Countermeasures to Covert Access Methods to Reduce Attack Susceptibility and Ensure Trust

Award Information
Agency:
Department of Defense
Branch:
Air Force
Amount:
$99,780.00
Award Year:
2009
Program:
SBIR
Phase:
Phase I
Contract:
FA8650-10-M-1764
Agency Tracking Number:
O092-IA2-1187
Solicitation Year:
2009
Solicitation Topic Code:
OSD09-IA2
Solicitation Number:
2009.2
Small Business Information
Pikewerks Corporation
105 A Church Street, Madison, AL, 35758
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
Y
Duns:
152119025
Principal Investigator
 Jim Spadaro
 Research Engineer
 (256) 325-0010
 jim.spadaro@pikewerks.com
Business Contact
 Sandy Ring
Title: CEO
Phone: (256) 325-0010
Email: sandy.ring@pikewerks.com
Research Institution
N/A
Abstract
The majority of existing computer security products and software development efforts have assumed that the OS kernel, firmware, and low-level subsystems of the underlying computer architecture are trusted entities. However, recent demonstrations of novel and sophisticated attacks on several fundamental components found in standard laptops, desktops, and servers have emphasized that the foundations of trust upon which critical systems are built must be thoroughly re-examined. Pikewerks proposes to address deep-level vulnerabilities within computer systems through the development of a novel proactive monitoring approach for detecting and preventing even the most sophisticated covert access methods from achieving successful exploitation. Our approach seeks to prevent attacks by malicious insiders, intelligence operatives, or other sophisticated saboteurs that subvert core processing capabilities of a computer system by attacking low-level components such as maintenance processor modes (SMM), BIOS modules, hardware-assisted hypervisors, and peripheral firmware. The result of this Phase I effort will be a security design and proof-of-concept implementation that reduces a system’s susceptibility to low-level exploits while also providing high assurance that the fundamental components and devices of the computer system are operating in a trustworthy manner.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government