SPANS: Software Protection using Anti-tamper and Network Security

Period of Performance: 10/01/2008 - 04/01/2009

$100K

Phase 1 SBIR

Recipient Firm

CFD Research Corp.
701 McMillian Way NW Suite D
Huntsville, AL 35806
Principal Investigator

Abstract

US software is constantly being attacked by enemies in attempts to reverse engineer the software to extract useful information, military secrets, and intellectual property. This SBIR proposes a solution to this problem: multiple software guards and a secure, efficient communication channel for the exchange of attack information. Six aspects of our proposed solution are especially unique: 1) multiple information assurance-based techniques to protect software applications, 2) multiple anti-tamper-based techniques to protect the integrity of the application s network information, 3) inter-guard communication based on proven, efficient wireless transmission techniques and covert channels (preventing divide-and-conquer attacks), 4) separate guards providing different anti-tamper techniques (including third parties techniques), 5) stealth corruption to destroy software functionality without alerting attackers, and 6) exclusive use of the solution for the DoD, DHS, and their contractors. The complete solution will be an automated tool that incorporates this advanced protection into the software development process. In Phase I, a preliminary version of the system will be developed. To show feasibility, several security engineers will perform reverse engineering attacks against the solution. In Phase II, we will add automation and integration with third-party techniques and conduct extensive testing of the solution.