1 / 7

D.1 Reverse Engineering Detector Software Anti-tampering Toolkit

D.1 Reverse Engineering Detector Software Anti-tampering Toolkit. Develop the RE-detector tool to detect the installation (past or present) and use of known reverse engineering tools on a computer. Number of known reverse engineering tools detected in a host machine using RE-detector.

phila
Télécharger la présentation

D.1 Reverse Engineering Detector Software Anti-tampering Toolkit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. D.1 Reverse Engineering Detector Software Anti-tampering Toolkit Develop the RE-detector tool to detect the installation (past or present) and use of known reverse engineering tools on a computer. Number of known reverse engineering tools detected in a host machine using RE-detector. Performance and memory penalty for using RE-detector. Protect intellectual property in software code. Develop footprints for known reverse engineering tools. Develop an interface so that RE-detector can be integrated into a software system in an unobtrusive and undetectable manner. Develop a method to update RE-detector when new footprints for reverse engineering tools become available. Design, develop, test, and document the core infrastructure of RE-detector. Integrate and test hex editor footprints for winHex and Tsearch into RE-detector. Integrate and test de-compiler footprints for DEC and BJ into RE-detector. Integrate and test disassembler and debugger footprints for IDAPro, OllyDb, Win32Dasm, and Borg into RE-detector. Lockheed Martin ATL indicated interest in participating in this project, including investment of LMCO-ATL IRAD funds

  2. D.2 Software Security Analysis Toolkit void function(int a, int b, int c) { char buffer1[5]; char buffer2[10]; } void main() { function(1,2,3); } Investigate techniques, and implement them as a toolkit, to analyze software in search of security vulnerabilities. pushl $3 pushl $2 pushl $1 call function pushl %ebp movl %esp,%ebp subl $20,%esp Seed software with known security flaws and measure how many flaws are found using the toolkit. Protect critical software from malicious security attacks. Use toolkit in a software security certification process. Research into methods for analyzing software, using static and dynamic analysis, in order to uncover security flaws. Implement several of the above methods as a Software Security Analysis Toolkit. Apply the toolkit to systems that have been infected by known viruses and worms. Apply toolkit to versions of software systems (e.g., CORBA, EJB, DCOM, MS Windows, Linux) that have to documented vulnerabilities. Detect, and potentially repair, stack- and heap-based buffer overflow vulnerabilities. Detect race conditions. Virus and worm software analysis. Detect vulnerabilities in trust management and authentication. Analyze code to identify segments that have to be run under elevated security privileges. (Privilege separation problem) Lockheed Martin ATL indicated interest in participating in this project, including investment of LMCO-ATL IRAD funds

  3. D.3 IPv6 Develop protocol translation techniques to address the scenario where an IP v4 end-user / application would communicate with an IP v6 end-user / application through the Internet, or vice-versa. Eight possible end-host to network to end-host protocol translation scenarios: Demonstration of error free operation of IPv4 end-user/application communicating with an IPv6 end-user/application through the Internet Interoperability of existing software and algorithm libraries Meeting DoD has policy memorandum for transitioning from Internet Protocol version 4 (IPv4) to Internet Protocol version 6 (IPv6) by FY08 For transmission this mini-layer sits between the network layer (layer 3) and the transport layer (layer 4), as shown in the lhs. For reception this mini-layer sits between the data link layer and the network layer, as shown in the rhs. Demonstration and testing with 10th Mountain Division @ Ft. Drum, NY in October 2005 Demonstration and testing with 1MEF at 29 Palms, CA in October 2005 Evaluation, feedback and updates (three spirals) through March 2006 Deploy in the field in Summer 2006 Development of transition mechanisms that do not describe tunneling techniques. The transition mechanism should be self-contained, i.e., not rely on additional client software or middleware, other transition mechanisms, specialized addressing, or Dual Stack Transition Mechanism (DSTM) server, etc.

