Automatic Artificial Diversity for Virtual Machines

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$99,547.00
Award Year:
2010
Program:
SBIR
Phase:
Phase I
Contract:
FA8750-10-C-0113
Award Id:
97184
Agency Tracking Number:
F093-053-1074
Solicitation Year:
n/a
Solicitation Topic Code:
AF 09-053
Solicitation Number:
n/a
Small Business Information
727 Airport Boulevard, Ann Arbor, MI, 48108
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
197187602
Principal Investigator:
Chris Lomont
Research Engineer
(734) 668-2567
proposals@cybernet.com
Business Contact:
Charles Jacobus
President
(734) 668-2567
proposals@cybernet.com
Research Institution:
n/a
Abstract
Large scale adoption of homogeneous computing environments presents serious risk of automated attacks due to the unified nature of the computing environments. Botnet and computer virus attacks are successful due to widespread unification of computing systems, presenting a uniform attack surface so an attack devised for one machine can be replicated to millions of machines. A method available in computing systems not possible for living systems is to change the "DNA" on each individual machine in a cryptographically secure manner, that is, using instruction set randomization. We propose to design and implement an instruction randomization environment suitable for virtual machine deployment. This design will address compiling new code and translating existing binaries to the per machine instruction set, securely selecting instruction sets, implementation issues for the resulting tool chain, virtual machine behavior, and performance issues relating to the interaction of the translated binaries and virtual machine. With this design we will identify diversification opportunities, estimate security gains and possible weaknesses, and detail how the system will function in a production environment BENEFIT: The proposed technology will increase the security of virtual machine platforms, by removing some of the homogeneity through randomization. This randomization makes it harder for automated attacks to have widespread effects such desktops, such as the Federal Desktop Computer Configuration (FDCC). Commercial applications include licensing the technology into current virtualization companies (Microsoft and VMWare) and security companies (McAfee, Cisco, Symantec) as well as offering a product to sell directly to companies needing secure virtualization.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government