Stream splitting moving target defense
Abstract
Systems and methods for utilizing stream splitting Moving Target Defense (MTD) to provide enhanced computer system communication system security by splitting a data stream in to a plurality of paths is described. In some implementations, Stream splitting MTD, involves splitting a single data stream (e.g., TCP stream) into a plurality of discrete units, then sending and receiving those discrete units from and to different (ideally geographically disparate) receiving servers, with the stream being reassembled on the receiving end. The plurality of discrete units of data include resequencing data. The size of each discrete unit may vary depending on the specific implementation, even down to small unit sizes (e.g., a single packet).
- Inventors:
- Issue Date:
- Research Org.:
- Argonne National Lab. (ANL), Argonne, IL (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1568417
- Patent Number(s):
- 10305868
- Application Number:
- 15/282,875
- Assignee:
- UChicago Argonne, LLC (Chicago, IL)
- Patent Classifications (CPCs):
-
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- AC02-06CH11357
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 09/30/2016
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Evans, Nathaniel, and Thompson, Michael. Stream splitting moving target defense. United States: N. p., 2019.
Web.
Evans, Nathaniel, & Thompson, Michael. Stream splitting moving target defense. United States.
Evans, Nathaniel, and Thompson, Michael. Tue .
"Stream splitting moving target defense". United States. https://www.osti.gov/servlets/purl/1568417.
@article{osti_1568417,
title = {Stream splitting moving target defense},
author = {Evans, Nathaniel and Thompson, Michael},
abstractNote = {Systems and methods for utilizing stream splitting Moving Target Defense (MTD) to provide enhanced computer system communication system security by splitting a data stream in to a plurality of paths is described. In some implementations, Stream splitting MTD, involves splitting a single data stream (e.g., TCP stream) into a plurality of discrete units, then sending and receiving those discrete units from and to different (ideally geographically disparate) receiving servers, with the stream being reassembled on the receiving end. The plurality of discrete units of data include resequencing data. The size of each discrete unit may vary depending on the specific implementation, even down to small unit sizes (e.g., a single packet).},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2019},
month = {5}
}
Works referenced in this record:
System and method for leveraging network topology for enhanced security
patent, April 2010
- Garahi, Masood; Stanforth, Peter J.
- US Patent Document 7,697,420