TOOLS, TECHNOLOGY, PEOPLE

Dedicated to providing unsurpassed solutions and services in support of our nation's defense and technological advancements

+ Technologies

Information Assurance & Anti-Tamper

Protection of our network infrastructure and assets is critical amidst today’s cyber threats that attempt to destroy and degrade network applications. RAM Laboratories engineers and scientists are addressing these threats by developing cutting edge information assurance and anti-tamper technologies that target a wide-variety of information domains.

Information Assurance

Self-Diagnostics and Fault Tolerance
Detection of Malicious Intruders
Detection of Anomalies in Remote Sensor Data Streams

Anti-Tamper

Software Obfuscation
Secure Monitoring Agents
Hardware Assisted Anti-Tamper Solutions

Representative Customers

  • AFRL
  • MDA


back to top

Information Assurance: Our staff has developed a variety of technologies that perform self-diagnostics, detect malicious intruders, and identify anomalous data. Our solutions can be tailored to our customer’s message structure, network requirements, applications, and data models. Specific innovations include:

  • Self-diagnostics and Fault Tolerance
  • Anomaly Detection for Detecting Malicious Intruders
  • Detecting Anomalies in Remote Sensor Data Streams

back to top

Self-Diagnostics and Fault Tolerance: RAM Laboratories is developing self-diagnostic distributed servers that route critical data across networks based on network connectivity, message priority, message content, and network health. Our approach “senses” connectivity and extracts QoS information from the networks, while relaying that information to algorithms/protocols that adaptively route information across the network. The company is also developing fault tolerance-based middleware that integrates with existing QoS services to address mission readiness guarantees for applications/services operating on the network.


back to top

Detection of Malicious Intruders: Our staff is developing an anomaly detection approach that identifies malicious intruders on private networks. The approach employs a multi-level fusion methodology that detects, aggregates, tracks, and characterizes potential threats to the network. The system uses soft-computing (neural networks and hybrid neural networks) approaches to detect anomalies in both user signatures and system calls for individual platforms, aggregates and tracks detections and compares detection tracks against those typical of user roles (represented as fuzzy sets in a rule database).


back to top

Detection of Anomalies in Remote Sensor Data Streams: RAM Laboratories engineers are developing technologies to detect anomalies within remote sensor data streams, particularly remote sensors (satellites, desert-based sensors, etc.) where maintenance may be non-trivial. Our approach focuses on the use of neural networks, innovative data representations to signifcantly improve neural network training and maintenance time, and the use of hybrid architectures to increase accuracy and reduce the number of false positive detections.


back to top

Anti-Tamper: Anti-tamper technologies are essential when protecting critical technologies in remote or challenged environments, or when addressing the assurance of critical computer codes. Anti-tamper techniques range from those thwarting the reverse engineering of software deployed on operational platforms, to out-of-band hardware solutions that protect mission critical applications and data at U.S. or coalition facilities. Key anti-tamper innovations include:

  • Software obfuscation that prevents reverse engineering of code
  • Secure monitoring agents that monitor critical processes
  • Hardware assisted anti-tamper solutions

back to top

Software Obfuscation: RAM Laboratories is developing software obfuscation technologies that can be used to rewrite applications as they are executed. By constantly rewriting executables as the application runs, our approach thwarts the use of debug technologies and software based reverse engineering solutions.


back to top

Secure Monitoring Agents: A key criteria in ensuring that software cannot be reverse engineered is the use of sentinels to monitor the critical software application. Current sentinel technology can be defeated by a well funded adversary (enough time and money) by addressing each sentinel one-at-a-time and observing the communication between the agents. Our research has investigated secure shared memory approaches for addressing this problem.


back to top

Hardware Assisted Anti-Tamper Solutions: Out-of-band hardware is needed to protect critical codes and data on processing platforms, even in fairly secure settings. Use of such out-of-band hardware allows network administrators to store secure, reliable, tamper-proof versions of an application or data on a platform at a location that cannot be reached via network access. Our Trusted Platform Security Manager (TPSM) development is targeting a solution that allows administrators to raise notification upon the alteration of protected data, or even automatically replace protected data/applications with a known, safe, version when attempts to alter the information are made.


back to top