an attacker to distribute a program without proper authority, tamper with its intended functionality, expose techniques behind proprietary algorithms, and launch viruses/worms against identical applications on distributed hosts. We propose to demonstrate the importance of diversity in application binaries and the feasibility of utilizing polymorphic (static) and metamorphic (dynamic) transformations as protection mechanisms. As our past research has demonstrated, these are highly efficient methods that can be incorporated into both Government and commercial applications with tremendous success.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government