Mechanism for concealing application and operation system identity
First Claim
1. A method comprising:
- initializing, by a computing system comprising one or more processors, a virtual machine (VM), wherein initializing the VM comprises;
obtaining, by the computing system, an unmodified operating system that is compatible with a first computing device and a second computing device of the computing system;
modifying, by the computing system, in a first manner, unmodified version of the operating system to form a first modified version of the operating system;
modifying, by the computing system, in a second manner, the unmodified version of the operating system to form a second modified version of the operating system, wherein;
(1) each of the first modified version of the operating system, the second modified version of the operating system, and the unmodified version of the operating system sets a respective implementation-dependent parameter of response messages, which conform to a communication protocol, to a different value under same conditions, and/or(2) each of the first modified version of the operating system, the second modified version of the operating system, and the unmodified version of the operating system produces respective response messages in which same sets of two or more implementation-dependent parameters are sequenced in a different order;
installing, by the computing system, the first modified version of the operating system in a first instance of the VM; and
installing, by the computing system, the second modified version of the operating system in a second instance of the VM;
deploying, by the computing system, the first instance of the VM on the first computing device of the computing system;
deploying, by the computing system, the second instance of the VM on the second computing device of the computing system;
setting, by the first modified version of the operating system deployed on the first computing device of the computing system, the implementation-dependent parameter to a first value;
setting, by the second modified version of the operating system deployed on the second computing device of the computing system, the implementation-dependent parameter to a second value that is different from the first value;
generating, by the first modified version of the operating system deployed on the first computing device of the computing system, a first message that conforms to the communication protocol, the first message including the first value of the implementation-dependent parameter;
generating, by the second modified version of the operating system deployed on the second computing device of the computing system, a second message that conforms to the communication protocol, the second message including the second value of the implementation-dependent parameter;
sending, by the first modified version of the operating system, from the first computing device of the computing system, the first message to a remote device; and
sending, by the second modified version of the operating system, from the second computing device of the computing system, the second message to the remote device.
1 Assignment
0 Petitions
Accused Products
Abstract
An example method includes providing, by a computing system, first randomized configuration information, generating, by the computing system and based on the first randomized configuration information, a first unique instance of a software component, providing second randomized configuration information, wherein the second randomized configuration information is different from the first randomized configuration information, and generating, based on the second randomized configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system, and the first and second unique instances of the software component are each further configured, during execution on the runtime computing system, to output false information to an external computing system.
58 Citations
18 Claims
-
1. A method comprising:
-
initializing, by a computing system comprising one or more processors, a virtual machine (VM), wherein initializing the VM comprises; obtaining, by the computing system, an unmodified operating system that is compatible with a first computing device and a second computing device of the computing system; modifying, by the computing system, in a first manner, unmodified version of the operating system to form a first modified version of the operating system; modifying, by the computing system, in a second manner, the unmodified version of the operating system to form a second modified version of the operating system, wherein; (1) each of the first modified version of the operating system, the second modified version of the operating system, and the unmodified version of the operating system sets a respective implementation-dependent parameter of response messages, which conform to a communication protocol, to a different value under same conditions, and/or (2) each of the first modified version of the operating system, the second modified version of the operating system, and the unmodified version of the operating system produces respective response messages in which same sets of two or more implementation-dependent parameters are sequenced in a different order; installing, by the computing system, the first modified version of the operating system in a first instance of the VM; and installing, by the computing system, the second modified version of the operating system in a second instance of the VM; deploying, by the computing system, the first instance of the VM on the first computing device of the computing system; deploying, by the computing system, the second instance of the VM on the second computing device of the computing system; setting, by the first modified version of the operating system deployed on the first computing device of the computing system, the implementation-dependent parameter to a first value; setting, by the second modified version of the operating system deployed on the second computing device of the computing system, the implementation-dependent parameter to a second value that is different from the first value; generating, by the first modified version of the operating system deployed on the first computing device of the computing system, a first message that conforms to the communication protocol, the first message including the first value of the implementation-dependent parameter; generating, by the second modified version of the operating system deployed on the second computing device of the computing system, a second message that conforms to the communication protocol, the second message including the second value of the implementation-dependent parameter; sending, by the first modified version of the operating system, from the first computing device of the computing system, the first message to a remote device; and sending, by the second modified version of the operating system, from the second computing device of the computing system, the second message to the remote device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computing system comprising:
