Secure layered iterative gateway
First Claim
Patent Images
1. A system for identifying malware activity between one of computers and network nodes of a network via an intermediary distributed device, the system comprising:
- a secure layered iterative gateway device (SLIG) comprising;
at least two or more gateway devices configured to;
i) provide packet routing access across the intermediary distributed device between said computers or network nodes,ii) use internal sensors to determine if changes have occurred to the operating system, system memory or firmware associated with network interface cards, hard drives and video cards of the at least two or more gateway devices,iii) produce a hash of the state of the at least two or more gateway devices upon deactivation of the at least two or more gateway devices,an attestation server configured to;
i) receive messages from each of the at least two or more gateway devices at the beginning of each boot cycle,ii) examine the hashes produced by the at least two or more gateway devices upon de-activation,a physical machine resource manager configured to;
i) open the intermediary network device to network traffic,ii) control traffic flow from one gateway network device to a next gateway network device,iii) continuously monitor network connections to determine when the gateway devices are available to be opened.
1 Assignment
0 Petitions
Accused Products
Abstract
In methods and a device for mitigating against cyber-attack on a network, a distributed intermediary device is placed into a network between computers or network nodes of the network to mitigate cyber-attacks between the computers or nodes of a network from remote systems. Threats are assessed by utilizing internal information assurance mechanisms of the device to detect such cyber-attacks without requiring external modification of the software and/or hardware of the computers or nodes of the network to be protected. The device prevents attacks at the platform level against the OS and network resources.
-
Citations
5 Claims
-
1. A system for identifying malware activity between one of computers and network nodes of a network via an intermediary distributed device, the system comprising:
- a secure layered iterative gateway device (SLIG) comprising;
at least two or more gateway devices configured to; i) provide packet routing access across the intermediary distributed device between said computers or network nodes, ii) use internal sensors to determine if changes have occurred to the operating system, system memory or firmware associated with network interface cards, hard drives and video cards of the at least two or more gateway devices, iii) produce a hash of the state of the at least two or more gateway devices upon deactivation of the at least two or more gateway devices, an attestation server configured to; i) receive messages from each of the at least two or more gateway devices at the beginning of each boot cycle, ii) examine the hashes produced by the at least two or more gateway devices upon de-activation, a physical machine resource manager configured to; i) open the intermediary network device to network traffic, ii) control traffic flow from one gateway network device to a next gateway network device, iii) continuously monitor network connections to determine when the gateway devices are available to be opened. - View Dependent Claims (2, 3, 4, 5)
- a secure layered iterative gateway device (SLIG) comprising;
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeJohns Hopkins University
-
Original AssigneeJohns Hopkins University
-
InventorsByrkit, Mark E., Murray, Francis W.
-
Primary Examiner(s)HENNING, MATTHEW T
-
Application NumberUS14/604,788Publication NumberTime in Patent Office309 DaysField of SearchUS Class Current1/1CPC Class CodesG06F 21/567 using dedicated hardwareG06F 21/57 Certifying or maintaining t...H04L 63/02 for separating internal fro...H04L 63/0236 Filtering by address, proto...H04L 63/0263 Rule managementH04L 63/14 for detecting or protecting...H04L 63/1408 by monitoring network traff...H04L 63/1416 Event detection, e.g. attac...H04L 63/1425 Traffic logging, e.g. anoma...H04L 63/1433 Vulnerability analysisH04L 65/102 Gateways arrangements for c...
