SecureVisor: Efficiently Protect Weapon Systems against Cyber Threats
Small Business Information
Intelligent Automation, Inc.
15400 Calhoun Drive, suite 400, Rockville, MD, -
AbstractABSTRACT: Current cyber threats analysis and detection techniques based on intrusion prevention/detection, anti-virus and spam filters often offer unsatisfactory security properties. They cannot detect new attacks, have high false negative rate and often identify attacks after they have happened. We propose a light-weight whitelist-based cyber threat detection and prevention framework for Weapon Systems, called SecureVisor. SecureVisor is composed of three major components: 1) a whitelisting tool to identify allowed safe programs; 2) a security enhanced hypervisor; and 3) Trusted Platform Module (TPM) to provide the root of trust. In all, the proposed SecureVisor is a combined hardware-software security solution to detect and prevent cyber threats to Weapon Systems. Our solution will not only provide high level of security, but also minimizes impacts on the platform in terms of power, processing cycles and operation performance. BENEFIT: We anticipate that by the end of our Phase II effort we will have matured the SecureVisor sufficiently and we will be able to demonstrate its functions to evaluate the near real-world use on multiple platforms. Our proposed techniques in threat detection and prevention can also be applied in a wide range of application scenarios. Essentially any kind of computer systems can potentially benefit from our technology. As the world becomes more and more digitalized and connected and protecting cyber assets becomes more critical, the proposed solution has tremendous application potential for military systems as well as commercial sector.
* information listed above is at the time of submission.