PrintPrint

Awards

Topic Information Award/Contract Number Proposal Information Company Performance
Period
Award/Contract
Value
Abstract

H-SB017.1-003
Do Not Spoof Services for Modern Telephony

HSHQDC-17-C-00036 HSHQDC-17-R-00010-H-SB017.1-003-0006-I
(HSHQDC-17-R-00010 Phase I)
Verification of Caller Ascertained Logically (VOCAL)

AnaVation LLC.
11654 Plaza America Drive
suite 500
Reston, VA 20190-4700

05/01/2017
to
10/31/2017
$99,893.19

AnaVation is proposing the development of two systems designed to solve the challenge of government to outside and government to government spoofing respectively, both of which would be integrated into a Comprehensive Investigate Dashboard to provide organizations with an expansive view into the types and frequencies of call spoofing attempts. The first system would be an on top, out of band solution that would enable reactive event-driven detection and notification of government to outside call spoofing. The second system would be a multi-factor authentication solution that, in the case of government to government call spoofing, would enable employees to vet communications to uncover malicious spoofing attempts and thus take action to cease communications before sensitive information could be conveyed and/or compromising actions undertaken. A key distinction between the two systems is while the first system is fully automated, the second requires human interaction and training.

H-SB017.1-003
Do Not Spoof Services for Modern Telephony

70RSAT18C00000013 HSHQDC-17-R-00010-H-SB017.1-003-0006-II
(HSHQDC-17-R-00010 Phase II)
Verification of Caller Ascertained Logically (VOCAL)

AnaVation LLC.
11654 Plaza America Drive
suite 500
Reston, VA 20190-4700

04/03/2018
to
04/02/2020
$749,908.56

For a DHS SBIR Phase I award, VOCAL (Verification of Caller Ascertained Logically), AnaVation built a prototype of the Do Not Spoof Service (DNSS), a modular, componentized solution for spoofed call detection and blocking and/or notification via multi-layered call and user authentication and validation. During Phase II we will focus on production-level development, such as improving and adding functionality, hardening code, refreshing the User Interface (UI) and User Experience (UX), testing and QA. This will result in delivering a production-ready minimum viable product (MVP) capable of deployment. The DNSS MVP will include five componentized services that will integrate across both mobile and VoIP systems and leverage applicable and operational best practices for the telephony industry to address multiple telephony spoofing challenges identified in Phase I research. The solution delivered at the end of Phase II will minimize the financial and security impact of spoofed calls. Our modified technical approach - as opposed to that of a single, take-all-or-nothing solution - will amplify DNSS's value and increase its commercial viability, and, most importantly, its impact in combating malicious spoofed calls. There are commercial applications for government organizations, telecommunications providers, industry organizations and caller-ID/call-blocking solutions providers. AnaVation has already received a Letter of Intent (LOI) from Nomorobo, one of the largest call-blocking services, indicating that it intends to integrate/consume one of DNSS's services once production-ready (Do Not Originate as a Service (DNOaaS)).

H-SB017.1-004
Identity Verification & Validation for Mobile Networks Authentication Enhancement

HSHQDC-17-C-00029 HSHQDC-17-R-00010-H-SB017.1-004-0004-I
(HSHQDC-17-R-00010 Phase I)
SIM Forward: Leveraging Trusted Authentication for New 5G Services

NAND Technologies Inc
170 Shannon Woods Drive
Front Royal, VA 22630-9212

05/02/2017
to
11/01/2017
$100,000.00

Threats to mobile networks are pervasive and deep. Due to aging standards and an initial approach of minimum viable security significant risks persist. Spoofing, tampering, and denial of service are three primary vulnerabilities. Ultimately updating global standards to increase authentication and security is likely to be the terminal solution, however this is likely to take well over to a decade. The widely know SS7 vulnerabilities were first documented almost two decades ago yet the root problem has yet to be resolved or replaced. The best solution is to create a stop-gap measure for modern smart phones which relies on existing infrastructure to create a viable commercial solution to these vexing problems. NAND Technologies will research and develop new methods for mobile network authentication by deeply diving into the complex USIM toolkit that was created by the GMSA to enable mobile money deployments directly from the javaSIMcards also know as Java UICCs or simply Javacards. Without affecting the MNO secure domain, critical to all client account transaction, an established trusted service provider can also use over the air access (OTA) to retrieve data in their designated secure domain. This is the basis for this solution.

