Deterministic Detection for Hijacked Program Execution

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N00014-13-C-0304
Agency Tracking Number: O2-1377
Amount: $487,080.00
Phase: Phase II
Program: SBIR
Awards Year: 2013
Solicitation Year: 2011
Solicitation Topic Code: OSD11-IA5
Solicitation Number: 2011.3
Small Business Information
531 Esty Street, Ithaca, NY, -
DUNS: 603978321
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Thomas Johnson
 Software Engineer
 (607) 273-7340
Business Contact
 Derek Burrows
Title: General Counsel
Phone: (607) 273-7340
Research Institution
Modern computer systems are employed in numerous environments and are capable of performing a wide range of tasks. To support such capabilities economically, software developers have introduced a wide variety of functionality in modular chunks that can be rapidly reconfigured to create new applications. This leads to large, complex systems that, while providing the desired capabilities, may also include non-obvious and undesirable behavior. Such behavior can often be used to compromise the security of a computer system, leaving the system vulnerable to attacks that may disrupt the system"s operation or exfiltrate sensitive information. We propose the creation of a whole-system detection platform capable of supporting a suite of detection strategies for countering exploits that hijack the execution of a running operating system or one of its hosted applications. A critical initial component of this detection platform will be a control-flow integrity (CFI) checker. Integrity of execution control flow indicates that the execution of instructions in a software component follows a path that was intended by the developer of the softwarea property violated by many attack vectors. The proposed technology would detect such attacks by recognizing when such a violation occurs.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government