Systems and methods for blockchain security data intelligence

US 10,542,046 B2
Filed: 09/13/2018
Issued: 01/21/2020
Est. Priority Date: 06/07/2018
Status: Active Grant

First Claim

Patent Images

1. A method of detecting vulnerabilities and anomalies in a distributed computational environment, the method comprising the steps of:

receiving, from a client environment, at least one input data distributed among a plurality of nodes within a particular network;

receiving, from at least one of the plurality of nodes, the at least one input data into a curator engine, receiving, from the curator engine, the at least one input data into a transaction engine;

evaluating the at least one input data for information and events or vectors of attack;

validating the information and events or vectors of attack;

ranking the information and events or vectors of attack as an indicator;

logging the indicator into the node of the particular network;

recording the indicator into a blockchain database as a transaction having a unique transaction identifier;

reading, by a rule engine, the transaction from the blockchain database;

processing, by the rule engine, the transaction so to make a decision to transform or analyze the transaction based on a predetermined set of rules;

receiving, by an action engine, transaction from the rule engine; and

processing, by the action engine, the transaction received from the rule engine, wherein the action engine decides a predetermined action and generates feedback to the client environment based on the predetermined action.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are directed to systems and methods configured to gather, transmit, share and process security related data between end users and security applications/devices across multiple platforms using blockchain open implementation as the backend and smart contracts integrated with artificial intelligence and behavior analysis using rule engines to enforce/implement data decisions. The system is designed to continuously predict, monitor, prevent, detect, response and mitigate cyber threats. The process includes a self-enforced adaptable engine that has a fast incident response time and makes quick smart decisions. This is a resilient system that is constantly capturing data, learning, tracking and enforcing. Computational power is maximized by leveraging smart contracts to validate transactions between network devices, share encrypted and protected information about their functions, events across the network of nodes and make smart swarm decisions.

29 Citations

View as Search Results

18 Claims

1. A method of detecting vulnerabilities and anomalies in a distributed computational environment, the method comprising the steps of:
- receiving, from a client environment, at least one input data distributed among a plurality of nodes within a particular network;
  
  receiving, from at least one of the plurality of nodes, the at least one input data into a curator engine, receiving, from the curator engine, the at least one input data into a transaction engine;
  
  evaluating the at least one input data for information and events or vectors of attack;
  
  validating the information and events or vectors of attack;
  
  ranking the information and events or vectors of attack as an indicator;
  
  logging the indicator into the node of the particular network;
  
  recording the indicator into a blockchain database as a transaction having a unique transaction identifier;
  
  reading, by a rule engine, the transaction from the blockchain database;
  
  processing, by the rule engine, the transaction so to make a decision to transform or analyze the transaction based on a predetermined set of rules;
  
  receiving, by an action engine, transaction from the rule engine; and
  
  processing, by the action engine, the transaction received from the rule engine, wherein the action engine decides a predetermined action and generates feedback to the client environment based on the predetermined action.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein the validating, the evaluating, the ranking, the recording, and the logging are performed by a plurality of researchers, an automated analysis or a network consensus from the client environment.
  - 3. The method of claim 2, wherein the plurality of researchers, a plurality of external individuals or a plurality of machines that provide legitimate intelligence are rewarded.
  - 4. The method of claim 1, wherein the rule engine input is swarm intelligence using a plurality of data inputs.
  - 5. The method of claim 4, wherein to detect an anomaly through an outside intruder stationed illegally in the client environment, the swarm intelligence is configured to utilize particle swarm optimization techniques.
  - 6. The method of claim 5, wherein the swarm intelligence comprises a plurality of nodes, each node having at least one blockchain database and at least one smart contract.
  - 7. The method of claim 6, wherein the plurality of nodes are in communication with each other so to securely share information.
  - 8. The method of claim 7, wherein the plurality of nodes act as at least a processor, a storage, a router, or a relay whether or not in communication with the client environment.
  - 9. The method of claim 1, further comprising:
    - validating, within a swarm intelligence, the at least one input data from the client environment;
      
      generating, by the transaction engine, a second unique identifier;
      
      recording the second unique identifier into the blockchain database as a new transaction;
      
      analyzing, by the rule engine, the second unique identifier from the blockchain database; and
      
      processing, by the action engine, the recorded second unique identifier from the rule engine, wherein the rule engine decides on direction and flow of an analysis such that a notification or alert is triggered to other nodes and other agents outside of the client environment.
  - 10. The method of claim 9, further comprising:
    - creating, by a client agent, at least one new rule;
      
      validating, by the rule engine, the at least one new rule; and
      
      recording the at least one new rule in the blockchain database, wherein each new rule must adhere to the predetermined set of rules.
  - 11. The method of claim 10, wherein the swarm intelligence comprises a plurality of nodes, each node having at least one blockchain database and at least one smart contract.
  - 12. The method of claim 11, wherein the plurality of nodes are in communication with each other so to securely share information.
  - 13. The method of claim 12, further comprising:
    - organizing and integrating, by the curator engine, the at least one input data so to be transferred to a swarm application program interface;
      
      performing, by the swarm intelligence, machine learning on the at least the one input data;
      
      communicating, by the swarm application program interface the machine learned at least one input data; and
      
      recording the machine learned at least one input data in the blockchain database.
  - 14. The method of claim 13, further comprising:
    - transferring, from a web, the at least one input data into a data aggregator;
      
      transferring, by the data aggregator, to the curator engine, processing, by the curator engine, the at least one input data so to transfer the data to the swarm intelligence.
  - 15. The method of claim 14, wherein the web is a deep web or a dark web.
  - 16. The method of claim 15, wherein the swarm intelligence is configured to scan the deep web or the dark web to gather information to predict an attack while simultaneously scanning for stolen information or gather intelligence on a plurality of zero day vulnerabilities.
  - 17. The method of claim 16, wherein an open source and a third party source require a connector to transfer data to the data aggregator.
  - 18. The method of claim 13, wherein the machine learning is unsupervised or supervised.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unifyvault LLC
Original Assignee
Unifyvault LLC
Inventors
Katragadda, Rakesh Babu, Ramirez, Juan, Kumar, G. Krishna, Karipineni, Chandana, Vellanki, Saritha, Kolachalam, Sudha
Primary Examiner(s)
Alata, Ayoub

Application Number

US16/130,795
Publication Number

US 20190379699A1
Time in Patent Office

495 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/57   Certifying or maintaining t...

G06F 21/6245   Protecting personal data, e...

G06F 21/645   using a third party

G06N 20/00   Machine learning

G06N 3/006   based on simulated virtual ...

G06N 5/025   Extracting rules from data

G06N 5/043   Distributed expert systems;...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

H04L 63/302   gathering intelligence info...

Systems and methods for blockchain security data intelligence

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for blockchain security data intelligence

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links