Fluxus: Innovative Technology for Secure Cloud Computing

Period of Performance: 08/30/2013 - 03/03/2014

$100K

Phase 1 SBIR

Recipient Firm

Modus Operandi, Inc.
709 South Harbor City Blvd., Suite 400 Array
Melbourne, FL 32901
Principal Investigator

Abstract

The Modus Operandi Team proposes to design, develop, and demonstrate innovative technology to detect, prevent, and mitigate security threats at all levels within the cloud computing environment. Within the problem space, our objective is to provide measurable security in the cloud environment that goes well beyond contractual (but unenforceable) trust between the cloud user and the cloud provider. Our desire is to create a security solution which does not rely on detecting specific pieces of known malware, but which can detect features which reveal entire classes of malware without the need of a specific signature. Our proposal addresses detecting malware and, in particular, malware which infiltrates the hypervisor. The proposed technical approach will demonstrate how the Army can leverage cloud-based assets without compromising operational effectiveness. In particular, we leverage a timing noise channel, which allows hosted applications to reason about the environment in which they are executing. This channel can be used to determine if the environment has been compromised, and carry out a limited measure of its trustworthiness. An advantage of our approach is that it does not require administrative access to the underlying hosting platform.