Autonomic Kernel Protections to Reduce Attack Susceptibility

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$99,978.00
Award Year:
2007
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-07-M-1229
Agency Tracking Number:
O072-I05-1016
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
PIKEWERKS CORP.
105 A Church Street, Madison, AL, 35758
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
152119025
Principal Investigator:
Ryan Knotts
Research Engineer
(256) 325-0010
ryan.knotts@pikewerks.com
Business Contact:
Michael Ring
COO
(256) 325-0010
michael.ring@pikewerks.com
Research Institution:
n/a
Abstract
Rootkits can be classified into four common variations: user-level, kernel-level, device-level and "other-level". Each differs in the level of complexity and ease of detection. Rootkit detection is not a new challenge and has been demonstrated for user and kernel-level rootkits using a number of freely available tools. The real challenge though is to repair the compromised system; to do so a defender must act as fast, or even faster, than the attacker. Past research, which Pikewerks will build upon, demonstrates that this can be accomplished. The challenge is in placing the protection mechanism(s) out-of-band. To accomplish this, Pikewerks will take advantage of it's own proprietary techniques and input from a strategic partner, The Johns Hopkins University Applied Physics Laboratory, to ensure that the protection schemes analyzed and recommended are out-of-band and safe from attackers. The proposed research and analysis will yield several prototypes capable of providing autonomic kernel protection through self-healing in an effort to reduce attack susceptibility.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government