Program Instruction Sequence Monitor for Hijack Detection and Proactive Zero-day Defense

Award Information
Agency:
Department of Defense
Branch
n/a
Amount:
$149,997.00
Award Year:
2012
Program:
SBIR
Phase:
Phase I
Contract:
N00014-12-M-0243
Award Id:
n/a
Agency Tracking Number:
O113-IA5-4062
Solicitation Year:
2011
Solicitation Topic Code:
OSD11-IA5
Solicitation Number:
2011.3
Small Business Information
2545 W. 237th Street, Suite K, Torrance, CA, -
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
004279860
Principal Investigator:
Dean Mumme
Research Scientist
(310) 530-1416
dmumme@broadatacom.com
Business Contact:
Freddie Lin
Acting CEO
(310) 530-1416
droussell@broadatacom.com
Research Institute:
Stub




Abstract
Numerous malicious means have been developed for the hijacking software program execution to gain unauthorized access and functionality on computer systems and network nodes. The techniques are many and varied, but generally fall into the framework of placing a pointer to an execution location into a program"s normative execution path, in order to cause a jump to the targeted location for subsequent execution. To address this critical need, Broadata Communications, Inc. (BCI) proposes the Program Instruction Sequence Monitor (PRISM); a robust, accurate, and efficient mechanism of deterministically detecting program hijacking. PRISM provides hijack detection that is out-of-band to attack. It does not require virtualization technology but can (optionally) leverage virtualization it to enhance robustness against attack. The key advantages of PRISM include: (1) Insensitive to replay attacks, (2) Efficient performance in comparison with dynamic tainting, (3) No need for source code, emulation, or instrumentation of the executable, (4) Works even in the presence of an executable stack, or writable code area, (5) Monitoring mechanisms are robust and out-of-band to attackers in user space. PRISM can respond to zero-day attacks, and can greatly enhance existing military, governmental, and industrial cyber-security systems.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government