Deterministic Detection for Hijacked Program Execution

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N00014-12-M-0245
Agency Tracking Number: O113-IA5-4026
Amount: $150,000.00
Phase: Phase I
Program: SBIR
Awards Year: 2012
Solicitation Year: 2011
Solicitation Topic Code: OSD11-IA5
Solicitation Number: 2011.3
Small Business Information
GrammaTech, Inc
531 Esty Street, Ithaca, NY, -
DUNS: 603978321
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Thomas Johnson
 Software Engineer
 (607) 273-7340
 tjohnson@grammatech.com
Business Contact
 Derek Burrows
Title: Contracts Manager
Phone: (607) 273-7340
Email: dburrows@grammatech.com
Research Institution
 Stub
Abstract
We propose technology to automatically detect software exploits that hijack the execution of a running Linux kernel or one of its hosted applications. The key enabling technology for the proposed work is provided by KATE, the Kernel Analysis and Translation Engine. KATE uses a combination of software dynamic translation and hardware virtualization to provide fine-grained, efficient monitoring of an entire system. We propose to use KATE to enforce execution invariants on a running system. Violations of the invariants will indicate that the system is under attack.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government