Malicious Code Defuser

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$98,943.00
Award Year:
2006
Program:
SBIR
Phase:
Phase I
Contract:
FA8750-06-C-0120
Award Id:
78643
Agency Tracking Number:
O053-SP2-1161
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
301 East Carrillo Street 2FL, P. O. Box 519, Santa Barbara, CA, 93102
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
053859526
Principal Investigator:
RobertDick
Principal Scientist
(805) 966-6157
radick@anacapasciences.com
Business Contact:
DouglasHarris
CEO
(805) 966-6157
dharris@anacapasciences.com
Research Institute:
n/a
Abstract
Malicious software is an alarming threat - recent studies show: 80% of corporate computers are infected; 23% of surveyed companies reported deliberate malware downloads by employees; and 75% of the top 50 Internet worms were designed for identity theft. We identify three threat scenarios in defusing malware: (a) actual source code is available; (b) binary code is available but not source code; and (c) the payload has executed. In the first two cases, the objective is to defuse prior to any damage. In the latter case, defusing is a diagnostic "post-mortem", to interdict future damage. This proposal analyzes the technical issues surrounding the problem; describes the requirements for an effective solution; and identifies the technical challenges to reaching the solution. In and of itself, this proposal provides original research. We then lay out specific steps to create and demonstrate: (a) a program verifier to analyze source code for payloads and vulnerabilities; (b) a static analysis tool to analyze binary executables for payloads and vulnerabilities; (c) a virtual environment to safely run executables, allowing payloads to execute harmlessly; and (d) an analysis tool that examines system logs and disk images to automate post mortem analysis when payloads are executed on other systems.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government