Grant Awarded to Develop Deep Computer Defense
With the proper precautions, average computer users can protect themselves from most malware, but even the most vigilant user can still be attacked. Just as defenses have improved, so too have the attacks with some going as deep as targeting the system kernel. Researchers at the University of Texas at Dallas have recently been awarded a grant from the US Air Force to develop a new defense framework to protect against those attacks.
Kernels are one of the most fundamental and important parts of a computer, as they manage the input/output requests software makes of the hardware. It is somewhat obvious then why malicious code would try to attack it. The plan the researchers have is to create a holistic defense framework that will be able to analyze binary code and identify benign code sequences and behaviors. Specifically it will be hunting for invariants, as there are enough to indicate if a system has been compromised, based on if they have been violated. This will occur at the hypervisor later, which is deeper than most modern defense systems.
The Young Investigator Research Program, which is the grant's source, will provide up to $360,000 over three years. When the research is completed, because of the fundamental approach the researchers are using, the computer defense system should be able to run regardless of operating system.
Source: University of Texas at Dallas