You are now leaving the DARPA.mil website that is under the control and management of DARPA. The appearance of hyperlinks does not constitute endorsement by DARPA of non-U.S. Government sites or the information, products, or services contained therein. Although DARPA may or may not use these sites as additional distribution channels for Department of Defense information, it does not exercise editorial control over all of the information that you may find at these locations. Such links are provided consistent with the stated purpose of this website.
After reading this message, click to continue immediately.
The Cyber Fast Track (CFT) program sought revolutionary advances in cyber science, devices, and systems through low-cost, quick-turnaround projects. To achieve this, CFT engaged a novel performer base many of whom were new to government contracting. From August 2011 to April 2013 the program attracted 550 proposal submissions, of which 90 percent were from performers that had never previously worked with the government, and awarded 135 contracts.
Program Manager: Mr. Richard Guidorizzi
Contact: richard.guidorizzi@darpa.mil
The content below has been generated by organizations that are partially funded by DARPA; the views and conclusions contained therein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA or the U.S. Government.
Report a problem: opencatalog@darpa.mil
Last updated: November 13, 2015
Team | Project | Category | Code | Description | License |
---|---|---|---|---|---|
Rogue Networks | Methods for detecting malicious web server traffic | Software | CFTdata@darpa.mil | Monitors HTTP traffic for indications of attempted script injection by monitoring various meta data about HTTP sessions. Also stores malicious activity events in an external IP reputation-based scoring system, allowing member organizations to share threat information. | GPR |
Immunity Federal Services, LLC | Combining Expert Knowledge and Symbolic | Software | CFTdata@darpa.mil | A system that uses human-assisted automated techniques to accurately and quickly find exploitable vulnerabilities in Windows Drivers using a static code analysis prototype. | GPR |
Dr. Charlie Miller | Risk and Vulnerability Assessment of Near Field Communication in Smartphones | Software | CFTdata@darpa.mil | Risk and Vulnerability Assessment of Near Field Communication (NFC) in Smartphones via an automated test framework. | GPR |
Secure Ideas, LLC | MobiSec Live Environment Mobile Testing Framework | Software | CFTdata@darpa.mil | A live, Linux-based testing environment that is preconfigured and installed with all the tools and configurations needed to perform security assessments and testing of mobile platforms. | GPR |
Assured Information Security, Inc. | MoRE: Measurement of Dynamic Code: MoRE (Measurement of Running Executable) | Software | CFTdata@darpa.mil | Determines whether an application or system kernel has been modified by an attacker by performing integrity checks of applications executing in memory using a custom Windows Page Fault Handler or VMX hypervisor. | GPR |
Peak Security, Inc. | TinyLANE - Mobile Hardware Endpoint Security for Individuals | Firmware | CFTdata@darpa.mil | A hand-held device that provides secure point-to-point communications and offers the user anonymous Internet access through the TOR framework. | GPR |
Strategic Cyber | Cortana: A Language to Control and Automate Cyber Capabilities | Software | CFTdata@darpa.mil | A domain-specific language that empowers users to automate, customize and extend the Metasploit and Armitage toolset -- enabling security evaluation and validation of defensive measures of an organization. | GPR |
Digital Operatives | Subversive Storage | Firmware | CFTdata@darpa.mil | A Mass Storage Device (MSD) controller that cannot be imaged via standard forensic techniques, can detect the host Operating System, and alter data in transit to the host. | GPR |
Critical Assets Labs | Proposal for PIN Pad Defender Development | Firmware | CFTdata@darpa.mil | A device that detects physical skimming attacks on ATM machines through the use of HD video and Infrared sensors. | GPR |
Peripety Labs | Securing programs by automated detection and correction of vulnerabilities | Software | CFTdata@darpa.mil | A software tool that automatically detects and corrects security vulnerabilities in C/C++ programs (especially those that are integer-related). | GPR |
Duo Security | Practical Vulnerability Assessment on Consumer Mobile Devices | Software | CFTdata@darpa.mil | A Vulnerability Assessment Framework for smart phones consisting of a mobile application and a cloud service. | GPR |
