Computer system with moving target defenses against vulnerability attacks

Austin, Todd; Bertacco, Valeria; Gallagher, Mark; Kasikci, Baris

Advanced Search OptionsAdvanced Search queries use a traditional Term Search. For more info, see our FAQ.

All Fields:

Patent Title:

Abstract:

Assignee:

Inventor(s):

Patent Number:

Patent Classification (CPC):

All Classifications
A - human necessities
A01 - agriculture
A21 - baking
A22 - butchering
A23 - foods or foodstuffs
A24 - tobacco
A41 - wearing apparel
A42 - headwear
A43 - footwear
A44 - haberdashery
A45 - hand or travelling articles
A46 - brushware
A47 - furniture
A61 - medical or veterinary science
A62 - life-saving
A63 - sports
A99 - subject matter not otherwise provided for in this section
B - performing operations
B01 - physical or chemical processes or apparatus in general
B02 - crushing, pulverising, or disintegrating
B03 - separation of solid materials using liquids or using pneumatic tables or jigs
B04 - centrifugal apparatus or machines for carrying-out physical or chemical processes
B05 - spraying or atomising in general
B06 - generating or transmitting mechanical vibrations in general
B07 - separating solids from solids
B08 - cleaning
B09 - disposal of solid waste
B21 - mechanical metal-working without essentially removing material
B22 - casting
B23 - machine tools
B24 - grinding
B25 - hand tools
B26 - hand cutting tools
B27 - working or preserving wood or similar material
B28 - working cement, clay, or stone
B29 - working of plastics
B30 - presses
B31 - making articles of paper, cardboard or material worked in a manner analogous to paper
B32 - layered products
B33 - additive manufacturing technology
B41 - printing
B42 - bookbinding
B43 - writing or drawing implements
B44 - decorative arts
B60 - vehicles in general
B61 - railways
B62 - land vehicles for travelling otherwise than on rails
B63 - ships or other waterborne vessels
B64 - aircraft
B65 - conveying
B66 - hoisting
B67 - opening, closing {or cleaning} bottles, jars or similar containers
B68 - saddlery
B81 - microstructural technology
B82 - nanotechnology
B99 - subject matter not otherwise provided for in this section
C - chemistry
C01 - inorganic chemistry
C02 - treatment of water, waste water, sewage, or sludge
C03 - glass
C04 - cements
C05 - fertilisers
C06 - explosives
C07 - organic chemistry
C08 - organic macromolecular compounds
C09 - dyes
C10 - petroleum, gas or coke industries
C11 - animal or vegetable oils, fats, fatty substances or waxes
C12 - biochemistry
C13 - sugar industry
C14 - skins
C21 - metallurgy of iron
C22 - metallurgy
C23 - coating metallic material
C25 - electrolytic or electrophoretic processes
C30 - crystal growth
C40 - combinatorial technology
C99 - subject matter not otherwise provided for in this section
D - textiles
D01 - natural or man-made threads or fibres
D02 - yarns
D03 - weaving
D04 - braiding
D05 - sewing
D06 - treatment of textiles or the like
D07 - ropes
D10 - indexing scheme associated with sublasses of section d, relating to textiles
D21 - paper-making
D99 - subject matter not otherwise provided for in this section
E - fixed constructions
E01 - construction of roads, railways, or bridges
E02 - hydraulic engineering
E03 - water supply
E04 - building
E05 - locks
E06 - doors, windows, shutters, or roller blinds in general
E21 - earth drilling
E99 - subject matter not otherwise provided for in this section
F - mechanical engineering
F01 - machines or engines in general
F02 - combustion engines
F03 - machines or engines for liquids
F04 - positive - displacement machines for liquids
F05 - indexing schemes relating to engines or pumps in various subclasses of classes f01-f04
F15 - fluid-pressure actuators
F16 - engineering elements and units
F17 - storing or distributing gases or liquids
F21 - lighting
F22 - steam generation
F23 - combustion apparatus
F24 - heating
F25 - refrigeration or cooling
F26 - drying
F27 - furnaces
F28 - heat exchange in general
F41 - weapons
F42 - ammunition
F99 - subject matter not otherwise provided for in this section
G - physics
G01 - measuring
G02 - optics
G03 - photography
G04 - horology
G05 - controlling
G06 - computing
G07 - checking-devices
G08 - signalling
G09 - education
G10 - musical instruments
G11 - information storage
G12 - instrument details
G16 - information and communication technology [ict] specially adapted for specific application fields
G21 - nuclear physics
G99 - subject matter not otherwise provided for in this section
H - electricity
H01 - basic electric elements
H02 - generation
H03 - basic electronic circuitry
H04 - electric communication technique
H05 - electric techniques not otherwise provided for
H99 - subject matter not otherwise provided for in this section
Y - new / cross sectional technologies
Y02 - technologies or applications for mitigation or adaptation against climate change
Y04 - information or communication technologies having an impact on other technology areas
Y10 - technical subjects covered by former uspc

More Options ...

