You are here

DACET: Data Acquisition through Compositional Executable Transformations

Award Information
Agency: Department of Defense
Branch: Navy
Contract: N00014-11-M-0242
Agency Tracking Number: N111-081-0610
Amount: $79,770.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: N111-081
Solicitation Number: 2011.1
Timeline
Solicitation Year: 2011
Award Year: 2011
Award Start Date (Proposal Award Date): 2011-05-09
Award End Date (Contract End Date): N/A
Small Business Information
421 SW Sixth Suite 300
Portland, OR -
United States
DUNS: 098009918
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Mark Tullsen
 Principle Investigator
 (503) 626-6616
 tullsen@galois.com
Business Contact
 Jodee LeRoux
Title: Contracts
Phone: (503) 808-7209
Email: jodee@galois.com
Research Institution
 Stub
Abstract

Low-overhead, real-time data acquisition of executing software is the last line of defense against malicious cyber attacks. A monitoring approach cannot depend on access to source code, as the code may be proprietary and recompilation is too time-intensive. Rather, we propose to monitor the binary executables themselves. Our solution is called DACET: Data Acquisition through Compositional Executable Transformations. DACET is a framework for composing monitoring specifications. DACET instruments binaries at load-time (or earlier) with monitors. The monitors are specified by a monitoring policy. A novel aspect of DACET is that it transforms binaries into LLVM (Low Level Virtual Machine) code, a high-level typed architecture-independent assembly language. The monitors are instrumented into the LLVM, and then machine code is re-generated. LLVM already has associated with it numerous open-source static and dynamic analysis tools and generates highly-optimized machine code. Furthermore, DACET will include a static execution time predictor to help the user determine the performance penalty of implementing the monitoring policy. DACET is a software-only tool with no hardware dependencies but can be made more efficient with hardware extensions.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government