Covert Loading and Execution of Software Protections to Reduce Adversarial Detection
Small Business Information
105 A Church Street, Madison, AL, 35758
AbstractPikewerks proposes to research and develop methods to securely load and execute sensitive software modules in a covert manner that cannot easily be defeated by even the most dedicated adversaries. The mechanisms developed will enhance software protection systems by making them more robust against reverse-engineering efforts. Software loading approaches can be divided into pre-boot and post-boot mechanisms. Pre-boot approaches typically include BIOS or boot sector modifications. Post-boot approaches typically include the use of documented OS, user, and kernel driver loading mechanisms as well as undocumented methods such as the exploitation of unpublished vulnerabilities. Pikewerks will focus on pre-boot methods of software loading and covert execution. Research will focus on several different methods of covert software execution, and a prototype will be generated that demonstrates the feasibility of covert loading using either the best method or combination of methods discovered during the research.
* information listed above is at the time of submission.