Operating System Defense against Network Stack Denial of Service Attacks

Award Information
Agency:
Department of Defense
Branch:
Missile Defense Agency
Amount:
$69,810.00
Award Year:
2002
Program:
SBIR
Phase:
Phase I
Contract:
DASG60-02-P-0246
Agency Tracking Number:
02-0824
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
Argus Systems Group, Inc.
1809 Woodfield Drive, Savoy, IL, 61874
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
808162325
Principal Investigator
 Paul McNabb
 Senior VP and CTO
 (217) 355-6308
 mcnabb@argus-systems.com
Business Contact
 Terry Snyder
Title: Vice President and CFO
Phone: (217) 355-6308
Email: snyder@argus-systems.com
Research Institution
N/A
Abstract
"In a network stack Denial-of-Service (DoS) attack, numerous network packets flood the packet queues on a computer system, rendering the processing software on that machine (the "network stack") incapable of processing normal traffic. (This is not the sameas a network bandwidth attack, in which copious packets overwhelm the capabilities of the data lines in and out of the computer.)We propose to extend the operating system (OS)-level protection of PitBull Foundation to defend against network stack attacks by assigning certain packets a Security Label (SL) with network priority. A packet with the specified SL would be guaranteedpriority in the network stack, thereby allowing a remote administrator to access and recover a system even during a CPU DoS attack. Recovery during attack is key to survivability. An administrator would be able to access a computer, either at the computer or over a network, even during a network stack DoS attack. The administrator could then take actions to recover the system and keep it operational."

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government