Operating System Defense against Network Stack Denial of Service Attacks

Award Information
Agency:
Department of Defense
Branch
Missile Defense Agency
Amount:
$69,810.00
Award Year:
2002
Program:
SBIR
Phase:
Phase I
Contract:
DASG60-02-P-0246
Agency Tracking Number:
02-0824
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
Argus Systems Group, Inc.
1809 Woodfield Drive, Savoy, IL, 61874
Hubzone Owned:
N
Socially and Economically Disadvantaged:
N
Woman Owned:
N
Duns:
808162325
Principal Investigator:
Paul McNabb
Senior VP and CTO
(217) 355-6308
mcnabb@argus-systems.com
Business Contact:
Terry Snyder
Vice President and CFO
(217) 355-6308
snyder@argus-systems.com
Research Institution:
n/a
Abstract
"In a network stack Denial-of-Service (DoS) attack, numerous network packets flood the packet queues on a computer system, rendering the processing software on that machine (the "network stack") incapable of processing normal traffic. (This is not the sameas a network bandwidth attack, in which copious packets overwhelm the capabilities of the data lines in and out of the computer.)We propose to extend the operating system (OS)-level protection of PitBull Foundation to defend against network stack attacks by assigning certain packets a Security Label (SL) with network priority. A packet with the specified SL would be guaranteedpriority in the network stack, thereby allowing a remote administrator to access and recover a system even during a CPU DoS attack. Recovery during attack is key to survivability. An administrator would be able to access a computer, either at the computer or over a network, even during a network stack DoS attack. The administrator could then take actions to recover the system and keep it operational."

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government