Countermeasures to Covert Access Methods to Reduce Attack Susceptibility and Ensure Trust

Period of Performance: 09/28/2015 - 12/28/2017

$1.5MM

Phase 2 SBIR

Recipient Firm

Edaptive Computing, Inc.
1245 Lyons Road Array
Dayton, OH 45458
Firm POC
Principal Investigator

Abstract

ABSTRACT:Sophisticated methods for infiltrating and compromising computer systems have continuously demonstrated their ability to defeat current operating system and network defenses. Computing assets such as the BIOS, hardware device drivers, and COTS hardware from non-trusted supply chains have been proven to include malware and/or Trojan horse applications. These subversive software programs provide attackers with gaping holes from which they can pirate software, exfiltrate data, execute processes, alter critical information, or control network end-nodes. The biggest problem with many of these attacks is that they reside in areas of the computer system which are not easily mitigated with software-only methodologies. In response to this needs. Edaptive Computing, Inc. is enhancing already advanced techniques for providing comprehensive protection against such threats. The TrEMBlE solution can monitor peripherals, hard drive and memory for anomalies that operate below the level visible to standard virus scanners. These protections can be added with relative ease to any standard desktop or server. As a result, the TrEMBlE solution will serve as an unassailable defense for mission critical communication systems and any related computing resources that are part of the network.BENEFIT:As advanced communication systems become more deeply entrenched in the various branches of the military, it is even more important that its security be front-and-center. These systems can be considered to consist not just of radios that form the links, but also the routers and servers that interact with and store the data in question. They will continue to be used for a wide variety of missions ranging from battlefield ISR all the way to humanitarian mission support. What is needed is a reliable way to identify possible vulnerabilities and address them conclusively. This is where the TrEMBlE solution fits into the overall picture. The growing trend to move malware to lower levels is decreasing the level of trust in commodity machines. Our solution to this problem not only addresses specific Air Force needs, but it will provide a significant foundation for improving the trustworthiness of mission-critical systems across todays military and critical information markets. As a result, TrEMBlE will be beneficial to the DoD, Homeland Security, NASA and other agencies with common requirements. Importantly, our proposed solution can be transitioned effectively to the commercial sector by providing a method to improve the trust of computational resources to a variety of market sectors such as financial, healthcare, commercial aviation and communications.