Emerald: Binary Program Randomization

Award Information
Agency:
Department of Homeland Security
Branch
n/a
Amount:
$99,988.29
Award Year:
2012
Program:
SBIR
Phase:
Phase I
Contract:
HSHQDC-12-C-00025
Award Id:
n/a
Agency Tracking Number:
DHS SBIR-2012.1-H-SB012.1-002 -0023-I
Solicitation Year:
2012
Solicitation Topic Code:
H-SB012.1-002
Solicitation Number:
n/a
Small Business Information
2700 Le Conte Ave, Suite 601, Berkeley, CA, 94709-1052
Hubzone Owned:
Y
Minority Owned:
Y
Woman Owned:
Y
Duns:
826960671
Principal Investigator:
JimmySu
jimmysubackup1@gmail.com
Business Contact:
DawnSong
ensighta@gmail.com
Research Institute:
n/a
Abstract
In response to SBIR topic H-SB012.1-002, "Moving Target Defense", Ensighta Security Inc proposes to develop a binary program randomization tool based on advanced binary analysis techniques called Emerald. Current computer systems suffer from mono-culture where the same system is deployed identically on many machines. This makes it easy for attackers to replicate attacks across many machines. Binary program randomization can be an effective technique for moving target defense. Emerald will employ state-of-the-art techniques to understand a binary program's code paths and data structures, which allows us to comprehensively randomize the binary program at multiple levels. This will maximize the difficulty randomization provides for attackers as the search space that the attacker has to examine significantly increases. Our technique also minimizes the attack surface as there is no need for either the original un-randomized software, or the randomization software itself, to reside on the end-user's computer, reducing the possibilities for an attacker to disable the randomization process. In terms of commercial uses of this technology, providing an effective binary program randomization tool will be greeted with enthusiasm by potential users while both government and commercial sectors are spending more money on securing their data and infrastructure. We will develop an operationally ready version of Emerald in Phase 2. At the beginning of the Phase 1 project, we will have a TRL of 3. We will have a TRL of 5 at the completion of Phase 1.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government