Intrusion tolerant communication networks and associated methods
First Claim
Patent Images
1. A method for intrusion tolerance in a private communication network including a plurality of interconnected servers, comprising:
- ascertaining entrance into an active attack state produced by an intrusion into the communication network; and
entering a triage state upon recognition of the active attack state by selecting from a plurality of predetermined triage states including each of the following,(a) a cease-to-function state in which the plurality of interconnected servers ceases to function,(b) a degradation state in which only predefined essential services of the communications network are maintained for communication outside the private communication network, and(c) a prior-to-intrusion state of the communication network before said entrance into the attack state.
3 Assignments
0 Petitions
Accused Products
Abstract
An intrusion tolerant communication network and related methods is provided that places emphasis on continuity of operation and provides for an attack-survivable communication network whose network devices collectively accomplish the specified networking intent even under attack and despite active intrusions. The present invention defines methods for network intrusion tolerance in terms of the various state transitions that maximize the overall effectiveness of an intrusion tolerant communication network.
-
Citations
30 Claims
-
1. A method for intrusion tolerance in a private communication network including a plurality of interconnected servers, comprising:
-
ascertaining entrance into an active attack state produced by an intrusion into the communication network; and entering a triage state upon recognition of the active attack state by selecting from a plurality of predetermined triage states including each of the following, (a) a cease-to-function state in which the plurality of interconnected servers ceases to function, (b) a degradation state in which only predefined essential services of the communications network are maintained for communication outside the private communication network, and (c) a prior-to-intrusion state of the communication network before said entrance into the attack state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for intrusion tolerance in a private communication network including a plurality of interconnected servers, the method comprising:
-
screening for vulnerability to intrusion which would cause the communication network to transition to a vulnerable state; securing the communication network to eliminate at least some of the vulnerabilities detected while screening the communication network so as to return the communication network to a prior-to-intrusion state; screening for exploitation of a vulnerability against which the communication network remains susceptible following any further securing of the communication network with the exploitation of the vulnerability causing the communication network to enter an active attack state; and responding to the exploitation of the vulnerability by selecting from a plurality of predetermined triage steps including each of the following, a) recovering from the exploitation of the vulnerability and returning to the prior-to-intrusion state without degradation of the communication network, b) maintaining only predefined essential services of the communication network for communication outside the private communication network, and c) ceasing operation of the plurality of interconnected servers while preserving at least one of the integrity and confidentiality of the data maintained by the communication network. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. An intrusion tolerant private communication network including a plurality of interconnected servers, comprising:
-
a vulnerability detection element configured to screen for vulnerability to an intrusion which would cause the communication network to transition to a vulnerable state; a security element configured to secure the communication network to eliminate at least some of the vulnerabilities detected by said vulnerability detection element so as to return the communication network to prior-to-intrusion state; a vulnerability exploitation detection element configured to screen for exploitation of a vulnerability against which the communication network remains susceptible with the exploitation of the vulnerability causing the communication network to enter an active attack state; and a triage element configured to respond to the exploitation of the vulnerability by selecting from each of the following plurality of predetermined triage instructions configured to, recover the communication network from the exploitation of the vulnerability and return to the prior-to-intrusion state without degradation of the communication network, maintain only predefined essential services of the communication network for communication outside the private communication network, and cease operation of the plurality of interconnected servers while preserving at least one of the integrity and confidentiality of the data maintained by the communication network. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
-
Specification