CybersecurityDHS S&T awards $1.3 million to small businesses for cybersecurity R&D

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $1.3 million to thirteen small businesses for the development of new cyber security technology.  

Each business was awarded approximately $100,000 in preliminary funding through the DHS S&T Small Business Innovation Research (SBIR) program. The SBIR proposal solicitation, released in December 2015, included four topics developed by Cyber Security Division program managers to address the research and development needs of DHS components and the homeland security enterprise. S&T notes that each of these small businesses may be eligible for further development funding based on their initial project results as well as its scientific and technical merit and perceived commercialization potential.

The four research topics and the awarded small businesses for each are:

1. Applicability of Blockchain Technology to Identity Management and Privacy Protection
The goal of this topic is to use blockchain technology, which centralizes and validates new entries added into an existing data field to support identity verification. Awardees are:

• Digital Bazaar, Inc., Blacksburg, Virginia, is developing a Linked Data ledger format and architecture to demonstrate how to publish identity credentials.
• Respect Network Corporation, Seattle, Washington, is developing a decentralized registry and discovery service to integrate with the public blockchain.
• Narf Industries LLC, Washington, D.C., is working to achieve an identity management solution built on a permission-less blockchain: confidentiality (with selective information disclosure), integrity, availability, non- DHS repudiation, provenance and pseudo-anonymity.
• Celerity Government Solutions, LLC, McLean, Virginia, is researching blockchain solutions to enable users to establish and maintain trusted identity transactions with public and private organizations.

2. Remote Identity Proofing Alternatives to Knowledge-Based Authentication and Verification
The objective of this topic is to design and demonstrate the feasibility of high-assurance alternatives to knowledge-based verification techniques, such as the ability to recall a password, for online identification. Awardees are:

• CardSmart Technologies, Basking Ridge, New Jersey, is investigating the effectiveness of alternative approaches ranging from a person’s online reputation to voice forensics.
• Pomian & Corella, LLC, Carmichael, California, is exploring innovations including the use of chip-enabled credit cards, federated identity protocols and cryptographic credentials carrying validated attributes.
• PreID Inc., Atherton, California, is investigating several new identity-verification approaches to determine strengths and weaknesses (security, privacy, accuracy) and commercial feasibility (cost, time to market, consumer acceptance) of each.

3. Malware Prediction for Situational Understanding and Preemptive Cyber Defense
The goal of this topic is to develop capability to predict and prevent malware. Awardees are:

• BlueRISC, Inc., Amherst, Massachusetts, is developing a method to capture network system motion as a predictive indication of potential malicious activity
• GrammaTech, Inc., Ithaca, New York, is creating a tool to understand the evolution of malware characteristics and anticipating future malware evolution.
• Red Balloon Security, New York City, New York, is developing a hybrid model using long-term malware trend prediction and a short-term approach to monitor malware and capture forensic data to provide real-time predictions.
• ZeroPoint Dynamics, LLC, Cary, North Carolina, is developing techniques for conducting automated analysis of malicious documents and malware and providing enhanced understanding and preemptive malware and exploit defenses.

4. Real-Time Assessment of Resilience and Preparedness
The objective of this topic is to develop a low-cost, flexible application that can analyze a community’s resilience on a near real-time basis and present this information in visual and data formats on mobile and fixed platforms. Awardees are:

• Datanova Scientific LLC, Baltimore, Maryland, is developing an application for site-specific predictive and proactive risk generation and resilience assessment.
• InferLink Corporation, El Segundo, California, is developing an end-to-end prototype system for resiliency assessment.

Initiated in 2004, the DHS S&T SBIR Program is a competitive contract awards program to increase the participation of innovative and creative U.S. small businesses in federal research and development initiatives and to increase private-sector commercialization of SBIR-funded solutions. S&T says that CSD leverages the SBIR Program to fund small business development of new and enhanced cybersecurity solutions. For more about the S&T SBIR Program, visit https://www.dhs.gov/science-and-technology/sbir.

CSD’s mission is to enhance the security and resilience of the nation’s critical information infrastructure and the Internet by developing and delivering new technologies, tools and techniques to defend against cyberattacks.