Secure layered iterative gateway

摘要

In methods and a device for mitigating against cyber-attack on a network, a distributed intermediary device is placed into a network between computers or network nodes of the network to mitigate cyber-attacks between the computers or nodes of a network from remote systems. Threats are assessed by utilizing internal information assurance mechanisms of the device to detect such cyber-attacks without requiring external modification of the software and/or hardware of the computers or nodes of the network to be protected. The device prevents attacks at the platform level against the OS and network resources.

主权项

1. A system for identifying malware activity between one of computers and network nodes of a network via an intermediary distributed device, the system comprising: a secure layered iterative gateway device (SLIG) comprising:
at least two or more gateway devices configured to:
i) provide packet routing access across the intermediary distributed device between said computers or network nodes,ii) use internal sensors to determine if changes have occurred to the operating system, system memory or firmware associated with network interface cards, hard drives and video cards of the at least two or more gateway devices,iii) produce a hash of the state of the at least two or more gateway devices upon deactivation of the at least two or more gateway devices, an attestation server configured to:
i) receive messages from each of the at least two or more gateway devices at the beginning of each boot cycle,ii) examine the hashes produced by the at least two or more gateway devices upon de-activation, a physical machine resource manager configured to:
i) open the intermediary network device to network traffic,ii) control traffic flow from one gateway network device to a next gateway network device,iii) continuously monitor network connections to determine when the gateway devices are available to be opened.