Secure Layered Iterative Gateway
First Claim
1. A method for intercepting and blocking cyber activity between computers via an intermediary distributed device, the method comprising:
- a) activating, by a physical machine resource manager of the intermediary distributed device, one of at least two gateway components of the intermediary distributed device;
b) communicatively coupling a first network node and a second network node via the activated gateway component to allow data to be bi-directionally transmitted between the first and second network nodes for a finite time period;
c) de-activating, by the physical machine resource manager, the activated gateway component at the termination of the finite time period;
d) analyzing data obtained by the activated gateway component during the finite time period by an attestation server to determine if cyber activity has occurred;
e) rebooting the activated gateway component; and
f) repeating steps (a)-(e) utilizing another one of the at least two gateway components not previously selected in the most recent finite time period.
1 Assignment
0 Petitions
Accused Products
Abstract
In methods and a device for mitigating against cyber-attack on a network, a distributed intermediary device is placed into a network between computers or network nodes of the network to mitigate cyber-attacks between the computers or nodes of a network from remote systems. Threats are assessed by utilizing internal information assurance mechanisms of the device to detect such cyber-attacks without requiring external modification of the software and/or hardware of the computers or nodes of the network to be protected. The device prevents attacks at the platform level against the OS and network resources.
16 Citations
18 Claims
-
1. A method for intercepting and blocking cyber activity between computers via an intermediary distributed device, the method comprising:
-
a) activating, by a physical machine resource manager of the intermediary distributed device, one of at least two gateway components of the intermediary distributed device; b) communicatively coupling a first network node and a second network node via the activated gateway component to allow data to be bi-directionally transmitted between the first and second network nodes for a finite time period; c) de-activating, by the physical machine resource manager, the activated gateway component at the termination of the finite time period; d) analyzing data obtained by the activated gateway component during the finite time period by an attestation server to determine if cyber activity has occurred; e) rebooting the activated gateway component; and f) repeating steps (a)-(e) utilizing another one of the at least two gateway components not previously selected in the most recent finite time period. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for intercepting and blocking cyber activity between network nodes of a network via an intermediary distributed device, the method comprising:
-
a) activating, by a physical machine resource manager of the intermediary distributed device, one of at least two gateway components of the intermediary distributed device; b) communicatively coupling a first network node and a second network node via the activated gateway component to allow data to be bi-directionally transmitted between the first and second network nodes for a finite time period; c) de-activating, by the physical machine resource manager, the activated gateway component at the termination of the finite time period; d) analyzing data obtained by the activated gateway component during the finite time period by an attestation server to determine if cyber activity has occurred; e) rebooting the activated gateway component; and f) repeating steps (a)-(e) utilizing another one of the at least two gateway components not previously selected in the most recent finite time period.
-
-
14. A system for intercepting and blocking cyber activity between one of computers and network nodes of a network via an intermediary distributed device, the system comprising:
a secure layered iterative gateway device (SLIG) comprising; at least two or more gateway components configured to i) Provide packet routing access across the intermediary distributed device between said computers or network nodes, ii) Use internal sensors to determine if changes have occurred to the operating system, system memory or firmware associated with network interface cards, hard drives and video cards of the at least two or more gateway devices, iii) Produce a hash of the state of the at least two or more gateway devices upon deactivation of the at least two or more gateway devices, an attestation sever configured to; i) receive messages from each of the at least two or more gateway components at the beginning of each boot cycle, ii) examine the hashes produced by the at least two or more gateway devices upon de-activation, a physical machine resource manager configured to; i) open the intermediary network device to network traffic, ii) control traffic flow from one gateway network device to a next gateway network device, iii) continuously monitor network connections to determine when the gateway devices are available to be opened. - View Dependent Claims (15, 16, 17, 18)
Specification