Topic Information Award/Contract Number Proposal Information Company Performance

Moving Target Defense

HSHQDC-12-C-00038 DHS SBIR-2012.1-H-SB012.1-002 -0006-I
(DHS SBIR-2012.1 Phase I)
Multi-layer Ever-changing Self-defense Service (MESS)

Endeavor Systems
1420 Spring Hill Rd
Suite 202
McLean , VA 22102-3026


IT systems today are static and allow the adversary time to plan and launch attacks. Endeavor proposes to create a Multi-layer, Ever changing, Self-defense Service (MESS) that is both resilient and manageable. MESS significantly hinders an attacker's ability to exploit a target system by removing the static network & system attributes that simplify reconnaissance. It also continuously refreshes the target system to a new virtual instance with a known trusted state and random service attributes. This limited-time-use virtual instance is comprised of a single application and OS combination and significantly reduces system complexity During Phase I, Endeavor will build a prototype demonstrating the operational effectiveness of MESS in defending a web service. We will research the feasibility of secure live handoff of this web service by migrating specific process memory between virtual instances. We will prove that address obfuscation and/or virtual instance randomization through system attribute alteration (memory, credentials, shares, ports, etc.) will offer sufficient moving target defense. Upon successfully completing Phase I, we increase the TRL from 2 to 6. A complete field test ready MESS product will be developed in Phase II. MESS not only allows game changing cyber defense for enterprise systems, but also provides enhanced security to existing cloud computing services by eliminating known risks in virtual infrastructure. Future research could leverage MESS into an adaptive "honey pot" to provide advanced detection of zero day attacks by analyzing the retired image of virtual machine.

Moving Target Defense

HSHQDC-12-C-00027 DHS SBIR-2012.1-H-SB012.1-002 -0026-I
(DHS SBIR-2012.1 Phase I)
Scalable MTD Based on SCIT Technology

SCIT Labs Inc
13834 Springstone Dr
Clifton, VA 20124-2361


SCIT Labs SBIR proposal is in response to the Department of Homeland Security (DHS) Office of Science and Technology call for new approaches to cyber defense using Moving Target Defense (MTD). SCIT Labs' is proposing a set of research tasks to enable organizations to evaluate the viability of MTD defense and the real world requirements for successfully deploying MTD into existing enterprise information systems. SCIT Labs, a George Mason University spin-out, designs, develops and deploys advanced cyber security products and solutions built on patented Self Cleaning Intrusion Tolerance (SCIT) technology. SCIT technology has been successfully deployed to deliver MTD cyber defense capabilities that address the specific issues defined by DHS. SCIT Labs seeks to undertake the research defined here to develop the empirical and quantitative information needed to address how proactive MTD defense can be successfully introduced into existing enterprise system architectures and coexist with current reactive, detection and remediation based cyber defense protocols and technologies. SCIT Labs has built SCITized webservers and DNS servers that exhibit MTD properties - we constantly change the servers that are exposed to the internet. In this proposal, we focus on increasing our system capability by integrating the SCIT servers with reactive systems that are currently deployed for cyber security. We focus on integrating with IDS/IPS, forensics and SIEM subsystems. SCIT approach significantly reduces ex-filtration losses, deletes malware without detecting and reduces the cost of incident management. This approach has application to virtualized environments, including cloud. Current TRL: 6. Project end TRL: 7.

Firearms and Ammunition Test Equipment

HSHQDC-12-C-00035 DHS SBIR-2012.1-H-SB012.1-004-0009-I
(DHS SBIR-2012.1 Phase I)
Realistic Firing Fixture

Adaptive Technologies, Inc.
2020 Kraft Drive
Suite 3040
Blacksburg, VA 24060-6569


The proposed project will result in an anthropometrically realistic and viable simulator for the testing, evaluation, and validation of firearms and associated ammunition. The approach being taken to achieve the end device is to capture both the active and reactive system loads and dynamics of both the weapon system and the human tester. These data, along with their temporal inter-dependencies, will be analyzed using high fidelity modeling, empirical data collection, and high speed visual motion capture technologies to ensure the systems interface between the firearm and the electro-mechanical human firing system analog represent the realistic, time-dependent responses experienced by human testers. The TRL-4 high fidelity model resulting from the Phase I effort will be validated with real user loads and dynamics and will serve as the basis for generating the operational and design specification for the Phase II development effort. After the virtual model is refined using additional data during Phase II, a physical device will be designed, constructed, and validated against human testers. It is anticipated that the outcome of Phase II will be a TRL-8 device tailored for use by NFTTU. The Phase II device will enter service at the end of Phase II as the initial step toward final product transition to TRL-9.