Print Print  
Award Information
Proposal Number: 0612014
Proposal Title: Enterprise Botnet Detection and Mitigation System
Topic Number: H-SB06.1-008
Phase: Phase II
Topic Title: BOTNET DETECTION AND MITIGATION
Organization: HBGary, Inc.
Address: 6900 Wisconsin Avenue, Suite 706
Chevy Chase, MD 20815-6114  
Abstract: Since botnets have both host and network components, detection must occur from both hosts and the network. A problem is that network management systems have no visibility of hosts, and host detection systems have no visibility of the network. Network management systems generate mountains of data that overwhelm network security administrators. Many host-based products use signatures to detect viruses and spyware, but stealthy malicious bots are not being detected. More flexible behavioral based host detection systems are emerging, but these products require frequent modification, have variable accuracy performance, and are limited to endpoint awareness, so they do not add to enterprise-level awareness. HBGary intends to develop a botnet detection system that automatically collects host and network evidence from all over the enterprise and reasons over that evidence as would a subject matter expert to determine if botnets are present. Essentially, the system will automate the analysis and conclusions of subject matter experts. The system will instruct the security response team operator on what actions to perform. The system will also provide a human analyst the ability to "drill down" to forensically analyze the threat.
Award/Contract Number: NBCHC080048
Period of Performance: 12/01/2007 - 03/30/2011
Award/Contract Value: $975,000.00
Award/Obligated Amount: $975,000.00