SCIT Labs SBIR proposal is in response to the Department of Homeland Security (DHS) Office of Science and Technology call for new approaches to cyber defense using Moving Target Defense (MTD). SCIT Labs' is proposing a set of research tasks to enable organizations to evaluate the viability of MTD defense and the real world requirements for successfully deploying MTD into existing enterprise information systems. SCIT Labs, a George Mason University spin-out, designs, develops and deploys advanced cyber security products and solutions built on patented Self Cleaning Intrusion Tolerance (SCIT) technology. SCIT technology has been successfully deployed to deliver MTD cyber defense capabilities that address the specific issues defined by DHS. SCIT Labs seeks to undertake the research defined here to develop the empirical and quantitative information needed to address how proactive MTD defense can be successfully introduced into existing enterprise system architectures and coexist with current reactive, detection and remediation based cyber defense protocols and technologies. SCIT Labs has built SCITized webservers and DNS servers that exhibit MTD properties - we constantly change the servers that are exposed to the internet. In this proposal, we focus on increasing our system capability by integrating the SCIT servers with reactive systems that are currently deployed for cyber security. We focus on integrating with IDS/IPS, forensics and SIEM subsystems. SCIT approach significantly reduces ex-filtration losses, deletes malware without detecting and reduces the cost of incident management. This approach has application to virtualized environments, including cloud. Current TRL: 6. Project end TRL: 7.
