System and method for deterring malicious network attacks

US 9,483,640 B2
Filed: 04/01/2014
Issued: 11/01/2016
Est. Priority Date: 04/01/2014
Status: Active Grant

First Claim

Patent Images

1. A computerized method for deterring malicious network attacks, the method being performed by a computer system that comprises one or more processors and one or more storage media operatively coupled to at least one of the processors, the method comprising:

executing instructions on at least one of the processors to generate a plurality of random blocks of data;

generating a first XOR result by using an XOR function with the plurality of random blocks of data as the XOR function inputs;

generating a tail value by using the XOR function with the first XOR result and a random encryption key as the XOR function inputs;

encrypting a designated file using the random encryption key;

writing the plurality of random blocks and the tail value to the at least one storage medium;

writing the encrypted designated file to the at least one storage medium; and

resizing including;

removing designated blocks from the plurality of random blocks to create a subset of random blocks;

generating a new tail value using the XOR function with the random encryption key and the subset of random blocks as the XOR function inputs; and

appending the new tail value to the subset of random blocks.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for deterring malicious network attacks. The system and method is configured to execute instructions on at least one of the processors to generate a plurality of random blocks of data; generate a first XOR result by using the XOR function with the plurality of random blocks of data as the XOR function inputs; generate a tail value by using the XOR function with the first XOR result and a random encryption key as the XOR function inputs; encrypt a designated file using the random encryption key; write the plurality of random blocks and tail value to at least one storage medium; and write the encrypted designated file to at least one storage medium.

8 Citations

30 Claims

1. A computerized method for deterring malicious network attacks, the method being performed by a computer system that comprises one or more processors and one or more storage media operatively coupled to at least one of the processors, the method comprising:
- executing instructions on at least one of the processors to generate a plurality of random blocks of data;
  
  generating a first XOR result by using an XOR function with the plurality of random blocks of data as the XOR function inputs;
  
  generating a tail value by using the XOR function with the first XOR result and a random encryption key as the XOR function inputs;
  
  encrypting a designated file using the random encryption key;
  
  writing the plurality of random blocks and the tail value to the at least one storage medium;
  
  writing the encrypted designated file to the at least one storage medium; and
  
  resizing including;
  
  removing designated blocks from the plurality of random blocks to create a subset of random blocks;
  
  generating a new tail value using the XOR function with the random encryption key and the subset of random blocks as the XOR function inputs; and
  
  appending the new tail value to the subset of random blocks.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - recovering the random encryption key by using the XOR function with the tail value and the plurality of random blocks as the XOR function inputs; and
      
      decrypting the designated file using the recovered random encryption key.
  - 3. The method of claim 1, wherein the random encryption key uses 256 bit ABS security protocol.
  - 4. The method of claim 1, further comprising:
    - encrypting the random encryption key with a public key,wherein the public key has a corresponding private key and the corresponding private key is held by an administrator account.
  - 5. The method of claim 4, wherein access to the private key is based on physical presence at the system.
  - 6. The method of claim 5, wherein physical presence is authenticated by direct console access.
  - 7. The method of claim 5, wherein physical presence is authenticated by a hardware token.
  - 8. The method of claim 5, wherein physical presence is authenticated by a private key stored on portable memory device.
  - 9. The method of claim 1, further comprising:
    - associating at least one random encryption key with a user'"'"'s account.
  - 10. The method of claim 9, wherein the at least one random encryption key corresponds to the last file opened by the user.
  - 11. The method of claim 1, further comprising:
    - reclaiming the storage space represented by the designated blocks.
  - 12. The method of claim 1, further comprising:
    - splitting the designated file into multiple sections to separately encrypt the sections.

13. A computerized method for deterring malicious network attacks, the method being performed by a computer system that comprises one or more processors and one or more storage media operatively coupled to at least one of the processors, the method comprising:
- executing instructions on at least one of the processors to generate a pool of a plurality of random blocks;
  
  computing the XOR result of random blocks in the pool of a plurality of random blocks using the XOR function;
  
  executing instructions on at least one of the processors to select a pre-computed XOR result of random blocks;
  
  generating a tail value by using the XOR function with the pre-computed XOR result and a random encryption key as the XOR function inputs;
  
  encrypting a designated file using the random encryption key; and
  
  appending the tail value and encrypted designated file to the random blocks relating to the pre-computed XOR result.
- View Dependent Claims (14)
- - 14. The method of claim 13, wherein the executing is performed when the system is idle.

15. A computer system for deterring malicious network attacks, the computer system comprising:
- one or more processors;
  
  one or more interfaces operatively coupled to at least one of the processors; and
  
  one or more computer-readable storage media operatively coupled to at least one of the processors and encoded with instructions that, when executed by at least one of the processors, cause the computer system at least to;
  
  execute instructions on at least one of the processors to generate a plurality of random blocks of data;
  
  generate a first XOR result by using the XOR function with the plurality of random blocks of data as the XOR function inputs;
  
  generate a tail value by using the XOR function with the first XOR result and a random encryption key as the XOR function inputs;
  
  encrypt a designated file using the random encryption key;
  
  write the plurality of random blocks and tail value to at least one storage medium; and
  
  write the encrypted designated file to at least one storage medium;
  
  resize by;
  
  removing designated blocks from the plurality of random blocks to create a subset of random blocks;
  
  generating a new tail value using the XOR function with the random encryption key and the subset of random blocks as the XOR function inputs;
  