Title: Computer system with moving target defenses against vulnerability attacks

Abstract

A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using one or more composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a respective attack information asset protection providing multiple respective attack protections each churn cycle, wherein the respective attack information asset protections may differ.

Inventors:: Austin, Todd; Bertacco, Valeria; Gallagher, Mark; Kasikci, Baris

Issue Date:: 2023-09-05

Research Org.:: Univ. of Michigan, Ann Arbor, MI (United States)

Sponsoring Org.:: USDOE; Defense Advanced Research Projects Agency (DARPA)

OSTI Identifier:: 2222288

Patent Number(s):: 11748490

Application Number:: 17/566,053

Assignee:: The Regents of the University of Michigan (Ann Arbor, MI)

DOE Contract Number:: HR0011-18-C-0019

Resource Type:: Patent

Resource Relation:: Patent File Date: 12/30/2021

Country of Publication:: United States

Language:: English

Citation Formats


                    Austin, Todd, Bertacco, Valeria, Gallagher, Mark, and Kasikci, Baris. Computer system with moving target defenses against vulnerability attacks.  United States: N. p., 2023. 
        Web.

Copy to clipboard


                    Austin, Todd, Bertacco, Valeria, Gallagher, Mark, & Kasikci, Baris. Computer system with moving target defenses against vulnerability attacks.  United States.

Copy to clipboard


                    Austin, Todd, Bertacco, Valeria, Gallagher, Mark, and Kasikci, Baris. Tue .  
        "Computer system with moving target defenses against vulnerability attacks".  United States.  https://www.osti.gov/servlets/purl/2222288.

Copy to clipboard


                    
@article{osti_2222288,

  title        = {Computer system with moving target defenses against vulnerability attacks},

  author       = {Austin, Todd and Bertacco, Valeria and Gallagher, Mark and Kasikci, Baris},

  abstractNote = {A computer system includes an ensemble moving target defense architecture that protects the computer system against attack using one or more composable protection layers that change each churn cycle, thereby requiring an attacker to acquire information needed for an attack (e.g., code and pointers) and successfully deploy the attack, before the layers have changed state. Each layer may deploy a respective attack information asset protection providing multiple respective attack protections each churn cycle, wherein the respective attack information asset protections may differ.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2023},

  month        = {9}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Real-time evaluation of impact- and state-of-compromise due to vulnerabilities described in enterprise threat detection security notes
patent, October 2018

Seifert, Hartwig; Zhang, Nan; Mehta, Harish
US Patent Document 10,102,379
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10102379

System and methods for sandboxed malware analysis and automated patch development, deployment and validation
patent, September 2020

Crabtree, Jason; Sellers, Andrew
US Patent Document 10,783,241
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10783241

Systems and Methods for Patching Vulnerabilities
patent-application, December 2019

Petratos, Spiros; Hogge, Rick; Nuthulapati, Praveen
US Patent Application 15/993338; 20190370471
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20190370471

Reducing buffer overflow
patent, March 2020

Murthy, Praveen K.
US Patent Document 10,585,660
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10585660

Enterprise level cybersecurity automatic remediation
patent, April 2019

DiGiambattista, Ernesto; Bezdedeanu, Andrei; Kail, Michael D.
US Patent Document 10,277,622
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10277622

Timely address space randomization
patent, June 2019

Okhravi, Hamed; Hobson, Thomas R.; Bigelow, David O.
US Patent Document 10,310,991
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10310991

Methods, systems, and media for inhibiting attacks on embedded devices
patent, July 2016

Cui, Ang; Stolfo, Salvatore J.
US Patent Document 9,392,017
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9392017

Methods, systems, and media for injecting code into embedded devices
patent, August 2018

Cui, Ang; Stolfo, Salvatore J.
US Patent Document 10,055,251
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10055251

Systems and methods for controlling access to credentials
patent, September 2020

Li, Feng; Glick, Adam; Schlatter, Brian
US Patent Document 10,769,267
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10769267

Software Protection through Code and Control Flow Data Hiding and Obfuscation
patent-application, May 2019

Wallace, Brooke; Mumme, Dean C.; McGraw, Robert
US Patent Application 16/020726; 20190156025
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20190156025

Threat mitigation system and method
patent, August 2021

Murphy, Brian Philip; Partlow, Joe; O'Connor, Colin
US Patent Document 11,108,798
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11108798

Method for Runtime Mitigation of Software and Firmware Code Weaknesses
patent-application, October 2013

Ofek, David Mor; Weisglass, Yuval
US Patent Application 16/368113; 20190303585
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20190303585

Systems and methods for patching vulnerabilities
patent, March 2020

Petratos, Spiros; Hogge, Rick; Nuthulapati, Praveen
US Patent Document 10,592,677
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/10592677

Dynamic honeypots for computer program execution environments
patent, February 2022

Lieberman, Amit; Natanzon, Assaf; Golan, Oron
US Patent Document 11,240,268
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/11240268

Similar Records in DOE Patents and OSTI.GOV collections:

Multiple operating system rotation environment moving target defense

Patent Evans, Nathaniel; Thompson, Michael

Systems and methods for providing a multiple operating system rotation environment ("MORE") moving target defense ("MTD") computing system are described. The MORE-MTD system provides enhanced computer system security through a rotation of multiple operating systems. The MORE-MTD system increases attacker uncertainty, increases the cost of attacking the system, reduces the likelihood of an attacker locating a vulnerability, and reduces the exposure time of any located vulnerability. The MORE-MTD environment is effectuated by rotation of the operating systems at a given interval. The rotating operating systems create a consistently changing attack surface for remote attackers.
Full Text Available
Moving target defense for a serial communications system

Patent Jenkins, Christipher D.