-
a development computing system comprising a first set of one or more processors; and a runtime computing system comprising a second set of one or more processors configured to implement a plurality of environments, wherein the first set of one or more processors of the development computing system is configured to; initialize a virtual machine (VM), wherein to initialize the VM, the first set of one or more processors being configured to; obtain an unmodified operating system that is compatible with a first environment and a second environment of the plurality of environments implemented by the runtime computing system; modify, in a first manner, unmodified version of an operating system to form a first modified version of the operating system; modify, in a second manner the unmodified version of the operating system, to form a second modified version of the operating system, wherein; (1) each of the first modified version of the operating system, the second modified version of the operating system and the unmodified version of the operating system sets a respective implementation-dependent parameter of response messages, which conform to a communication protocol, to a different value under same conditions, and/or (2) each of the first modified version of the operating system, the second modified version of the operating system, and the unmodified version of the operating system produces respective response messages in which same sets of two or more implementation-dependent parameters are sequenced in a different order; install the modified version of the operating system in the VM; and install the second modified version of the operating system in a second instance of the VM; deploy the first instance of the VM on the first environment of the plurality of environments implemented on the runtime computing system; deploy the second instance of the VM on the second environment of the plurality of environments implemented on the runtime computing system, wherein the first modified version of the operating system deployed on the first environment implemented on the runtime computing system is configured to cause the second set of one or more processors to; set the implementation-dependent parameter to a first value; generate a first message that conforms to the communication protocol, the first message including the first value of the implementation-dependent parameter; and send the first message to a remote device, and wherein the second modified version of the operating system deployed on the second environment implemented on the runtime computing system is configured to cause the second set of one or more processors to; set the implementation-dependent parameter to a second value that is different from the first value; generate a second message that conforms to the communication protocol, the second message including the second value of the implementation-dependent parameter; and send the second message to the remote device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable data storage medium having instructions stored thereon that, when executed, cause one or more processors of a computing system to:
-
initialize a virtual machine (VM), wherein as part of causing the computing system to initialize the VM, the instructions cause the one or more processors of the computing system to; obtain an unmodified operating system that is compatible with a first computing device and a second computing device of the computing system; modify the unmodified version of the operating system in a first manner to form a first modified version of the operating system; modify, in a second manner, the unmodified version of the operating system to form a second modified version of the operating system, wherein; (1) each of the first modified version of the operating system, the second modified version of the operating system and the unmodified version of the operating system sets a respective implementation-dependent parameter of response messages, which conform to a communication protocol, to a different value under same conditions, and/or (2) each of the first modified version of the operating system, the second modified version of the operating system, and the unmodified version of the operating system produces respective response messages in which same sets of two or more implementation-dependent parameters are sequenced in a different order; install the first modified version of the operating system in a first instance of the VM; install the first modified version of the operating system in a first instance of the VM; and deploy the first instance of the VM on first computing device of the computing system; deploy the second instance of the VM on the second computing device of the computing system; set, by the first modified version of the operating system deployed on the first computing device of the computing system, the implementation-dependent parameter to a first value; set, by the second modified version of the operating system deployed on the second computing device of the computing system, the implementation-dependent parameter to a second value that is different from the first value; generate, by the first modified version of the operating system deployed on the first computing device of the computing system, a first message that conforms to the communication protocol, the first message including the first value of the implementation-dependent parameter; generate, by the second modified version of the operating system deployed on the second computing device of the computing system, a second message that conforms to the communication protocol, the second message including the second value of the implementation-dependent parameter; send, by the first modified version of the operating system, from the first computing device of the computing system, the first message to a remote device; and send, by the second modified version of the operating system, from the second computing device of the computing system, the second message to the remote device. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification