Malicious Code Defuser

Award Information
Agency:
Department of Defense
Amount:
$98,943.00
Program:
SBIR
Contract:
FA8750-06-C-0120
Solitcitation Year:
2005
Solicitation Number:
2005.3
Branch:
Air Force
Award Year:
2006
Phase:
Phase I
Agency Tracking Number:
O053-SP2-1161
Solicitation Topic Code:
OSD05-SP2
Small Business Information
ANACAPA SCIENCES, INC.
301 East Carrillo Street 2FL, P. O. Box 519, Santa Barbara, CA, 93102
Hubzone Owned:
N
Woman Owned:
N
Socially and Economically Disadvantaged:
N
Duns:
053859526
Principal Investigator
 Robert Dick
 Principal Scientist
 (805) 966-6157
 radick@anacapasciences.com
Business Contact
 Douglas Harris
Title: CEO
Phone: (805) 966-6157
Email: dharris@anacapasciences.com
Research Institution
N/A
Abstract
Malicious software is an alarming threat - recent studies show: 80% of corporate computers are infected; 23% of surveyed companies reported deliberate malware downloads by employees; and 75% of the top 50 Internet worms were designed for identity theft. We identify three threat scenarios in defusing malware: (a) actual source code is available; (b) binary code is available but not source code; and (c) the payload has executed. In the first two cases, the objective is to defuse prior to any damage. In the latter case, defusing is a diagnostic "post-mortem", to interdict future damage. This proposal analyzes the technical issues surrounding the problem; describes the requirements for an effective solution; and identifies the technical challenges to reaching the solution. In and of itself, this proposal provides original research. We then lay out specific steps to create and demonstrate: (a) a program verifier to analyze source code for payloads and vulnerabilities; (b) a static analysis tool to analyze binary executables for payloads and vulnerabilities; (c) a virtual environment to safely run executables, allowing payloads to execute harmlessly; and (d) an analysis tool that examines system logs and disk images to automate post mortem analysis when payloads are executed on other systems.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government