Dynamic defense and network randomization for computer systems

United States Patent

9,985,984
May 29, 2018
View the Complete Patent at the US Patent & Trademark Office
ADDSec: Artificial Diversity & Defense Security
The various technologies presented herein relate to determining a network attack is taking place, and further to adjust one or more network parameters such that the network becomes dynamically configured. A plurality of machine learning algorithms are configured to recognize an active attack pattern. Notification of the attack can be generated, and knowledge gained from the detected attack pattern can be utilized to improve the knowledge of the algorithms to detect a subsequent attack vector(s). Further, network settings and application communications can be dynamically randomized, wherein artificial diversity converts control systems into moving targets that help mitigate the early reconnaissance stages of an attack. An attack(s) based upon a known static address(es) of a critical infrastructure network device(s) can be mitigated by the dynamic randomization. Network parameters that can be randomized include IP addresses, application port numbers, paths data packets navigate through the network, application randomization, etc.
14/923,049
October 26, 2015
1/1;
H04L 29/06 (20060101); G06N 99/00 (20100101); G05B 19/05 (20060101); H04L 29/12 (20060101); H04L 29/08 (20060101); G06F 11/00 (20060101); G06F 21/00 (20130101); H04N 7/16 (20110101);
;726/1,11-13,22-25
STATEMENT OF GOVERNMENTAL INTEREST This invention was developed under contract DE-AC04-94AL85000 between Sandia Corporation and the U.S. Department of Energy. The U.S. Government has certain rights in this invention.