  4. D.4 Ultrasonic Communication for Through-Armor Networking Demonstrate how ultrasonic communication can enable thru-armor communication to relay wireless signals from inside to outside a tank • Ability to form thru-armor wireless signal relay with ultrasound • Battlefield wireless connectivity in areas previously inaccessible to radio frequency signals Communication from inside to outside of a tank without the need for wired cabling that will disturb the structural integrity of the tank. • Needs discernment • Channel (armor) characterization for ultrasonic penetration • Selection of ultrasonic transducer • Construction and laboratory demonstration of ultrasonic thru-armor link • Prototype and laboratory demonstration of wireless repeater making use of ultrasonic communications • Radio frequency signals cannot penetrate through the armor of a tank and it is undesirable to relay signals with wired links since the structural integrity of the tank will be compromised • Repeaters can be placed on either side of the hull to convert radio frequency signals to ultrasound, relay the signal through the armor, and re-emanate radio frequency on the other side of the link

  5. D.5 Adaptive Spectrum Management and Cognitive Radio Demonstrate how adaptive spectrum management and cognitive radio can enhance next-generation wireless battlefield networks • Increased capacity • Greater network connectivity • Improved resilience to jamming Development of situation/environmental “aware” radios that can adapt voice/data transfers to changing conditions in radio propagation, local regulatory policy, user behaviorial models, and operational requirements • Survey of existing adaptive spectrum management and cognitive radio techniques • Survey of applicable adaptive optimization / control techniques • Radio Knowledge Representation Language report and assessment of applicability to military ad hoc communication networks • Implementation and simulations of adaptive spectrum management and cognitive radio techniques • Cognitive Radio is an emerging area within software defined radio which employs adaptive optimization techniques to dynamically allocate radio spectrum and waveform characteristics in response to environmental/situational conditions. • Radio Knowledge Representation Language (RKRL) provides a “playbook” of techniques that can be used by military ad hoc communication networks

  6. D.6 Frequency Selective Flexible Conformal Antennas Demonstrate conformal antenna arrays fabrication using conducting polymer materials Measure parameters of voice and data transmission using conformal antennas Bandwidth and connectivity quality Power consumption requirements Antenna robustness and lifetime Conformal communication devices Transparent antennas are invisible and can be integrated into existing windows • Repeatability of ink-jet printing process • Hardware integration • Wiring to conducting polymer materials • Long-term environmental breakdown of conducting polymer material • Integration of RLC circuit components with antennas • Ability to print semiconductor & insulating material • Accurate control of resistivity Procedure for ink jet printing organic antennas on non-traditional antenna mounting substrates Prototype organic antennas characterized in terms of near and far-field radiation patterns Demonstration of organic antennas and circuits Study of organic antenna integration into existing and next-generation communication systems (MIMO) Results of field tests on performance of ink-jet fabricated organic circuits on various non-traditional circuit mounting substrates

  7. D.7 Pos/Nav for situational awareness Develop tracking technologies for operations and training purposes, with focus on soldiers operating in dense urban environments (substitute your own picture) Accuracy of performance measurement Capacity and speed of operation Measured improvement in trained soldier performance Virtual reality vs. actual view of a combat training system The training system will consist of three parts: an active transceiver worn by the user, a target neutralization device/mock weapon, and a base unit/target device. When one or more soldiers are within line of sight (LOS) of the target device, the target device will increment a timer for that soldier or group of soldiers until the target is neutralized. Training and performance measurement for Military Operations on Urbanized Terrain (MOUT) situations, including tasks such as securing buildings and close quarter combat Needs Discernment Enhanced Breadboard System Demonstration and Design Review Ergonomic Integration Plan Field Experimentation Field Experimentation Analysis Selection of appropriate modalities (e.g., ultrasound, RF, optical signaling for the solider mock weapon) Cost-effectiveness, ease of installation and use, and versatility. Adaptation to indoor and outdoor combat tasks and ranges. Selection, determination and testing of appropriate testing metrics.

More Related