Malicious Code Defuser

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$98,943.00
Award Year:
2006
Program:
SBIR
Phase:
Phase I
Contract:
FA8750-06-C-0120
Agency Tracking Number:
O053-SP2-1161
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
ANACAPA SCIENCES, INC.
301 East Carrillo Street 2FL, P. O. Box 519, Santa Barbara, CA, 93102
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
053859526
Principal Investigator:
Robert Dick
Principal Scientist
(805) 966-6157
radick@anacapasciences.com
Business Contact:
Douglas Harris
CEO
(805) 966-6157
dharris@anacapasciences.com
Research Institution:
n/a
Abstract
Malicious software is an alarming threat - recent studies show: 80% of corporate computers are infected; 23% of surveyed companies reported deliberate malware downloads by employees; and 75% of the top 50 Internet worms were designed for identity theft. We identify three threat scenarios in defusing malware: (a) actual source code is available; (b) binary code is available but not source code; and (c) the payload has executed. In the first two cases, the objective is to defuse prior to any damage. In the latter case, defusing is a diagnostic "post-mortem", to interdict future damage. This proposal analyzes the technical issues surrounding the problem; describes the requirements for an effective solution; and identifies the technical challenges to reaching the solution. In and of itself, this proposal provides original research. We then lay out specific steps to create and demonstrate: (a) a program verifier to analyze source code for payloads and vulnerabilities; (b) a static analysis tool to analyze binary executables for payloads and vulnerabilities; (c) a virtual environment to safely run executables, allowing payloads to execute harmlessly; and (d) an analysis tool that examines system logs and disk images to automate post mortem analysis when payloads are executed on other systems.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government