Method and system to protect software-based network-connected devices from advanced persistent threat
First Claim
1. A method of protecting a network-connected device from an advanced persistent threat cyber-attack, the network-connected device having an operating system, a memory, memory instructions holding executable program instructions, and being communication enabled, comprising the steps of:
- authenticating the executable program instructions of the network-connected device using installed routines, the routine installed at a low level of the network device and being correlated to the memory instructions;
detecting the advanced persistent threat due to the presence of rogue software in the memory instructions of the network-connected device by running the routines prior to the device running the executable program instructions; and
locking-down the communications of the network-connected device when rogue software is detected.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of protecting a network-connected device from an advanced persistent threat cyber-attack is provided. A network-connected device having an operating system, a memory, memory instructions holding executable program instructions, and being communication enabled, is protected from an advanced persistent threat by steps of detecting the advanced persistent threat due to the presence of rogue software in the memory instructions of the network-connected device and locking-down the communications of the network-connected device. The network-connected device may be provided with low-level routines that are correlated to the memory instructions. Detecting the advanced persistent threat may be comprised of authenticating the memory instructions of the network-connected device by using the installed low-level routines.
429 Citations
19 Claims
-
1. A method of protecting a network-connected device from an advanced persistent threat cyber-attack, the network-connected device having an operating system, a memory, memory instructions holding executable program instructions, and being communication enabled, comprising the steps of:
-
authenticating the executable program instructions of the network-connected device using installed routines, the routine installed at a low level of the network device and being correlated to the memory instructions; detecting the advanced persistent threat due to the presence of rogue software in the memory instructions of the network-connected device by running the routines prior to the device running the executable program instructions; and locking-down the communications of the network-connected device when rogue software is detected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for protecting a network-connected device from an advanced persistent threat cyber-attack, the network-connected device being wireless communication enabled and having an operating system, a central processing unit, a memory, executable program instructions loaded into the memory;
- the operating system, central processing unit, memory and executable program instructions being communicatively linked;
the system comprising;routines installed in a low-level of the network-connected device, the routines being correlated to the executable program instructions before the network-connected device is deployed for the first time; the central processing unit being configured to allow the routines to authenticate the executable program instructions before the central processing unit executes the program instructions; the routines being configured to lock-down communications between the network-connected device and other devices if the routine finds instructions in the memory which do not correlate to the executable program instructions in the memory. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- the operating system, central processing unit, memory and executable program instructions being communicatively linked;
Specification