SBIR-STTR Award

We propose to develop ROC2 to protect software from reverse engineering or compromise by automatically inserting strong Protect/Detect/React functionality into binaries by obfuscating executables, providing randomly different variants of the same binary, and permitting the software only to run on the target site, all without performance penalty or knowledge of source code. ROC2 extends the Random Obfuscating Compiler (ROC1) we previously developed for OSD/AFRL, to protect IP from adversaries with root privileges, the one class of adversary who could conceivably defeat ROC1. The US is at war. Our adversaries continually strive to reverse engineer critical software to eliminate our technological edge. We think ROC2 is feasible now. Fred Smith, PI, was PI on ROC1, which we demoed successfully for AFRL in November 2003. Dr. George Markowsky, chairman of the University of Maine Computer Science Department, will contribute extensive Beowulf computing facilities and expertise in LINUX and UNIX. We will design and build a prototype ROC2 that proves feasibility when tested on Beowulf clusters, then perform security penetration attack analysis to determine ROC2's effectiveness. Testing our ROC2 prototype in the HPC environment will provide a sound basis for developing a complete prototype toolset in Phase II.

Keywords:
SOFTWARE PROTECTION INITIATIVE,PROTECT/DETECT/REACT FUNCTIONALITY,AUTOMATED SOFTWARE PROTECTION TOOL,REVERSE ENGINEERING DEFENSE,DEFENSE AGAINST ROOT ATTACKS,OBFUSCATED EXECUT

Our Random Obfuscating Compiler2 (“ROC2”) automated toolset will protect DoD HPC executables running on Beowulf clusters from reverse engineering or compromise. Preliminary DoD HPC research is often conducted on university Beowulfs, which are also used by unscreened researchers and students. The US is engaged in an arms race and must protect valuable IP. A ROC2 toolset is feasible now. Phase I demonstrated that ROC2 works on a 5-node Beowulf without performance penalty. At our August, 2005 demo, the control machine ran on a computer in Massachusetts and enabled automatic protection of executables running on a Beowulf in Maine. In Phase l we developed and partially prototyped a defense against root. Our team--Fred Smith, PI and PI on a ROC1 SBIR, and Dr. George Markowsky of the UMaine Computer Science Department –has the expertise. In Phase ll we will scale up to 400-550 nodes, enhance the root defense, interview users, deliver prototypes, and test extensively, including a red team effort. Dr. Markowsky will establish a center to research potential threats and continually update ROC2. Phase II will deliver a powerful and streamlined toolset for the DoD High Performance Computing Modernization Program (HPCMP) to protect critical HPC research on university Beowulfs.

Keywords:
random obfuscating compiler, reverse engineering, automated software toolset, Beowulf, orthogonal authentication, root defense, High Performance Compu