A moving target defense scheme for a serial communications system is disclosed herein. A bus controller generates and broadcasts a nonce to remote terminals over a bus. The bus controller and the remote terminals generate a randomized sequence based upon the nonce and a shared secret that is shared between the bus controller and the remote terminals. The bus controller broadcasts first messages over the bus on first addresses that are derived from first portions of the randomized sequence. The remote terminals listen for the first messages that are broadcast over the bus on the first addresses. The bus controllermore » « less
Full Text Available
Stream splitting moving target defense

Patent Evans, Nathaniel; Thompson, Michael

Systems and methods for utilizing stream splitting Moving Target Defense (MTD) to provide enhanced computer system communication system security by splitting a data stream in to a plurality of paths is described. In some implementations, Stream splitting MTD, involves splitting a single data stream (e.g., TCP stream) into a plurality of discrete units, then sending and receiving those discrete units from and to different (ideally geographically disparate) receiving servers, with the stream being reassembled on the receiving end. The plurality of discrete units of data include resequencing data. The size of each discrete unit may vary depending on the specificmore » « less
Full Text Available
Software defined networking moving target defense honeypot

Patent Lyle, Joshua A.

Disclosed herein are systems, methods, and storage media for thwarting cyber-attacks and data theft. A computing system receives packets and compares with a configuration resource. The computing system determines that the packet does not match the configuration resource and transmits a packet to a decoy environment via an SDN switch. The decoy environment is configured to generate time-out, service unavailable, or restricted access messages. In some embodiments, the computing system determines the packet does match the configuration and transmits the packet to a production network via an SDN switch. The SDN switch is communicatively connected to the decoy environment throughmore » « less
Full Text Available
Imaging systems and related methods including radar imaging with moving arrays or moving targets

Patent Sheen, David M.; Clark, Richard Trevor

Imaging systems, including radio frequency, microwave and millimeter-wave arrangements, and related methods are described. According to one aspect, an imaging system includes an antenna array, a position capture system configured to generate position information indicative of locations of one of the antenna array and the target at the first and second moments in time, and wherein the one of the antenna array and the target move between the first and second moments in time, a transceiver configured to control the antenna array to emit electromagnetic energy towards the target and to generate an output that is indicative of the receivedmore » « less
Full Text Available

Similar Records

Title: Computer system with moving target defenses against vulnerability attacks

Abstract

Citation Formats

Real-time evaluation of impact- and state-of-compromise due to vulnerabilities described in enterprise threat detection security notes patent, October 2018

System and methods for sandboxed malware analysis and automated patch development, deployment and validation patent, September 2020

Systems and Methods for Patching Vulnerabilities patent-application, December 2019

Reducing buffer overflow patent, March 2020

Enterprise level cybersecurity automatic remediation patent, April 2019

Timely address space randomization patent, June 2019

Methods, systems, and media for inhibiting attacks on embedded devices patent, July 2016

Methods, systems, and media for injecting code into embedded devices patent, August 2018

Systems and methods for controlling access to credentials patent, September 2020

Software Protection through Code and Control Flow Data Hiding and Obfuscation patent-application, May 2019

Threat mitigation system and method patent, August 2021

Method for Runtime Mitigation of Software and Firmware Code Weaknesses patent-application, October 2013

Systems and methods for patching vulnerabilities patent, March 2020

Dynamic honeypots for computer program execution environments patent, February 2022

Real-time evaluation of impact- and state-of-compromise due to vulnerabilities described in enterprise threat detection security notes
patent, October 2018

System and methods for sandboxed malware analysis and automated patch development, deployment and validation
patent, September 2020

Systems and Methods for Patching Vulnerabilities
patent-application, December 2019

Reducing buffer overflow
patent, March 2020

Enterprise level cybersecurity automatic remediation
patent, April 2019

Timely address space randomization
patent, June 2019

Methods, systems, and media for inhibiting attacks on embedded devices
patent, July 2016

Methods, systems, and media for injecting code into embedded devices
patent, August 2018

Systems and methods for controlling access to credentials
patent, September 2020

Software Protection through Code and Control Flow Data Hiding and Obfuscation
patent-application, May 2019

Threat mitigation system and method
patent, August 2021

Method for Runtime Mitigation of Software and Firmware Code Weaknesses
patent-application, October 2013

Systems and methods for patching vulnerabilities
patent, March 2020

Dynamic honeypots for computer program execution environments
patent, February 2022