Self-Shielding Systems and Attack-Surface Mutation

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: FA8750-10-C-0109
Agency Tracking Number: F093-049-0686
Amount: $99,994.00
Phase: Phase I
Program: SBIR
Awards Year: 2010
Solicitation Year: 2009
Solicitation Topic Code: AF093-049
Solicitation Number: 2009.3
Small Business Information
503 S. River Oaks Dr., Indialantic, FL, 32903
DUNS: 027483440
HUBZone Owned: N
Woman Owned: Y
Socially and Economically Disadvantaged: N
Principal Investigator
 Michael Winburn
 Senior Scientist
 (321) 674-9267
 mwinburn@3sigmaResearch.com
Business Contact
 Michael Winburn
Title: President
Phone: (321) 674-9267
Email: mwinburn@3sigmaResearch.com
Research Institution
N/A
Abstract
3 Sigma Research investigates an advanced concept, called the Mutating Attack-Surface Investigation (MASI), to increase network protection by continuously modifying and dynamically mutating the network profile. This approach addresses the attacker’s tactic of network mapping and the assumption of a static network target. The architecture implementation uses virtual machine hypervisor technology to test and evaluate scenarios based on clearly defined metrics. While network nodes can be individual physical machines, our VM approach provides an architecture implementation that allows easy creation of different test configurations, such as multiple virtual network cards, virtual switch connections, varying operating system configurations. The results of the Phase I effort provide sufficient detail to demonstrate proof-of-concept and validate the feasibility of the envisioned system. BENEFIT: The agent-based attack-surface mutating network described in this proposal has very broad applicability. Many government and commercial organizations recognize the threat from network attacks. Since many of these attacks rely on profiling networks to discover services, this technology has the potential to protect vital networked assets through continual, dynamic mutation. Current architectures that implement static network configurations provide an easy and reliably fixed target of opportunity for the attacker. Areas such as military command and control networks, agencies involved in Intelligence, Surveillance, and Reconnaissance, scientific research, medical organizations, government contractors, and commercial companies are examples of organizations that can benefit from this technology.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government