Thoughtcrime Labs | Convergence: A secure, agile, distributed replacement for Certificate Authorities | Software | CFTdata@darpa.mil | A secure, agile, distributed replacement for the Certificate Authority system using numerous Notaries to create a configurable quorum, asserting the site's identity. | GPR |
Galois, Inc. | CyberChaff: Using Distraction for Network Protection | Software | CFTdata@darpa.mil | An environment consisting of hundreds of virtual machines that will defend against cyber attacks. Cyberchaff will consist of lightweight virtualized targets that will delay and confuse attackers from their intended target and act as an Early Detection System. | GPR |
Deja vu Security | Hungarian Ham | Software | CFTdata@darpa.mil | A source code monitoring and filtration system designed to mine source-code commit history and detect malicious code check-ins to source repositories masked as an authorized developer. | GPR |
Exception Technologies, LLC | Reuse Oriented Obfuscation | Software | CFTdata@darpa.mil | An obfuscation technique based on the concept of gadgets and return-and jump-oriented programming techniques, thwarting attempts to reverse engineer applications by transforming them into a series of linked together gadgets executed in a runtime environment. | GPR |
GoToTheBoard | GPU Assisted Malware Detection for Mobile Devices | Software | CFTdata@darpa.mil | Leverages the graphics processor unit (GPU) for detecting malicious attacks and creates a GPU-Assisted Malware Detector for Mobile Devices. | GPR |
Subreption, LLC | Proactive defenses for operating system dynamic memory allocators | Software | CFTdata@darpa.mil | Provides the design and development of a solid set of security mitigations for dynamic memory allocators, applied to protect operating systems and software internals against exploitation of unknown and known vulnerabilities. | GPR |
Digital Operatives | Process Attribution In Network Traffic (PAINT) | Software | CFTdata@darpa.mil | A network packet analysis capability built upon Wireshark that enables malware threat detection and advanced malware analysis by inking packets sent and received to the source and destination application. | GPR |
Selective Intellect, LLC | Firecracker: Framework for Vulnerability Assessment of Systems with High End GPUs | Software | CFTdata@darpa.mil | A GPU-based cryptovirus framework that performs attacker-centric threat modeling. | GPR |
SecureIT Consulting Group, Inc. | Needle in a Stack of PINs - An ARM Instrumentation Framework for the Embedded Generation | Software | CFTdata@darpa.mil | An open-source tool kit for leveraging the principles and capabilities of dynamic analysis, including performance monitoring, error diagnosing, and stack trace logging. | GPR |
Malice Afterthought | Reticle: Leaderless Command and Control | Software | CFTdata@darpa.mil | A command, control, and communications (C3) platform for very-low-cost computers to receive tasking, exchange data, and change missions on the fly. | GPR |
Robert Seger | Hatchet | Software | CFTdata@darpa.mil | An easy to use tool that allows for exploration and manipulation of the low level details of an operating system including event handling and kernel interfacing without having specialized knowledge of the operating system. | GPR |
ReversingLabs | FDF - File Disinfection Framework | Software | CFTdata@darpa.mil | An advanced virtual machine for polymorphic malware disinfection. It will enable dynamic binary analysis on top of a static analysis framework by giving developers full control over detection, disinfection and repair of affected files. | GPR |
Dan Farmer | Sealing and Testing Virtual Systems | Software | CFTdata@darpa.mil | This project will provide an automated security testing sandbox for virtual systems. Target Practice (TP) will integrate and leverage four security tools; NMAP, Nessus, MetaSploit, and Bastille, to provide testing of virtual machines. | GPR |
Narf Industries, LLC | Private Information Retrieval for Network Monitoring | Software | CFTdata@darpa.mil | A secure network monitoring and alerting system, Enciphered Observation Network (EON), more completely protecting the confidentiality of signatures and the alerts generated on a remote sensor in an untrusted environment. | GPR |
Bulb Security, LLC | Smartphone Penetration Testing Framework | Software | CFTdata@darpa.mil | A Smartphone Penetration testing framework which will allow users to assess the security of mobile devices. This project offers the development and deployment of agents for post exploitation remote control, information gathering, and privilege escalation. | GPR |
