[Kestrel circling]

Home : Current Projects
 

Current Projects

Home

About Kestrel

Research Staff

Current Projects

Project Archive

Publications

Technology Transfer

Career Opportunities

Contact Kestrel
Specware
project page
High-Assurance Java Platform
project page
High-Assurance Java Card Applets
project page
VIBRANCE
The VIBRANCE (= Vulnerabilities In Bytecode Removed by Analysis, Nuanced Confinement, and divErsification) project aims at constructing a tool that automatically hardens Java bytecode to make it resistant to certain classes of vulnerabilities. VIBRANCE uses static and dynamic analysis to find vulnerable code, run-time confinement to prevent exploits of the vulnerable code, and diversification to increase the difficulty of attacks.

This is a collaborative project with CSAIL (MIT) and Kestrel Technology, LLC.

CRASH
High-assurance synthesis of garbage collectors.
Using Software Generation and Repair for Cyber-Defense
The overall objective is to develop applications that dynamically recover with immunity from cyber attacks.

Many cyber attacks require detailed knowledge about how an application works, how it consumes resources (such as memory or CPU), how it interacts with other components in its deployment environment (e.g., the operating system or database engines), and how it interacts with the network. For example, a side-channel attack needs to know (or learn) the correlation between an application's externally visible responses and the private data being sought. Detailed knowledge may be acquired by examining source code, when available, or by profiling the application based on the results of inputs designed to reveal the internal structure of the application.

The objective of this effort is to develop coarse-grained synthetic diversity to continually vary the applications structure and its interactions with its environment and the network, and thus make it much harder for an attacker to acquire detailed knowledge and, should an attack succeed, to limit the damage and to transition to a new variant of the application that is immune to the attack.

This project is sponsored by AFRL.

 

 

- Back to Top -


- Home - About Kestrel - Research Staff - Current Projects - Project Archive -
- Publications - Technology Transfer - Career Opportunities - Contact Kestrel -