Print Print  
Award Information
Proposal Number: 0612013
Proposal Title: Inline Botnet Extraction And Response
Topic Number: H-SB06.1-008
Phase: Phase II
Topic Title: BOTNET DETECTION AND MITIGATION
Organization: Endeavor Systems, Inc.
Address: 1420 Spring Hill Rd
Suite 202
McLean , VA 20852-3026  
Abstract: Inline Botnet Extraction And Response (iBEAR) is a holistic solution of addressing botnets with collection, analysis, and prevention capability. The iBEAR is built on the success of our phase I research of botnet collection. Collection of malware is done through decoy and inline network prevention system to capture target malware and scanning malware without risking the end systems. A hybrid analysis approach uses both Pattern Recognition and Control Flow Graphs (CFG) to determine invariant attributes of the malware communications. The system then implements prevention rules to deny any botnet communication. While excited about our high quality botnet collections being used in Microsoft MSRT, Live OneCare and Window Defender, Endeavor proposes to develop a robust, automated iBEAR which is capable of handling large volume of botnets. Leveraging the FirstLight infrastructure, the generated signatures from iBEAR can be distributed globally across organizations.
Award/Contract Number: D07PC75274 (formerly NBCHC070120)
Period of Performance: 09/11/2007 - 03/10/2010
Award/Contract Value: $749,996.11
Award/Obligated Amount: $749,996.11