Pwnie Express | The Power Strip Backdoor | Firmware | CFTdata@darpa.mil | Testing tool that provides secure remote access to target networks through a variety of covert TCP/IP channels, or via 3G/GSM cellular wherever available. | GPR |
Great Scott Gadgets | HackRF: A Low Cost Software Defined Radio Platform | Software | CFTdata@darpa.mil | An open-source low-cost Software Defined Radio (SDR) transceiver platform that allows a single piece of equipment to implement virtually any wireless technology (WiFi, Bluetooth, GSM, ZigBee, etc.). | GPR |
Hidden Layer, LLC | A Machine Learning Approach for Source Code Vulnerability Detection | Software | CFTdata@darpa.mil | An application of supervised machine learning to automatically detect attack surfaces, or vulnerabilities, in source code for C programs. | GPR |
Five Directions, Inc. | Semantic Visualization of Security Data | Software | CFTdata@darpa.mil | A semantic ontology, framework, and browser for managing security data and providing results superior to traditional SIEM and log correlation. | GPR |
Least Authority Enterprises | Redundant Array of Independent Clouds | Software | CFTdata@darpa.mil | A system for provider-independent security across several commodity cloud data storage services accessible via a common web interface. | GPR |
Recursion Ventures | Impact of EM Injection on Digital Imaging Technologies | Study | CFTdata@darpa.mil | A study identifying potential vulnerabilities in digital imaging technologies including CCD (charge-coupled device) and APS (active-pixel sensor). | GPR |
Step Three Research | ASLRx, a Defense Against Remote Code Execution Vulnerabilities | Software | CFTdata@darpa.mil | A prototype ASLRx, an OS-patch extension of ASLR to defend against all types of remote code execution vulnerabilities. | GPR |
RST Professional Services, LLC | Defensive Live-Response Capabilities with MetaSploit | Software | CFTdata@darpa.mil | Leverages tools often used by attackers, such as Metasploit, for rapid file-system analysis in support of discovering and understanding unknown malicious code. | GPR |
Stealth Software Technologies, Inc. | Secure Two-Party Satellite Collisions Checking (SETSAT) | Firmware | CFTdata@darpa.mil | A design for the implementation, testing, and demonstration of a secure two-party satellite collision checking system. | GPR |
Digital Forensics Solutions, LLC | Forensic Capabilities for Embedded Files Systems | Software | CFTdata@darpa.mil | Forensic tool which explores properties of flash file systems to determine which artifacts correlate to file system activities and how long deleted data stays present in these file systems. Includes a library which can be easily integrated into currently existing tools. | GPR |
HellaSec, LLC | Beer Garden: Reversing the Asymmetry of High-Density Attacks | Software | CFTdata@darpa.mil | Defends net-centric web applications from zero-day high-density attacks through the use of admission control and worker process management. | GPR |
The Honeynet Project | Web Application Honeypot | Software | CFTdata@darpa.mil | Generates an extensible attack surface to adversaries who are attempting to gain unauthorized access to computer systems and data that allows the defender to identify malicious requests and gather and report detailed information on possible threats. | GPR |
Microtask, Ltd. | Proposal to Develop Split Field Processing Technology | Software | CFTdata@darpa.mil | A new type of document data protection that captures sensitive data from documents and separates individual fields of information into fragments that are transmitted securely, which greatly reduces the risk of compromise. | GPR |
Cody Nicewanner | Censoring the Pointer | Software | CFTdata@darpa.mil | Targets zero-day threats by nullifying an exploit's ability to execute its shell code. It fills the gap between ASLR and DEP by preventing non-executable scripts from dynamically locating system structures which are needed to properly execute an exploit. | GPR |
Trail of Bits | Using Concolic Execution To Measure A Program's Susceptibility to Code-Reuse Attacks | Software | CFTdata@darpa.mil | Develops a system to measure a program's susceptibility to code-reuse ROP exploits. The system accepts a collection of program modules as input and presents a score of the re-usability of that set of modules as output. | GPR |
