skip to main content
DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Dynamic defense and network randomization for computer systems

Abstract

The various technologies presented herein relate to determining a network attack is taking place, and further to adjust one or more network parameters such that the network becomes dynamically configured. A plurality of machine learning algorithms are configured to recognize an active attack pattern. Notification of the attack can be generated, and knowledge gained from the detected attack pattern can be utilized to improve the knowledge of the algorithms to detect a subsequent attack vector(s). Further, network settings and application communications can be dynamically randomized, wherein artificial diversity converts control systems into moving targets that help mitigate the early reconnaissance stages of an attack. An attack(s) based upon a known static address(es) of a critical infrastructure network device(s) can be mitigated by the dynamic randomization. Network parameters that can be randomized include IP addresses, application port numbers, paths data packets navigate through the network, application randomization, etc.

Inventors:
; ; ; ;
Issue Date:
Research Org.:
Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1452909
Patent Number(s):
9985984
Application Number:
14/923,049
Assignee:
National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
Patent Classifications (CPCs):
G - PHYSICS G06 - COMPUTING G06N - COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
DOE Contract Number:  
AC04-94AL85000
Resource Type:
Patent
Resource Relation:
Patent File Date: 2018 May 29
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Chavez, Adrian R., Stout, William M. S., Hamlet, Jason R., Lee, Erik James, and Martin, Mitchell Tyler. Dynamic defense and network randomization for computer systems. United States: N. p., 2018. Web.
Chavez, Adrian R., Stout, William M. S., Hamlet, Jason R., Lee, Erik James, & Martin, Mitchell Tyler. Dynamic defense and network randomization for computer systems. United States.
Chavez, Adrian R., Stout, William M. S., Hamlet, Jason R., Lee, Erik James, and Martin, Mitchell Tyler. Tue . "Dynamic defense and network randomization for computer systems". United States. https://www.osti.gov/servlets/purl/1452909.
@article{osti_1452909,
title = {Dynamic defense and network randomization for computer systems},
author = {Chavez, Adrian R. and Stout, William M. S. and Hamlet, Jason R. and Lee, Erik James and Martin, Mitchell Tyler},
abstractNote = {The various technologies presented herein relate to determining a network attack is taking place, and further to adjust one or more network parameters such that the network becomes dynamically configured. A plurality of machine learning algorithms are configured to recognize an active attack pattern. Notification of the attack can be generated, and knowledge gained from the detected attack pattern can be utilized to improve the knowledge of the algorithms to detect a subsequent attack vector(s). Further, network settings and application communications can be dynamically randomized, wherein artificial diversity converts control systems into moving targets that help mitigate the early reconnaissance stages of an attack. An attack(s) based upon a known static address(es) of a critical infrastructure network device(s) can be mitigated by the dynamic randomization. Network parameters that can be randomized include IP addresses, application port numbers, paths data packets navigate through the network, application randomization, etc.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {5}
}

Patent:

Save / Share:

Works referenced in this record:

Multiattribute SCADA-Specific Intrusion Detection System for Power Networks
journal, June 2014


Defending against hitlist worms using network address space randomization
journal, August 2007


Host Side Dynamic Reconfiguration with InfiniBand
conference, September 2010


Improving Performance of Anomaly-Based IDS by Combining Multiple Classifiers
conference, July 2011


Nonparametric semi-supervised learning for network intrusion detection: combining performance improvements with realistic in-situ training
conference, January 2012