Kernel-mode Software Protection to Prevent Piracy, Reverse Engineering, and Tampering of End-Node Applications
Small Business Information
ASHTON SECURITY LABORATORIES, LLC
12530 Rock Ridge Road, Herndon, VA, 20170
AbstractWe propose to further the development of a secure integrity monitor for PCs. Its feasibility was determined in Phase I. It uses the System Management Mode of the Intel Pentium architecture (including compatible chips from AMD) to protect itself from tampering or interference by malicious software that is running in kernel mode, such as root-kits. It uses a statistical approach to malicious software detection that is asymmetrical in that it requires more effort from attackers to counter all of its potential protection mechanisms that it is required to actually execute.
* information listed above is at the time of submission.