Red Balloon Security | FRAK: Firmware Reverse Analysis Konsole (FRAK) | Software | CFTdata@darpa.mil | General framework for unpacking, analyzing, modifying, and repacking the firmware images of arbitrary proprietary embedded devices. | GPR |
Digital Forensics Solutions, LLC | Automatically Generated Regular Expression- Based Signatures for File Carving | Software | CFTdata@darpa.mil | File carving is used to recover files which are no longer accessible, whether due to deletion, file system corruption, or drive re-formatting. This project proposes a new method of file carving to mitigate the inherent limitations of existing tools. | GPR |
Armatum Networks | Full Spectrum Intrusion Detection | Software | CFTdata@darpa.mil | Analysis and visualization of HTTP and HTTPS traffic at the network perimeter to identify traffic consistent with malware Command and Control (C2) channel characteristics. | GPR |
Capitol Hill Consultants, LLC | M2M Risk Assessment Project (MRAP) | Software | CFTdata@darpa.mil | Evaluates the current M2M threat surface and identifies common security weaknesses that may lead to unacceptable risks in embedded systems and critical infrastructure. | GPR |
Security Works, LLC | Defending the Hypervisor | Software | CFTdata@darpa.mil | Provides a framework for testing the various interfaces between Virtual Machines (VM) and the underlying virtualization layer (i.e., Hypervisor) on the physical host. | GPR |
SecureIT Consulting Group, Inc. | Poor Man's Control Flow Integrity (PMCFI) | Software | CFTdata@darpa.mil | Establishes legitimate execution paths at the function level and aborts execution if attempts are made to modify flow. | GPR |
Safely, Inc. | Secure Surrogate Cloud Browsing | Software | CFTdata@darpa.mil | This project provides a system that offloads vulnerability prone operations, such as JavaScript execution and image parsing, from client browsers to surrogate browsers running in the cloud. | GPR |
215LAB LLC | Netoko | Software | CFTdata@darpa.mil | This is a a cloud-based ecosystem for developing network security applications. | GPR |
Secure Ideas, LLC | Securing HTML5 Assessment Resource Kit (SHARK) | Software | CFTdata@darpa.mil | Researches and identifies potentially vulnerable HTML5 features and develops filtering rules that can be used by open source security products as an effective countermeasure against browser attacks. | GPR |
AcceSys Technology | SCATEboard - Side Channel Attack Test Evaluation Board | Software | CFTdata@darpa.mil | Provides a hardware platform to evaluate cryptographic algorithm exposures in embedded systems to Side Channel Attacks (SCAs). | GPR |
Bitlackeys Security | Linux VMA Monitor (LVM) | Software | CFTdata@darpa.mil | Detects user space memory infections in a Linux environment. Its unique heuristics analyzer identifies complex and atypical infections and produces an unpacked executable version for analysis. | GPR |
Bunnie Studios, LLC | Enabling Distributed Network Protocols | Software | CFTdata@darpa.mil | Creates a high-performance, low-cost device that is based on infrastructure descended from mobile phone lineage and optimized for use in secure distributed networks. | GPR |
KoreLogic, Inc. | MASTIFF | Software | https://git.korelogic.com/mastiff.git/ | A static analysis framework that automates the extraction of characteristics of malware and allows rapid technique development through the use of plug-ins. | ALv2, BSD |
Sutajio Ko-Usagi Pte Ltd. | Know Thy Media | Software | CFTdata@darpa.mil | Investigates the embedded microcontrollers in Secure Digital (SD) cards, develops a hardware/software protocol analysis tool which logs raw transactions to the NAND device and compares them against commands issued by the SD interface. | GPR |
GoToTheBoard | Taking it From the Source - Integrating Dynamic Security | Software | CFTdata@darpa.mil | Couples static and dynamic analysis tasks into a set of tools that heightens a mainstream developer's awareness of code vulnerabilities and security issues in his or her day-to-day-programming. | GPR |
Island Peak Software | Submarine: Capturing the Unencrypted BIOS | Software | CFTdata@darpa.mil | Uses virtual machine logging, together with a virtualized BIOS device, to capture the unencrypted, uncompressed machine code of any Basic Input/Output System (BIOS). | GPR |
Deja vu Security | Godel's Gourd: Next Generation Fuzzer | Software | CFTdata@darpa.mil | Creates an automated testing framework that triggers and detects logical constraint violations that are undetectable with current fuzzing technology. | GPR |
Galois, Inc. | Ditto: A Tunable Network Stack for Confounding the Enemy | Software | CFTdata@darpa.mil | Creates a network stack that can be tuned by the system administrator to emulate whatever operating system the administrator chooses, complicating the adversary's decision process and decreasing the effectiveness of available adversary attack tools. | GPR |
Digital Operatives | HAVOC - Halting Attacks Via Obstructing Configurations | Software | CFTdata@darpa.mil | Explores configuration changes that impact the performance of malware components, developing tools for randomly changing those configuration parameters to exploit weaknesses in malware. | GPR |
Subreption, LLC | SAFEDROID: High Assurance Computing for Mobile Devices | Software | CFTdata@darpa.mil | Enforces memory protections and reduces system predictability, alters core components of the operating system (OS), and provides a defensive in-depth solution against zero-day attacks. | GPR |
Digital Operatives | AERIAL - Automatic Entity Recognition Identifying Antennas Locally | Software | CFTdata@darpa.mil | Uses automatic visual recognition on mobile phones to detect and classify antennas used in communications networks even in the absence of Radio Frequency emissions. | GPR |
Dan Farmer | IPMI: Underbelly of Servers | Software | CFTdata@darpa.mil | Offers a collection of simple tools to address the security concerns inherent with IPMI technology, raise awareness of IPMI's security weaknesses, identify configuration errors on IPMI clients, and propose a threshold for acceptability. | GPR |
University of Tulsa | Heavy Truck Electronic Network Security Analysis Framework (Truck-In-A-Box) | Firmware | CFTdata@darpa.mil | An inexpensive and lightweight hardware framework for analysis of heavy truck engine control modules, evaluating attack surfaces and demonstrate security vulnerabilities on commercial vehicles at a reduced cost. | GPR |
SecureIT Consulting Group, Inc. | ProcessGossip: A Side Channel Information Fusion Framework | Software | CFTdata@darpa.mil | Detects information leaks and identifies side channel vulnerabilities in the Android Operating System. Whole classes of exploits that previously relied on privilege escalation to capture secrets can potentially operate by simply listening to unprivileged information. | GPR |
VULNEX | Compiler Security and Binary Defenses Breakdown | Software | CFTdata@darpa.mil | Provides resources that simplify the process of building secure software, assists developers in using the security settings offered by compilers, and provides analysts with a tool for scanning binaries for vulnerabilities caused by insufficient compiler security configuration. | GPR |
Narf Industries, LLC | Kensa: An Anti-Reverse Engineering System | Software | CFTdata@darpa.mil | Kensa provides alerting mechanisms for tamper detection, encrypted patching, and reverse engineering mitigation. The system protects proprietary-critical binaries against adversaries' efforts by thwarting and reporting reverse engineering attempts. | GPR |
Dr. Charlie Miller | A Framework for Automotive Computing Systems | Software | CFTdata@darpa.mil | Provides a framework for programmers to develop and execute code to monitor and control the various embedded systems in computerized automobiles. | GPR |
Upstanding Hackers, LLC | Hammer: The Science of Insecurity - Source Development Recognizers and Validators | Software | CFTdata@darpa.mil | Facilitates the secure creation of input recognizers, or validators, that use mathematical proofs and verify correct code operation with minimum impact on development time and effort. | GPR |
Zentific, LLC | Zazen: Virtual Machine Introspection to Detect and Protect | Software | CFTdata@darpa.mil | Intrusion detection and prevention system that monitors and protects virtual machines from an external perspective. This tool repairs malicious modifications designed to hijack normal kernel and program operation when possible. | GPR |
Selective Intellect, LLC | Bootjack: BIOS Implant Detection | Software | CFTdata@darpa.mil | Bootjack is a configurable hardware solution that detects compromised BIOS components on Personal Computers. Bootjack scans a system, and within seconds, indicates the presence of a compromised BIOS via an alert on the external device. | GPR |
Raber Hughes Technologies, LLC | Virtual Deobfuscator | Software | CFTdata@darpa.mil | Reverse engineering tool that automates the reverse engineering of obfuscated instructions utilizing loop detection to disclose the underlying malware's original state. | GPR |
504ENSICS Labs | Application-Level Memory Forensics For Dalvik | Software | CFTdata@darpa.mil | This project researches and develops a framework to analyze the application-level memory forensics of Dalvik, the process virtual machine used by the Android operating system. | GPR |
