Georgia Tech Procurement Assistance Center

  • Home
  • About Us
  • Training
    • Class Registration
    • On-demand Training
  • Useful Links
  • Team Directory
    • Albany Counselor
    • Atlanta Counselors
    • Augusta Counselor
    • Carrollton Counselor
    • Columbus Counselor
    • Gainesville Counselor
    • Savannah Counselor
    • Warner Robins Counselor
  • Directions
    • Atlanta – Training Facility
    • Atlanta – Office
    • Albany
    • Augusta
    • Carrollton
    • Columbus
    • Gainesville
    • Savannah
    • Warner Robins
  • New Client Application
  • Contact Us

Georgia Tech researchers awarded $7.5 million from ONR for secure stack

January 30, 2018 By Nancy Cleveland

A team of Georgia Tech researchers from the School of Computer Science (SCS) has been awarded $7.5 million from the Office of Naval Research to develop a customized attack-resistant software stack.

SCS Assistant Professor Bill Harris is the principal investigator on the project and is collaborating with Professors Wenke Lee and Alessandro Orso, Associate Professor Santosh Pande, and Assistant Professor Taesoo Kim.

The researchers are working on a technique for reducing what’s known as the attack surface, the total number of ways in which a program can be vulnerable to exploit. Most general-purpose software includes code that not every user needs, and unused code can create an opportunity for exploit for an attacker. Through this research, users will be able to run software in which unneeded code is removed, thus decreasing the vulnerability of the programs they use.

Lee compares the project to a house. “When you build a house, you only really need one door, but the house may still have multiple doors. The number of doors increases the opportunity to break in,” Lee said. “If you only have one door, your house is more secure.”

In order to do this, the researchers are looking at the full stack of software systems, including applications, operating systems, and possibly Internet of Things devices. They are planning to use static and dynamic analysis techniques to determine which pathways through the system different users need. Each researcher has a specific area of expertise:

  • Pande’s focus on compilers will help determine what essential code must be loaded for each user during application execution.
  • Harris’s expertise with static analysis will provide guarantees that the software maintains its integrity despite removed code.
  • Orso will use dynamic analysis and testing techniques to confirm the modified system still functions as expected.
  • Kim will use his expertise in systems to determine which modules can be removed from the operating system without compromising its functionality.
  • Lee will focus on the aspects related to security and use his expertise to analyze and experiment with malware.

Overall, the five researchers have the set of complementary skills needed for the project to be successful. Over the five-year life of the grant, the researchers expect to develop a series of approaches for reducing attack surface that anyone can use on complex systems, as well on low-level code.

“Going back to the house metaphor, the problem is that different people want to use different doors,” Orso says. “Our research will allow users to customize the house for each person so that it contains only the door that person needs.”

Source: http://www.news.gatech.edu/2018/01/12/georgia-tech-researchers-awarded-75-million-office-naval-research-secure-stack

Filed Under: Georgia Tech News Tagged With: code, Georgia Tech, Office of Naval Research, ONR, secure stack, software

Recent Posts

  • Contractors must update EEO poster
  • SBA scorecard shows federal government continues to prioritize small business contracting
  • The risk of organizational conflicts of interest
  • The gap widens between COFC and GAO on late is late rule
  • OMB releases guidance related to small business goals

Popular Topics

8(a) abuse Army bid protest budget budget cuts certification construction contract awards contracting opportunities cybersecurity DoD DOJ False Claims Act FAR federal contracting federal contracts fraud GAO Georgia Tech government contracting government contract training government trends GSA GSA Schedule GTPAC HUBZone innovation IT Justice Dept. marketing NDAA OMB SBA SDVOSB set-aside small business small business goals spending subcontracting technology VA veteran owned business VOSB wosb

Contracting News

SBA scorecard shows federal government continues to prioritize small business contracting

OMB releases guidance related to small business goals

OMB issues guidance on impact of injunction on government contractor vaccine mandate

Changes coming to DOD’s Cybersecurity Maturity Model Certification under CMMC 2.0

Judge issues nationwide injunction halting enforcement of COVID-19 vaccine mandate

Read More

Contracting Tips

Contractors must update EEO poster

The risk of organizational conflicts of interest

The gap widens between COFC and GAO on late is late rule

Are verbal agreements good enough for government contractors?

CMMC 2.0 simplifies requirements but raises risks for government contractors

Read More

GTPAC News

VA direct access program events in 2022

Sandia National Laboratories seeks small business suppliers

Navy OSBP hosting DCAA overview (part 2) event Jan. 12, 2022

Navy OSBP hosting cybersecurity “ask me anything” event Dec. 16th

State of Georgia hosting supplier systems training on January 26, 2022

Read More

Georgia Tech News

Undergraduate enrollment growth reflects inclusive excellence

Georgia Tech delivers $4 billion in economic impact to the State of Georgia

Georgia Tech awards first round of seed grants to support team-based research

Georgia Tech announces inaugural Associate Vice President of Corporate Engagement

DoD funds Georgia Tech to enhance U.S. hypersonics capabilities

Read More

  • SAM.gov registration is free, and help with SAM is free, too
APTAC RSS Twitter GTPAC - 30th Year of Service

Copyright © 2023 · Georgia Tech - Enterprise Innovation Institute