FuzzBuster

FuzzBuster is an autonomous cyber-defense system developed by SIFT under DARPA's CRASH program (completed December 2014).  It uses plug-in software analysis and adaptation tools to defeat a wide variety of cyber-threats.  By coordinating the operation of diverse tools for software analysis, test generation, vulnerability refinement, and adaptation, FuzzBuster provides long-term immunity against both observed attacks and novel (zero-day) cyber-attacks.  FuzzBuster has been running for thousands of hours, finding and fixing real-world software faults using more than a dozen different analysis and adaptation tools.

As part of the FuzzBuster project, SIFT developed a process to make off-the-shelf binaries chronomorphic so that they rewrite their executable memory over time, throughout their execution, while preserving their normal operating behavior.  This protects programs against cyber-reconnaissance and code reuse exploits such as Return-Oriented Programming attacks.

SIFT is currently contracting to transition FuzzBuster technology to the Department of Defense for automated program analysis and repair.