  appending the new tail value to the subset of random blocks; and
  
  reclaiming storage space represented by the designated blocks.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. The computer system of claim 15, further comprising instructions that cause the computer system at least torecover the random encryption key by using the XOR function with the tail value and the plurality of random blocks as the XOR function inputs;
    - anddecrypt the designated file using the recovered random encryption key.
  - 17. The computer system of claim 15, wherein the random encryption key uses 256 bit AES security protocol.
  - 18. The computer system of claim 15, further comprising instructions that cause the computer system at least toencrypt the random encryption key with a public key,wherein the public key has a corresponding private key and the corresponding private key is held by an administrator account.
  - 19. The computer system of claim 18, wherein access to the private key is based on physical presence at the system.
  - 20. The computer system of claim 19, wherein physical presence is authenticated by direct console access.
  - 21. The computer system of claim 19, wherein physical presence is authenticated by a hardware token.
  - 22. The computer system of claim 19, wherein physical presence is authenticated by a portable memory device comprising the private key.
  - 23. The computer system of claim 15, further comprising instructions that cause the computer system at least tostore at least one random encryption key on a user'"'"'s account.
  - 24. The computer system of claim 23, wherein the at least one stored random encryption key corresponds to the last file opened by the user.
  - 25. The computer system of claim 15, further comprising instructions that cause the computer system at least tosplit the designated file into multiple sections to separately encrypt the sections.

26. A computer system for deterring malicious network attacks, the computer system comprising:
- one or more processors;
  
  one or more interfaces operatively coupled to at least one of the processors; and
  
  one or more computer-readable storage media operatively coupled to at least one of the processors and encoded with instructions that, when executed by at least one of the processors, cause the computer system at least to;
  
  execute instructions on at least one of the processors to generate a pool of a plurality of random blocks;
  
  compute the XOR result of random blocks in the pool of a plurality of random blocks using the XOR function;
  
  execute instructions on at least one of the processors to select a pre-computed XOR result of random blocks;
  
  generate a tail value by using the XOR function with the pre-computed XOR result and a random encryption key as the XOR function inputs;
  
  encrypt a designated file using the random encryption key; and
  
  append the tail value and the encrypted designated file to the random blocks relating to the pre-computed XOR result.
- View Dependent Claims (27, 28)
- - 27. The computer system of claim 26, wherein the executing step is performed when the system is idle.
  - 28. The computer system of claim 26, wherein the one or more storage media is comprised of magnetic drives.

29. A computerized method for deterring malicious network attacks, the method being performed by a computer system that comprises one or more processors and one or more storage media operatively coupled to at least one of the processors, the method comprising:
- executing instructions on at least one of the processors to generate a plurality of random blocks of data;
  
  generating a first XOR result by using an XOR function with the plurality of random blocks of data as the XOR function inputs;
  
  generating a tail value by using the XOR function with the first XOR result and a random encryption key as the XOR function inputs;
  
  encrypting a designated file using the random encryption key;
  
  writing the plurality of random blocks and the tail value to the at least one storage medium; and
  
  writing the encrypted designated file to the at least one storage medium;
  
  resizing by;
  
  generating a new random blocks XOR result by using the XOR function with unused random blocks from the plurality of random blocks as the XOR function inputs;
  
  generating a new and existing random blocks XOR result using the XOR function with the new random blocks XOR result and the first XOR result;
  
  generating a new tail value using the XOR function with the new random blocks XOR result and the new and existing random blocks XOR result as the XOR function inputs; and
  
  appending the unused random blocks and the new tail value to the existing random blocks.

30. A computer system for deterring malicious network attacks, the computer system comprising:
- one or more processors;
  
  one or more computer-readable storage media operatively coupled to at least one of the processors and encoded with instructions that, when executed by at least one of the processors, cause the computer system at least to;
  
  execute instructions on at least one of the processors to generate a plurality of random blocks of data;
  
  generate a first XOR result by using the XOR function with the plurality of random blocks of data as the XOR function inputs;
  
  generate a tail value by using the XOR function with the first XOR result and a random encryption key as the XOR function inputs;
  
  encrypt a designated file using the random encryption key;
  
  write the plurality of random blocks and tail value to at least one storage medium;
  
  write the encrypted designated file to at least one storage medium;
  
  generating a new random blocks XOR result by using the XOR function with unused random blocks from the plurality of random blocks as the XOR function inputs;
  
  generating a new and existing random blocks XOR result using the XOR function with the new random blocks XOR result and the first XOR result;
  
  generating a new tail value using the XOR function with the new random blocks XOR result and the new and existing random blocks XOR result as the XOR function inputs; and
  
  appending the unused random blocks and the new tail value to the existing random blocks.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Georgetown University
Original Assignee
Georgetown University
Inventors
Shields, Thomas Clay
Primary Examiner(s)
Rahman, Shawnchoy

Application Number

US14/242,235
Publication Number

US 20150281273A1
Time in Patent Office

945 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 12/1466   Key-lock mechanism

G06F 21/50   Monitoring users, programs ...

G06F 21/552   involving long-term monitor...

G06F 2212/1052   Security improvement

G06F 2212/402   Encrypted data

G06F 2221/034   Test or assess a computer o...

H04L 63/1408   by monitoring network traff...

H04L 63/1441   Countermeasures against mal...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/32   including means for verifyi...

System and method for deterring malicious network attacks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

8 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for deterring malicious network attacks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links