U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. About Us
  3. Site Links
  4. Archived
  5. News Archive
  6. News Release: S&T Awards $747K to NYC Small Business to Develop Hybrid Malware Prediction System

Archived Content

In an effort to keep DHS.gov current, the archive contains outdated information that may not reflect current policy or programs.

News Release: DHS S&T Awards $747K to NYC Small Business to Develop Hybrid Malware Prediction System

Release Date: October 5, 2017

For Immediate Release
DHS S&T Press Office, John Verrico, (202) 254-2385

WASHINGTON—New York City-based Red Balloon Security, Inc. was awarded a $746,756 Small Business Innovation Program (SBIR) contract from the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to develop an upgrade to its existing hybrid prediction system for embedded malware detection.

Under the two-year, SBIR Phase II contract, Red Balloon Security, which specializes in embedded device security, will develop new capabilities for and enhance the current functionality of its Symbiote Defense intrusion-detection system. The research and development project is being managed by the Cyber Security Division’s (CSD) Internet Measurement and Attack Modeling (IMAM) project. CSD is part of the Homeland Security Advanced Research Projects Agency.

“Malicious code, more commonly known as malware, is a growing cybersecurity concern mainly because it can run undetected on systems and devices without the user’s knowledge, especially in embedded systems” said Cyber Security Division Director Douglas Maughan. “This project will strengthen defenses against malware by identifying and countering an intrusion early, before it compromises a device’s sensitive and private information.”

As part of a project titled “Hybrid Prediction for Embedded Malware,” Red Balloon will design, develop and implement the following four new capabilities into its Symbiote Defense system:

  • Create attack graphs that will catalogue system defenses along various embedded device attack paths
  • Develop a live-hardening feature to capture detailed information about malware attacks
  • Create an advanced, continuous, real-time monitoring capability that will exfiltrate forensic details of malware actions as the malicious program runs
  • Expand the system’s functionality to display malware forensic details and perform post-processing to analyze the details sufficiently so system or network operators can take short-term action without having to wait for expert human analysis.

Red Balloon also will test and pilot the upgrades and solicit feedback from users so the updated platform can be further refined.

“We are looking to Red Balloon Security to greatly enhance capabilities to identify cyber-intrusions and speed the reaction time of network and system operators to eliminate a threat,” said S&T IMAM Program Manager Ann Cox.

Initiated in 2004, the DHS S&T SBIR program is a competitive contract awards program that increases the participation of innovative and creative U.S. small businesses in federal research-and-development (R&D) initiatives and facilitates private-sector commercialization of SBIR-funded solutions. A SBIR Phase II awardee continues its R&D from a completed Phase I project that successfully affirms the scientific and technical merit and feasibility of a proposed effort. S&T’s CSD leverages the SBIR program to fund small business development of new and enhanced cybersecurity solutions. For more about the S&T SBIR program, visit https://www.dhs.gov/science-and-technology/sbir.

CSD’s mission is to enhance the security and resilience of the nation’s critical information infrastructure and the Internet by developing and delivering new technologies, tools and techniques to defend against cyberattacks. The division conducts and supports technology transitions and leads and coordinates R&D among the R&D community, which includes DHS customers, government agencies, the private sector and international partners. For more information about CSD, visit /cyber-research.



Last Updated: 02/03/2021
Was this page helpful?
This page was not helpful because the content