PrintPrint

Awards

Topic Information Award/Contract Number Proposal Information Company Performance
Period
Award/Contract
Value
Abstract

H-SB012.1-002
Moving Target Defense

HSHQDC-12-C-00038 DHS SBIR-2012.1-H-SB012.1-002 -0006-I
(DHS SBIR-2012.1 Phase I)
Multi-layer Ever-changing Self-defense Service (MESS)

Endeavor Systems
1420 Spring Hill Rd
Suite 202
McLean , VA 22102-3026

06/01/2012
to
04/30/2013
$149,945.52

IT systems today are static and allow the adversary time to plan and launch attacks. Endeavor proposes to create a Multi-layer, Ever changing, Self-defense Service (MESS) that is both resilient and manageable. MESS significantly hinders an attacker's ability to exploit a target system by removing the static network & system attributes that simplify reconnaissance. It also continuously refreshes the target system to a new virtual instance with a known trusted state and random service attributes. This limited-time-use virtual instance is comprised of a single application and OS combination and significantly reduces system complexity During Phase I, Endeavor will build a prototype demonstrating the operational effectiveness of MESS in defending a web service. We will research the feasibility of secure live handoff of this web service by migrating specific process memory between virtual instances. We will prove that address obfuscation and/or virtual instance randomization through system attribute alteration (memory, credentials, shares, ports, etc.) will offer sufficient moving target defense. Upon successfully completing Phase I, we increase the TRL from 2 to 6. A complete field test ready MESS product will be developed in Phase II. MESS not only allows game changing cyber defense for enterprise systems, but also provides enhanced security to existing cloud computing services by eliminating known risks in virtual infrastructure. Future research could leverage MESS into an adaptive "honey pot" to provide advanced detection of zero day attacks by analyzing the retired image of virtual machine.

H-SB012.1-002
Moving Target Defense

HSHQDC-13-C-00048 DHS SBIR-2012.1-H-SB012.1-002 -0006-II
(DHS SBIR-2012.1 Phase II)
Multi-layer Ever-changing Self-defense Service (MESS)

Endeavor Systems
8300 Greensboro Drive
Suite 950
McLean , VA 22102-3604

05/01/2013
to
07/31/2014
$749,227.95

Today's static IT systems allow adversaries time to plan and launch attacks. Endeavor proposes a Multi-layer, Ever changing, Self-defense Service (MESS) that is resilient and manageable. MESS prevents attackers from exploiting a target system by removing the static network & system attributes that simplify reconnaissance. Continuously refreshing the target system to a new virtual instance with a known trusted state and random service attributes, this limited-time-use virtual instance is comprised of a single application and OS combination and reduces system complexity. During Phase II, Endeavor will develop WebPurify, a DNSSEC-aware application that will build on our successful Phase I MESS prototype. WebPurify focuses on protecting web services, including web content delivery. Today, web security products detect and block attacks by enforcing acceptable use policies, and analyzing web traffic, content, etc. Powered by MESS, WebPurify allows multi-layer protections by deploying public interface obfuscation and live service migration technique. It conceals the public interface from adversaries and enables web services to self-defend and self-recover. WebPurify is a game-changing cyber defense system, not by detecting, but by concealing; not by blocking, but by cleaning. By Phase II completion, WebPurify will handle high traffic volume and multiple simultaneous connections, and be ready for the pilot/field test. Endeavor will work with clients and partners like DHS, Air Force, and McAfee to outline a pilot/field test plan. We'll develop a market plan for SaaS providers who can benefit directly from WebPurify as they have large attack surfaces and extensive virtualized infrastructure.

H-SB012.1-002
Moving Target Defense

HSHQDC-12-C-00027 DHS SBIR-2012.1-H-SB012.1-002 -0026-I
(DHS SBIR-2012.1 Phase I)
Scalable MTD Based on SCIT Technology

