Multi-layer Ever-changing Self-defense Service (MESS)

Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: HSHQDC-13-C-00048
Agency Tracking Number: DHS SBIR-2012.1-H-SB012.1-002 -0006-II
Amount: $749,227.95
Phase: Phase II
Program: SBIR
Awards Year: 2013
Solitcitation Year: 2012
Solitcitation Topic Code: H-SB012.1-002
Solitcitation Number: DHS SBIR-2012.1
Small Business Information
Endeavor Systems
8300 Greensboro Drive, Suite 950, McLean , VA, 22102-3604
Duns: 118229819
Hubzone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: Y
Principal Investigator
 Yusef Pogue
 (571) 267-2921
Business Contact
 Payal Tak
Title: President and CEO
Phone: (571) 267-2937
Research Institution
Today's static IT systems allow adversaries time to plan and launch attacks. Endeavor proposes a Multi-layer, Ever changing, Self-defense Service (MESS) that is resilient and manageable. MESS prevents attackers from exploiting a target system by removing the static network & system attributes that simplify reconnaissance. Continuously refreshing the target system to a new virtual instance with a known trusted state and random service attributes, this limited-time-use virtual instance is comprised of a single application and OS combination and reduces system complexity. During Phase II, Endeavor will develop WebPurify, a DNSSEC-aware application that will build on our successful Phase I MESS prototype. WebPurify focuses on protecting web services, including web content delivery. Today, web security products detect and block attacks by enforcing acceptable use policies, and analyzing web traffic, content, etc. Powered by MESS, WebPurify allows multi-layer protections by deploying public interface obfuscation and live service migration technique. It conceals the public interface from adversaries and enables web services to self-defend and self-recover. WebPurify is a game-changing cyber defense system, not by detecting, but by concealing; not by blocking, but by cleaning. By Phase II completion, WebPurify will handle high traffic volume and multiple simultaneous connections, and be ready for the pilot/field test. Endeavor will work with clients and partners like DHS, Air Force, and McAfee to outline a pilot/field test plan. We'll develop a market plan for SaaS providers who can benefit directly from WebPurify as they have large attack surfaces and extensive virtualized infrastructure.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government