The broader impact/commercial potential of this Small Business Innovation Research (SBIR) project is to provide ransomware countermeasures. Commercially available antivirus solutions are not adequate for key critical infrastructures and do not cope with new techniques developed by cybercriminals to evade detection. The proposed project enables private and public organizations to increase protection of sensitive data, reduce data ransom costs, and decrease disruption to operational capabilities. This SBIR Phase I project proposes to explore the feasibility of a new method for continuous pre-attack observation and characterization of the environment and the network. Algorithms validate incoming interactions from the network and evaluate their threat risk by observing and characterizing the built-in commands in the software code. Simultaneously, they validate outgoing interactions assessing the risk for malicious data exfiltration. Tasks include developing a sandbox environment for the deployment and testing of the technology prior to developing needed functionalities. The system will be extensively tested with the most recent attack vectors.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
