Print Print  
Award Information
Proposal Number: HSHQDC-14-R-00035-H-SB014.2-002-0011-II
Proposal Title: Automated Embedded Vulnerability Identification and Exploitation Mitigation System Using FRAK, Symbiote and Autotomic Binary Structure Randomization
Topic Number: H-SB014.2-002
Phase: Phase II
Topic Title: Automatic Detection and Patching of Vulnerabilities in Embedded Systems
Organization: Red Balloon Security
Address: 336 West 37th Street
Suite 1024
New York, NY 10018-4592  
Abstract: We propose to implement a novel Embedded Live-Hardening framework and associated algorithms to combine the state-of-the-art in static firmware vulnerability analysis and mitigation with a suite of novel dynamic defensive techniques powered by Red Balloon Security's software Symbiote technology. While Symbiotes have traditionally been used directly to enforce dynamic firmware integrity attestation in embedded devices, we propose to design new Symbiote payloads capable of not only dynamic attestation, but live attack forensic data collection, analysis and ultimately, live hardening of vulnerable devices based on forensic data collected by other similar deployed devices. Lastly, we propose to design a comprehensive framework for truly integrating all meta-data collected through both static and dynamic analysis components to continuously, and automatically, identify and mitigate vulnerabilities on all protected devices. Such a framework will allow network defenders to: - Maximize vulnerability identification accuracy while minimizing expert human intervention - Minimize reaction time between threat identification and mitigation deployment for proprietary embedded devices - Maximize forensic data collection capabilities on black-box embedded devices - Minimize downtime of vulnerable and compromised devices while drastically increasing the defenders ability to patch vulnerabilities within embedded devices dynamically - Maximize overall embedded security situational awareness across enterprise-level networks of heterogeneous embedded devices We propose to deliver a phase one report that details the component technology designs and time and cost estimates for a phase two contract to implement, test and evaluate these technologies.
Award/Contract Number: D15PC00113
Period of Performance: 09/04/2015 - 09/18/2016
Award/Contract Value: $754,922.66
Award/Obligated Amount: $754,922.66