Secure layered iterative gateway
First Claim
Patent Images
1. A method for identifying malware activity between computers via an intermediary distributed device, the method comprising:
- a) activating, by a physical machine resource manager of the intermediary distributed device, one of at least two gateway components of the intermediary distributed device;
b) communicatively coupling a first network node and a second network node via the activated gateway component to allow data to be bi-directionally transmitted between the first and second network nodes for a finite time period;
c) de-activating, by the physical machine resource manager, the activated gateway component at the termination of the finite time period;
d) analyzing data obtained by the activated gateway component during the finite time period by an attestation server to determine if malware activity has occurred;
e) rebooting the activated gateway component; and
f) repeating steps (a)-(e) utilizing another one of the at least two gateway components not previously selected in the most recent finite time period.
1 Assignment
0 Petitions
Accused Products
Abstract
In methods and a device for mitigating against cyber-attack on a network, a distributed intermediary device is placed into a network between computers or network nodes of the network to mitigate cyber-attacks between the computers or nodes of a network from remote systems. Threats are assessed by utilizing internal information assurance mechanisms of the device to detect such cyber-attacks without requiring external modification of the software and/or hardware of the computers or nodes of the network to be protected. The device prevents attacks at the platform level against the OS and network resources.
19 Citations
13 Claims
-
1. A method for identifying malware activity between computers via an intermediary distributed device, the method comprising:
-
a) activating, by a physical machine resource manager of the intermediary distributed device, one of at least two gateway components of the intermediary distributed device; b) communicatively coupling a first network node and a second network node via the activated gateway component to allow data to be bi-directionally transmitted between the first and second network nodes for a finite time period; c) de-activating, by the physical machine resource manager, the activated gateway component at the termination of the finite time period; d) analyzing data obtained by the activated gateway component during the finite time period by an attestation server to determine if malware activity has occurred; e) rebooting the activated gateway component; and f) repeating steps (a)-(e) utilizing another one of the at least two gateway components not previously selected in the most recent finite time period. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for identifying malware activity between network nodes of a network via an intermediary distributed device, the method comprising:
-
a) activating, by a physical machine resource manager of the intermediary distributed device, one of at least two gateway components of the intermediary distributed device; b) communicatively coupling a first network node and a second network node via the activated gateway component to allow data to be bi-directionally transmitted between the first and second network nodes for a finite time period; c) de-activating, by the physical machine resource manager, the activated gateway component at the termination of the finite time period; d) analyzing data obtained by the activated gateway component during the finite time period by an attestation server to determine if malware activity has occurred; e) rebooting the activated gateway component; and f) repeating steps (a)-(e) utilizing another one of the at least two gateway components not previously selected in the most recent finite time period.
-
Specification