In Phase I Solidcore Inc developed new techniques for malware identification, by extending existing Solidcore technology (which traps malicious software when it attempts to execute on an end-system) to perform real-time analytics and dissemination of analyses, for both previously known and previously unknown exploits. Phase I efforts focused on three accomplishments:1)Analysis of not only the malicious software itself in situ but also the network packets that delivered the software to the end-system and the protocol payload in which the malware was embedded; 2)Use of the results of the analysis to generate information that can be used by existing conventional network security devices to detect or block network traffic that carries the malicious software; 3) Dissemination of the information to existing security devices that can then use existing mechanisms to filter the malware out of network traffic;We propose to productize these results in a Phase II project that includes matchable funding from our development partner IBM, enabling the use of Fast Track matching funds for Phase II. This proposal describes a work plan for additional technology development and integration with other commercial products as well as development of milestones, productization plans, schedules, and lab and field trails.