SCIT Labs Inc
13834 Springstone Dr
Clifton, VA 20124-2361

06/01/2012
to
12/03/2012
$99,991.20

SCIT Labs SBIR proposal is in response to the Department of Homeland Security (DHS) Office of Science and Technology call for new approaches to cyber defense using Moving Target Defense (MTD). SCIT Labs' is proposing a set of research tasks to enable organizations to evaluate the viability of MTD defense and the real world requirements for successfully deploying MTD into existing enterprise information systems. SCIT Labs, a George Mason University spin-out, designs, develops and deploys advanced cyber security products and solutions built on patented Self Cleaning Intrusion Tolerance (SCIT) technology. SCIT technology has been successfully deployed to deliver MTD cyber defense capabilities that address the specific issues defined by DHS. SCIT Labs seeks to undertake the research defined here to develop the empirical and quantitative information needed to address how proactive MTD defense can be successfully introduced into existing enterprise system architectures and coexist with current reactive, detection and remediation based cyber defense protocols and technologies. SCIT Labs has built SCITized webservers and DNS servers that exhibit MTD properties - we constantly change the servers that are exposed to the internet. In this proposal, we focus on increasing our system capability by integrating the SCIT servers with reactive systems that are currently deployed for cyber security. We focus on integrating with IDS/IPS, forensics and SIEM subsystems. SCIT approach significantly reduces ex-filtration losses, deletes malware without detecting and reduces the cost of incident management. This approach has application to virtualized environments, including cloud. Current TRL: 6. Project end TRL: 7.

H-SB012.1-002
Moving Target Defense

D14PC00224 DHS SBIR-2012.1-H-SB012.1-002-0006-CRPP
(DHS SBIR-2012.1 CRPP)
Multi-layer Ever-changing Self-defense Service (MESS)

Endeavor Systems
8300 Greensboro Drive
Suite 600
McLean , VA 22102-3604

09/20/2014
to
10/05/2015
$99,994.91

Today's static IT systems allow adversaries time to plan and launch attacks. Endeavor proposes a Multi-layer, Ever changing, Self-defense Service (MESS) that is resilient and manageable. MESS prevents attackers from exploiting a target system by removing the static network & system attributes that simplify reconnaissance. Continuously refreshing the target system to a new virtual instance with a known trusted state and random service attributes, this limited-time-use virtual instance is comprised of a single application and OS combination and reduces system complexity. During Phase II, Endeavor will develop an application that will build on our successful Phase I MESS prototype. This application focuses on protecting web services, including web content delivery. Today, web security products detect and block attacks by enforcing acceptable use policies, and analyzing web traffic, content, etc. Powered by MESS allows multi-layer protections by deploying public interface obfuscation and live service migration technique. It conceals the public interface from adversaries and enables web services to self-defend and self-recover. application is a game-changing cyber defense system, not by detecting, but by concealing; not by blocking, but by cleaning. By Phase II completion, application will handle high traffic volume and multiple simultaneous connections, and be ready for the pilot/field test. Endeavor will work with clients and partners like DHS, Air Force, and McAfee to outline a pilot/field test plan. We'll develop a market plan for SaaS providers who can benefit directly from application as they have large attack surfaces and extensive virtualized infrastructure.

H-SB012.1-004
Firearms and Ammunition Test Equipment

HSHQDC-12-C-00035 DHS SBIR-2012.1-H-SB012.1-004-0009-I
(DHS SBIR-2012.1 Phase I)
Realistic Firing Fixture

Adaptive Technologies, Inc.
2020 Kraft Drive
Suite 3040
Blacksburg, VA 24060-6569

06/01/2012
to
01/15/2013
$99,922.57

The proposed project will result in an anthropometrically realistic and viable simulator for the testing, evaluation, and validation of firearms and associated ammunition. The approach being taken to achieve the end device is to capture both the active and reactive system loads and dynamics of both the weapon system and the human tester. These data, along with their temporal inter-dependencies, will be analyzed using high fidelity modeling, empirical data collection, and high speed visual motion capture technologies to ensure the systems interface between the firearm and the electro-mechanical human firing system analog represent the realistic, time-dependent responses experienced by human testers. The TRL-4 high fidelity model resulting from the Phase I effort will be validated with real user loads and dynamics and will serve as the basis for generating the operational and design specification for the Phase II development effort. After the virtual model is refined using additional data during Phase II, a physical device will be designed, constructed, and validated against human testers. It is anticipated that the outcome of Phase II will be a TRL-8 device tailored for use by NFTTU. The Phase II device will enter service at the end of Phase II as the initial step toward final product transition to TRL-9.