Quoc Tran | GarbledGrids: Provable and Efficient Distributed Computing Security | Software | CFTdata@darpa.mil | A framework that protects data used in computations distributed across multiple remote machines. | GPR |
Narf Industries, LLC | Bbemu: A Baseband Emulation Framework for Vulnerability Analysis | Software | CFTdata@darpa.mil | Integrated vulnerability testing environment for basebands, providing researchers with a flexible baseband analysis environment at communication devices that handles communication between cellular towers and cellular phones. | GPR |
JW Secure, Inc. | BHT - BIOS Integrity Measurements Heuristics Tool | Software | CFTdata@darpa.mil | Mitigates BIOS-level threats in an enterprise using TPM in a system of cloud and client components. | GPR |
Northeast Information Discovery, Inc. | SLRFDL - Security Legacy Radio Frequency Data Links | Software | CFTdata@darpa.mil | A passive Radio Frequency network intrusion prevention system for secure legacy RF communication. The system uses RF fingerprint techniques to create a white-list to allow legitimate communications while denying unauthorized devices. | GPR |
Malice Afterthought | NOM: Novel Object Mapping Visualization of Security Data | Software | CFTdata@darpa.mil | Provides users with visual tools for examining incoming network/security data in near real-time, allowing users to understand past data using computer gaming engines that handle a huge number of data points. | GPR |
Great Scott Gadgets | Physical Layer Monitoring Platform for Wired Communication Media | Firmware | CFTdata@darpa.mil | Provides a low-cost, portable device with pluggable capabilities that monitors high and low bandwidth wired communication protocols such as USB and HDMI at the physical layer. | GPR |
MonkWorks, LLC | NAND-Xplore: Hiding and Finding Data with NAND Flash Error Codes | Software | CFTdata@darpa.mil | Uses on-board NAND controller, logic gates that the flash architecture resembles, or the host operating system to hide files and programs from users and forensics software | GPR |
Trail of Bits | Scalable Graph - Theoretical Analysis for Qualitative Program Security Assessment | Software | CFTdata@darpa.mil | Leverages developments in static analysis and graph theory to build a system that automatically identifies object lifespan vulnerabilities at source code level. | GPR |
Kyrus Tech, Inc. | Dynamic Analysis Toolset for Embedded System Application | Software | CFTdata@darpa.mil | Explores the adaptation of vulnerability research toolsets to embedded systems, providing dynamic analysis capabilities that are currently limited to researchers of non-embedded systems such as personal computers. | GPR |
504ENSICS Labs | Forensic Analysis of the OS X Spotlight Search Index | Software | CFTdata@darpa.mil | Provide access to all data stored in Spotlight indexes in an offline manner by reversing the index format, discovering forensically interesting artifacts in the index, recovering deleted versions of indexes, and generating code to automate access to index data. | GPR |
ReversingLabs | RDFU - Rootkit Detection Framework for UEFI | Software | CFTdata@darpa.mil | A rootkit/malware scanner designed to detect UEFI rootkits. | GPR |
Red Balloon Security | Defending Embedded Systems Using Autotomic Binary Structure Randomization | Software | CFTdata@darpa.mil | Independent host-based defense for arbitrary embedded systems using the principles of defense through diversity and attack surface minimization, which will include techniques such as binary autotomy and binary structure randomization. | GPR |
Milcord | VPN Underground Fingerprinter Tool & Guidelines to Limit Identifying VPN Traces | Software | CFTdata@darpa.mil | Identifies several encryption algorithms and attempts to discern patterns from the delays caused by packet loss and other artifacts of specific encrypted connections. | GPR |
Inverse Limit, LLC | Project fa840 | Software | CFTdata@darpa.mil | Augments the Erlang tool chain with additional languages and tools for building verified Erlang modules and then writes software whose modules are a mixture of both traditional and verified Erlang modules. | GPR |
MonkWorks, LLC | Clock Locking Beats - Exploring the Android Kernel and Processor Interactions | Software | CFTdata@darpa.mil | Exploration into smartphone processor clocks, speed and voltage manipulation techniques. It catalogues various means to subvert detection of running processes on mobile devices and how to uncover them. | GPR |
