Autonomic Kernel Protections to Reduce Attack Susceptibility
Small Business Information
105 A Church Street, Madison, AL, 35758
AbstractRootkits can be classified into four common variations: user-level, kernel-level, device-level and “other-level”. Each differs in the level of complexity and ease of detection. Rootkit detection is not a new challenge and has been demonstrated for user and kernel-level rootkits using a number of freely available tools. The real challenge though is to repair the compromised system; to do so a defender must act as fast, or even faster, than the attacker. Past research, which Pikewerks will build upon, demonstrates that this can be accomplished. The challenge is in placing the protection mechanism(s) out-of-band. To accomplish this, Pikewerks will take advantage of it’s own proprietary techniques and input from a strategic partner, The Johns Hopkins University Applied Physics Laboratory, to ensure that the protection schemes analyzed and recommended are out-of-band and safe from attackers. The proposed research and analysis will yield several prototypes capable of providing autonomic kernel protection through self-healing in an effort to reduce attack susceptibility.
* information listed above is at the time of submission.