H-SB017.1-006
Wearable Chemical Sensor Badge

HSHQDC-17-C-00042 HSHQDC-17-R-00010-H-SB017.1-006-0007-I
(HSHQDC-17-R-00010 Phase I)
Wearable Chemical Sensor Badge

Morphix Technologies
2557 Production Road
Virginia Beach, VA 23454-5286

05/01/2017
to
10/31/2017
$100,000.00

First responders such as law enforcement, fire department and emergency service personnel are subject to hazardous environments, including Toxic Industrial Chemicals (TICs). Protecting first responder and their long term health is a priority of the Department of Homeland Security. The objective of the proposed SBIR project is to develop a wearable chemical sensor badge capable of detecting at least four of the targeted high priority Toxic Industrial Chemicals (TICs). The badge will be designed to be worn by first responders, and will provide a visible and auditory alarm if TICs are present at a dangerous level. To enable everyday use by first responders, the badge will be small, lightweight, low-cost and rugged. In phase 1, Morphix will develop a design for the badge, and will conduct proof-of-concept evaluation of the badge concept in a variety of environmental conditions. Morphix intends to market this wearable badge to federal, state and local law enforcement, emergency medical service and other first responders.

H-SB017.1-006
Wearable Chemical Sensor Badge

70RSAT18C00000007 HSHQDC-17-R-00010-H-SB017.1-006-0007-II
(HSHQDC-17-R-00010 Phase II)
Wearable Chemical Sensor Badge

Morphix Technologies
2557 Production Road
Virginia Beach, VA 23454-5286

04/04/2018
to
04/03/2020
$749,997.00

First responders such as law enforcement, fire department and emergency service personnel are subject to hazardous environments, including Toxic Industrial Chemicals (TICs). Protecting first responders and their long term health is a priority of the Department of Homeland Security. The objective of the proposed SBIR project is to develop a wearable chemical sensor badge capable of detecting at least four of the targeted high priority TICs. The badge will be designed to be worn by first responders, and will provide a visible and auditory alarm if TICs are present at a dangerous level. To enable everyday use by first responders, the badge will be small, lightweight, low-cost and rugged. In phase 1, Morphix developed a design for the badge and successfully conducted a proof of concept evaluation. In phase 2, Morphix will fabricate and evaluate badge prototypes. Morphix intends to market this wearable badge to federal, state and local law enforcement, emergency medical service and other first responders.

H-SB017.1-007
Over-the-air Authentication Technology for Messaging via Emergency Alerts

HSHQDC-17-C-00032 HSHQDC-17-R-00010-H-SB017.1-007-0001-I
(HSHQDC-17-R-00010 Phase I)
AlertPrime: Tokenizing WEA

NAND Technologies Inc
170 Shannon Woods Drive
Front Royal, VA 22630-9212

05/02/2017
to
11/01/2017
$100,000.00

Currently all callerID displays on all cell phones are totally unauthenticated. This means that with the right software or hardware voice spammers can impersonate any corporation, individual or location. Ultimately the solution to this problem is to update the 3GPP standards and require this field to be validated and authenticated. Until that time NAND Technologies proposes to use a combination of techniques already being successfully applied to spam in other areas. The unique adaptions to voice form the basis of this proposal and can serve as an effective stop gap measure until the root cause of the problem is resolved. These methods and the linked applications can also serve as a case study for the needed standards updates.

H-SB017.1-007
Over-the-air Authentication Technology for Messaging via Emergency Alerts

70RSAT18C00000012 HSHQDC-17-R-00010-H-SB017.1-007-0001-II
(HSHQDC-17-R-00010 Phase II)
AlertPrime: Tokenizing WEA

NAND Technologies Inc
170 Shannon Woods Drive
Front Royal, VA 22630-9212

09/18/2018
to
09/17/2020
$749,577.40

In an emergency or other special situation, government agencies can send messages to mobile phones in affected areas using Wireless Emergency Alerts (WEA). The messages might convey life-saving information where it is needed, but vulnerabilities in the underlying mobile networks could allow bad actors to use WEA to send their own messages for harmful purposes. NAND Technologies will research and develop new methods to authenticate WEA messages and give mobile phone users the confidence that the emergency alerts they receive are legitimate, and to give U.S. Government agencies the ability to provide more information than the current system allows.