Great Scott Gadgets | Unambiguous Encapsulation in Error Correcting Codes | Software | CFTdata@darpa.mil | Explores longer codes (with codewords of length greater than five bits) that have interesting encapsulation properties, such as 'nestability' useful for unambiguous encapsulation of error control codes. | GPR |
GoToTheBoard | Visualization and Analysis of Machine Configuration Space | Software | CFTdata@darpa.mil | A set of tools for visualization and analysis of a program's configuration space by using QEMU and its emulation capabilities as a means to record the executed instructions from a program. | GPR |
Strategic Results | Enhancing Email Messaging Security | Software | CFTdata@darpa.mil | Software algorithms for the graphical representation of key fingerprints which will combine effective key visualization methods that are quick, accurate, and extremely difficult to defeat. | GPR |
Deja vu Security | Siren's Song | Software | CFTdata@darpa.mil | A system for fuzzing interpreted languages such as Python, Ruby, and JavaScript in a generic way by creating links between grammar, Abstract Syntax Tree (AST), and common metaphors in languages such as instantiating an object, calling a method and setting a property. | GPR |
Grier Forensics | Sifting Collectors | Software | CFTdata@darpa.mil | A sifting forensic collector which locates forensically relevant data and collects it in a forensically sound way in a fraction of the time (5-10x current speeds) and space (10-20% the size) required of traditional imaging methods. | GPR |
Mercury Milestones, LLC | Program Relocator | Software | CFTdata@darpa.mil | Software that can monitor processes and move malware to another machine. Then the malware will continue to run on the new machine with no indication that it has been moved. | GPR |
Invincea Labs | CrowdSource | Software | CFTdata@darpa.mil | Open source automatic malware reverse engineering engine by training a machine learning based malware capability detection engine on millions of technical documents from the web. | GPR |
KoreLogic, Inc. | PathWell | Software | CFTdata@darpa.mil | Enterprise-wide password complexity enforcement that significantly reduces the effectiveness of or renders useless current topology-based password cracking schemes. | GPR |
Northeast Information Discovery, Inc. | A Framework for Component-Level Excitation (FCLE) | Software | CFTdata@darpa.mil | Framework for the application of penetration testing techniques by enabling access to new system interface points by security professionals who may otherwise be unfamiliar with the necessary DSP and RF techniques. | GPR |
Securisea | Improved Vulnerability Searching in Code | Software | CFTdata@darpa.mil | System for hybrid analysis security testing which has reduced false negatives when searching for SQLi and XSS vulnerabilities via dataflow taint tracking compared to other existing automated tools today and demonstrated the prototype against real world web applications. | GPR |
BlueRISC Inc. | Unique Software and Microcontroller on a Whim | Software | CFTdata@darpa.mil | Automated toolkit that creates a unique microcontroller that matches the randomly synthesized encoding by retrofitting a GCC compiler containing back-end support for AVR ISA or OpenCores.org Verilog implementation of an AVR microcontroller. | GPR |
Inverse Limit, LLC | GLS | Software | CFTdata@darpa.mil | An open source GPU accelerated lattice sieve for the NFS that specifically targets the relation collection step of NFS, which is a combination of sieving and co-factorization to find smooth pairs that satisfy a particular technical property. | GPR |
504ENSICS Labs | A Framework for Differential Analysis of Malware in RAM | Software | CFTdata@darpa.mil | A prototype system that will take two successive memory captures and execute a set of plugins on them to determine the differences in the captures, providing the analyst with a browseable view of the analysis performed by the plugins. | GPR |
Accuvant Federal Solutions Inc. | Security Explorer | Software | CFTdata@darpa.mil | Tool to instantiate a platform for developers to ensure their binaries are protected with the latest in exploit mitigation technologies and test their sandbox implementations to quantitatively understand the actions an attacker may perform inside the sandbox. | GPR |
LEAD 82 | BootFixer: Semi-automatic Aid for Windows Malware Infections and Misconfiguration | Software | CFTdata@darpa.mil | Tool to (1) boot the Microsoft Windows machine into a safe-state, (2) gather and analyze the crucial data and (3) find and aid with removal of all potential known and unknown threats (including hidden rootkits). | GPR |
