Multi-layer Ever-changing Self-defense Service (MESS)

Award Information
Agency:
Department of Homeland Security
Branch
n/a
Amount:
$749,227.95
Award Year:
2013
Program:
SBIR
Phase:
Phase II
Contract:
HSHQDC-13-C-00048
Award Id:
n/a
Agency Tracking Number:
DHS SBIR-2012.1-H-SB012.1-002 -0006-II
Solicitation Year:
2012
Solicitation Topic Code:
H-SB012.1-002
Solicitation Number:
DHSSBIR-2012.1
Small Business Information
8300 Greensboro Drive, Suite 950, McLean, VA, 22102-3604
Hubzone Owned:
N
Minority Owned:
Y
Woman Owned:
Y
Duns:
118229819
Principal Investigator:
WillHickie
will.hickie@gmail.com
Business Contact:
JieminLi
jiemin.jordan@endeavorsystems.com
Research Institute:
n/a
Abstract
Today's static IT systems allow adversaries time to plan and launch attacks. Endeavor proposes a Multi-layer, Ever changing, Self-defense Service (MESS) that is resilient and manageable. MESS prevents attackers from exploiting a target system by removing the static network & system attributes that simplify reconnaissance. Continuously refreshing the target system to a new virtual instance with a known trusted state and random service attributes, this limited-time-use virtual instance is comprised of a single application and OS combination and reduces system complexity. During Phase II, Endeavor will develop WebPurify, a DNSSEC-aware application that will build on our successful Phase I MESS prototype. WebPurify focuses on protecting web services, including web content delivery. Today, web security products detect and block attacks by enforcing acceptable use policies, and analyzing web traffic, content, etc. Powered by MESS, WebPurify allows multi-layer protections by deploying public interface obfuscation and live service migration technique. It conceals the public interface from adversaries and enables web services to self-defend and self-recover. WebPurify is a game-changing cyber defense system, not by detecting, but by concealing; not by blocking, but by cleaning. By Phase II completion, WebPurify will handle high traffic volume and multiple simultaneous connections, and be ready for the pilot/field test. Endeavor will work with clients and partners like DHS, Air Force, and McAfee to outline a pilot/field test plan. We'll develop a market plan for SaaS providers who can benefit directly from WebPurify as they have large attack surfaces and extensive virtualized infrastructure.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government