FuzzBuster is an autonomous cyber-defense system developed by SIFT under DARPA's CRASH program (completed December 2014). It uses plug-in software analysis and adaptation tools to defeat a wide variety of cyber-threats. By coordinating the operation of diverse tools for software analysis, test generation, vulnerability refinement, and adaptation, FuzzBuster provides long-term immunity against both observed attacks and novel (zero-day) cyber-attacks. FuzzBuster has been running for thousands of hours, finding and fixing real-world software faults using more than a dozen different analysis and adaptation tools.
As part of the FuzzBuster project, SIFT developed a process to make off-the-shelf binaries chronomorphic so that they rewrite their executable memory over time, throughout their execution, while preserving their normal operating behavior. This protects programs against cyber-reconnaissance and code reuse exploits such as Return-Oriented Programming attacks.
SIFT is currently contracting to transition FuzzBuster technology to the Department of Defense for automated program analysis and repair.