Deterministic Detection for Hijacked Program Execution

Award Information
Agency:
Department of Defense
Branch
n/a
Amount:
$487,080.00
Award Year:
2013
Program:
SBIR
Phase:
Phase II
Contract:
N00014-13-C-0304
Award Id:
n/a
Agency Tracking Number:
O2-1377
Solicitation Year:
2011
Solicitation Topic Code:
OSD11-IA5
Solicitation Number:
2011.3
Small Business Information
531 Esty Street, Ithaca, NY, -
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
603978321
Principal Investigator:
ThomasJohnson
Software Engineer
(607) 273-7340
tjohnson@grammatech.com
Business Contact:
DerekBurrows
General Counsel
(607) 273-7340
dburrows@grammatech.com
Research Institute:
n/a
Abstract
Modern computer systems are employed in numerous environments and are capable of performing a wide range of tasks. To support such capabilities economically, software developers have introduced a wide variety of functionality in modular chunks that can be rapidly reconfigured to create new applications. This leads to large, complex systems that, while providing the desired capabilities, may also include non-obvious and undesirable behavior. Such behavior can often be used to compromise the security of a computer system, leaving the system vulnerable to attacks that may disrupt the system"s operation or exfiltrate sensitive information. We propose the creation of a whole-system detection platform capable of supporting a suite of detection strategies for countering exploits that hijack the execution of a running operating system or one of its hosted applications. A critical initial component of this detection platform will be a control-flow integrity (CFI) checker. Integrity of execution control flow indicates that the execution of instructions in a software component follows a path that was intended by the developer of the softwarea property violated by many attack vectors. The proposed technology would detect such attacks by recognizing when such a violation occurs.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government