Available Tools

Made-in-Atlanta Cyberdefense

To nullify today's emerging threats, Georgia Tech researchers are delivering innovation through new, home-grown tools and tactics. Some research has been adopted by private industry to form the foundation of competitive, Atlanta-based start-ups. Other project results are available as open-source tools for better information security.

Explore Georgia Tech’s growing portfolio of cybersecurity technology available for licensing: technologies.gtrc.gatech.edu


AESOP - A malware detection algorithm, AESOP quickly determines a software file's "goodness" or "badness" by analyzing its relationship with peer files. In keeping with Aesop's moral, "a man is known by the company he keeps," so is software. AESOP was developed by Georgia Tech's School of Computational Science & Engineering with Symantec.

Apiary - This automated malware intelligence system developed by the Cyber Technology & Information Security Laboratory (CTISL) at the Georgia Tech Research Institute, Apiary allows members to anonymously submit suspicious files for fast analysis and receive information about attacks on other organizations. Apiary helps corporate and government officials share information about the attacks they are fighting, and in turn, creates a knowledge base shared with all participants. Apiary analyzes and classifies an average of 100,000 pieces of malicious code each day.

BlackForest - An open-source intelligence system, BlackForest crawls through the public Internet and hacker forums where the unscrupulous gather -- collecting information to anticipate possible cyber attacks before they happen. Developed by the Cyber Technology & Information Security Laboratory (CTISL) at the Georgia Tech Research Institute, BlackForest can sketch a threat picture with pre-attack information for organizations that may not even know they are being targeted.

LatentGesture - A new approach to authentication, LatentGesture establishes a "touch signature" for mobile phone and tablet owners -- then constantly compares this ID with whoever is using the device. If swiping gestures don't match those of the owner, the system recognizes the difference (with 97-98 percent accuracy on smart phones and tables) and can lock the device. LatentGesture was developed by Georgia Tech's School of Computational Science & Engineering.

Network Security Yardstick - Astrolavos Lab researchers at Georgia Tech have created a novel metric that enables security officials to independently evaluate their network risk over time and show how technology investments have mitigated risk of attacks.

PhoneprintingTM - This audio fingerprinting technology helps calls centers verify where calls are truly coming from and what type of device is being used. In contract to competing technologies that reduce fraud by 10-15 percent, PhoneprintingTM catches 90 percent. Developed by Dr. Mustaque Ahamad and Vijay Balasubramaniyan in Georgia Tech's School of Computer Science, today it is licensed to Atlanta-based start-up, Pindrop Security.

PhoneyPot - A pioneer of telephony honeypots, PhoneyPot demonstrates how to successfully lure voice-channel villains and study their exploitation techniques. Developed as a collaboration between Georgia Tech and Pindrop Security, it allowed researchers to collect data from 1.3 million calls from 250,000 unique sources over a seven-week period -- revealing patterns by unwanted callers that can aid future security work.

Side-Channel Security - Researchers are investigating how to safeguard electromagnetic signals and power fluctuations emitted by computers and cell phones to protect them from hackers. Partners in Georgia Tech's School of Electrical & Computer Engineering and School of Computer Science are analyzing the low-power electronic signals that devices emit, which give hackers clues or even the ability to track unseen passwords.

TAIGA - A new architecture that provides process resiliance against cyber attacks and physical targets, TAIGA ensures stability regardless of what else may be happening within a computational system. TAIGA by the Georgia Tech Research Institute provides an on-chip, digital security -- guided by a design philosophy that the most trusted layers of a system should validate requests from less trusted layers, and otherwise take corrective actions.

Warthog - Developed by the Cyber Technology & Information Security Laboratory (CTISL) at the Georgia Tech Research Institute, Warthog is an intelligent, modular framework for performing software fuzz testing and automated analysis. Given a user-defined test script and some sample inputs, Warthog automatically analyzes software by sending mutations of the sample inputs into the binary via the test script. When the program under analysis exhibits interesting behavior, Warthog saves the inputs that caused the interesting behavior so that the Warthog users can understand the program. This kind of analysis allows Warthog users to understand security vulnerabilities of their own programs and to understand the behavior of opaque binaries. Warthog has been used to analyze programs on Window, Linux, VxWorks and iOS.

For more information

Contact Stephen Moulton
Associate Director of Government Business Development