Deterministic Detection for Hijacked Program Execution

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N00014-12-M-0245
Agency Tracking Number: O113-IA5-4026
Amount: $150,000.00
Phase: Phase I
Program: SBIR
Awards Year: 2012
Solitcitation Year: 2011
Solitcitation Topic Code: OSD11-IA5
Solitcitation Number: 2011.3
Small Business Information
GrammaTech, Inc
531 Esty Street, Ithaca, NY, -
Duns: 603978321
Hubzone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Thomas Johnson
 Software Engineer
 (607) 273-7340
 tjohnson@grammatech.com
Business Contact
 Derek Burrows
Title: Contracts Manager
Phone: (607) 273-7340
Email: dburrows@grammatech.com
Research Institution
 Stub
Abstract
We propose technology to automatically detect software exploits that hijack the execution of a running Linux kernel or one of its hosted applications. The key enabling technology for the proposed work is provided by KATE, the Kernel Analysis and Translation Engine. KATE uses a combination of software dynamic translation and hardware virtualization to provide fine-grained, efficient monitoring of an entire system. We propose to use KATE to enforce execution invariants on a running system. Violations of the invariants will indicate that the system is under attack.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government