Trail of Bits | MAST: Mobile Application Security Transforms | Software | CFTdata@darpa.mil | Mobile application protection platform to armor iOS mobile applications against reverse engineering. | GPR |
University of Tulsa | Chip-Level Memory Mapping and Forensics for Heavy Truck ECM | Firmware | CFTdata@darpa.mil | Identifies data-bearing components in heavy truck electronic control modules. It will allow the repeatable method for imaging these components at the chip level in a forensically verifiable manner and map the contents of these devices to operational parameters. | GPR |
MonkWorks, LLC | Project Burner - El telefono inteligente de fuego | Software | CFTdata@darpa.mil | Research to understand what an attacker would have to do to physically destroy or incapacitate a device solely with kinetic software behaviors, to gain a deep understanding of that attack vector, and to develop a means of discovery and remediation. | GPR |
Exception Technologies, LLC | CRUSADE Toward Symbolic Signal Synthesis for Cyber Effects Analysis | Software | CFTdata@darpa.mil | An end-to-end RF vulnerability analysis framework capable of examining hardware and software systems for potential flaws by leveraging existing system level symbolic execution techniques. | GPR |
Dr. Charlie Miller | A Platform for Automotive Network Security Research | Software | CFTdata@darpa.mil | Tool that allows users to simulate attacks, look for vulnerabilities, explore how ECU's interact with each other, and design defenses in such a way that the exact same code will work in a real automobile. | GPR |
Sutajio Ko-Usagi Pte Ltd. | EMP | Software | CFTdata@darpa.mil | A mobile, extensible platform for signal measurement and protocol analysis. | GPR |
Openwall, Inc. | Scalable Password Hashing | Software | CFTdata@darpa.mil | An improvement to PHS and cryptographic KDF, focusing on deliberate uses of large amounts of memory (many gigabytes), which the main PHS or KDF component may treat as read-only (ROM), resulting in reduced efficiency of offline attacks. | GPR |
ProvenSecure Solutions, LLC | A Risk Mitigation Metric for Multi-Factor Authentication Systems | Software | CFTdata@darpa.mil | A Risk Mitigation Metric (RMM) tool that will provide continuous-scale quantitative results of representative authentication attempts. | GPR |
SigBlips DSP engineering | Weak Modulated Signal Correlations | Software | CFTdata@darpa.mil | A real-time weak modulated signal detection system prototype that makes use of novel correlation algorithms that will be implemented on an Intel Xeon Phi coprocessor card for real-time operation. | GPR |
Dan Farmer | Fait Accompli | Software | CFTdata@darpa.mil | Software that will enable a modestly technical person to see and understand what happens when a program is executed, and in particular to observe the execution of a software installer. | GPR |
Grand Idea Studio, Inc. | Research and Analysis of PCB Deconstruction Techniques | Software | CFTdata@darpa.mil | A suite of open-source tools and techniques to assist, simplify, and automate the PCB reverse engineering process based on PCB deconstruction. | GPR |
Hyperion Gray, LLC | Web 3.0: A Distributed Web Application Spider and 3D Visualization Engine With Built-In Continuous Security | Software | CFTdata@darpa.mil | 3D web application visualization engine that creates a landscape view of web applications across a network that is easy to navigate, intuitive, and has real-time web application vulnerability information built into it. | GPR |
Inverse Limit, LLC | Project MAIM | Software | CFTdata@darpa.mil | A tool chain for the purposes of mining undocumented information from the x86 processor architecture. Additionally an example miner will be produced to exhibit the differences in the underlying micro-architecture of four of the five major x86 variants. | GPR |
Metrix Create:Space | An Inexpensive Practical Textile-Based Computing and Communications Platform | Software | CFTdata@darpa.mil | Determines optimal materials and methods for putting low-cost low-power computing platforms into everyday clothing. | GPR |
Ring0 Technologies | PIDS | Software | CFTdata@darpa.mil | A technology that will detect and prevent infiltration of sensitive or classified networks via shared power sources including Modern or recent COTS broadband PLC protocols; older COTS protocols & non-COTS protocols including both voltage and current mode modulations. | GPR |