Intelligent Automation, Inc.
<
 
Home>News>2015>IAI to develop Binary code Randomization Engine for Attack Sensitive Software for the Navy

IAI to develop Binary code Randomization Engine for Attack Sensitive Software for the Navy

Successful cyber-attacks against critical systems are becoming more common. Most solutions focus on achieving resiliency and survivability, allowing software to continue working in a degraded or compromised state after a cyber-attack. However, specific mission requirements for some critical cyber systems make it preferable for the mission software to fail or crash as quickly as possible after a successful cyber-attack. To achieve this objective, IAI will develop the Binary code Randomization for Attack Sensitive Software (BRASS). The key innovation is developing an architecture that offers transparent and automatic binary code diversification to guarantee that a generated binary software variance would crash quickly and consistently after faults introduced from a Return Oriented Programming (ROP) attack. BRASS will automatically apply novel binary code randomization and transformation techniques to achieve this “fast-crash” property for prompt software termination when faced with successful ROP-based exploitation attacks. BRASS works in two phases: a static phase that forms a randomized target binary; and a load-time phase that randomizes the binary by reordering its instructions each time it starts. BRASS will not require source code, and will be compatible with existing or legacy software. It provides a proof of functional equivalence for all software variants generated using BRASS’ binary transformation method. Each generated variant maintains the same level of robustness as the original program under normal conditions. BRASS provides the level of diversification sufficient to guarantee such that the attack that succeeded in a single variant will crash in other variants.

About IAI:
Intelligent Automation, Inc. (IAI) is a technology innovation company headquartered in Rockville, MD. We specialize in providing advanced technology solutions and R&D services to federal agencies, and corporations throughout the United States and internationally. Leveraging agile R&D processes, a multi-disciplinary collaborative environment, and its substantial intellectual property portfolio, IAI excels in developing concepts into market-focused products and customer-driven solutions. IAI’s core R&D areas include: Air Traffic Management, Big Data and Social Media Analytics, Control and Signal Processing, Cyber Security, Education and Training Technologies, Health Technologies, Modeling and Simulation, Networks and Communications, Robotics, and Sensor Systems. For more information on IAI, please visit www.i-a-i.com.

Latest News
© 2008-2016 Intelligent Automation, Inc. | 15400 Calhoun Drive, Suite 190, Rockville, MD 20855 | Phone: 301 294 5200 | Fax: 301 294 5201