Research Summaries

Back VET Control Teams

Fiscal Year 2014
Division Graduate School of Engineering & Applied Science
Department Electrical & Computer Engineering
Investigator(s) McEachen, II, John C.
Brown, Nathan D.
Sponsor Defense Advanced Research Projects Agency (DoD)
Summary NPS will form and prepare teams that will participate in VET engagements as described. The objective for NPS participation is to assist in producing a baseline for determining what currently available software and existing manpower can accomplish relative to the new systems delivered by the VET performer R&D teams.
The VET program consists of several technical areas (TA), two of which are relevant to this proposal. The objective of Technical Area 1 (TA1) is to define malice. Specifically, given a sample device, produce a prioritized checklist of software and firmware components to examine and broad classes of hidden malicious functionality to rule out. The objective of Technical Area 2 (TA2) is to confirm the absence of malice. Specifically, given a checklist of software and firmware components to examine and broad classes of hidden malicious functionality to rule out, demonstrate the absence of those broad classes of hidden malicious functionality.
The platforms under consideration for this phase of the VET program are the Linksys WRT54GL wireless access point, the Gumstix Firestorm COM on Tobi expansion board, and the NetFPGA Network Interface Card. NPS will provide TA1 control teams for producing checklists of the Gumstix and NetFPGA NIC and will provide TA2 teams for evaluating checklists of all three platforms.
This work will require the NPS teams to evaluate and document the amount of time needed to configure application experiments and perform the analysis required. Team members will be asked to use various software applications to identify malice in the noted systems, document and analysis the location of the related malice, associated trigger events, and the effects of produced. NPS teams will identify the actions and/or methodologies employed to produce checklists or discover the malicious functionality, document how the technologies used by the team helped in the analysis of the systems, and report on lessons learned.
Keywords
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal