Print Print  
Award Information
Proposal Number: 0522008
Topic Number: H-SB05.2-004
Phase: Phase II
Organization: AFCO Systems Development Inc
Address: 510 Grumman Road West
Bethpage, NY 11714-3631  
Abstract: The primary objective of this project is to design and develop a rootkit detection system that also has the capability to protect itself. AFCO Systems Development (ASD) proposes to advance the state of system security monitoring technology and meet its objective by developing a PCI card that combines co-processor based firmware, reconfigurable computing and host-based software to provide a comprehensive and extensible platform against such attacks. The proposed solution will be upgradeable in the field by replacement and/or reconfiguration of its firmware, software or hardware (VHDL). An immediate benefit of this research will be the availability of tool for the detection of rootkits that have been maliciously introduced onto Windows platforms. This is accomplished, not by searching for the particular 'signatures' known to be carried by this type of malware, but rather by the examination of operating system internal data structures for any corruption or inconsistency. This more flexible approach will allow the identification of a much wider class of rootkits than previously attainable. An additional benefit of our research efforts is that the (platform independent) algorithms we develop can be ported over to other environments, including new bus (e.g. PCI express) and processor (e.g. VMX) architectures.
Award/Contract Number: NBCHC070061
Period of Performance: 03/08/2007 - 03/07/2009
Award/Contract Value: $750,000.00
Award/Obligated Amount: $750,000.00