Countermeasures to Covert Access Methods to Reduce Attack Susceptibility and Ensure Trust

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$99,780.00
Award Year:
2009
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-10-M-1764
Award Id:
91404
Agency Tracking Number:
O092-IA2-1187
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
105 A Church Street, Madison, AL, 35758
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
152119025
Principal Investigator:
JimSpadaro
Research Engineer
(256) 325-0010
jim.spadaro@pikewerks.com
Business Contact:
SandyRing
CEO
(256) 325-0010
sandy.ring@pikewerks.com
Research Institute:
n/a
Abstract
The majority of existing computer security products and software development efforts have assumed that the OS kernel, firmware, and low-level subsystems of the underlying computer architecture are trusted entities. However, recent demonstrations of novel and sophisticated attacks on several fundamental components found in standard laptops, desktops, and servers have emphasized that the foundations of trust upon which critical systems are built must be thoroughly re-examined. Pikewerks proposes to address deep-level vulnerabilities within computer systems through the development of a novel proactive monitoring approach for detecting and preventing even the most sophisticated covert access methods from achieving successful exploitation. Our approach seeks to prevent attacks by malicious insiders, intelligence operatives, or other sophisticated saboteurs that subvert core processing capabilities of a computer system by attacking low-level components such as maintenance processor modes (SMM), BIOS modules, hardware-assisted hypervisors, and peripheral firmware. The result of this Phase I effort will be a security design and proof-of-concept implementation that reduces a system's susceptibility to low-level exploits while also providing high assurance that the fundamental components and devices of the computer system are operating in a trustworthy manner.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government