公开(公告)号：US10540502B1

公开(公告)日：2020-01-21

申请号：US15622434

申请日：2017-06-14

Applicant: Architecture Technology Corporation

Inventor： Robert A. Joyce ,  Scott Aloisio ,  Judson Powers ,  Christopher Dominessy

IPC: G06F21/57 ,  G06F16/22

Abstract: A risk model for a distributed computing system comprises a plurality of tree nodes organized as a tree. For each tree node of the risk model, the tree node corresponds to a respective event that may befall a distributed computing system. An analysis computing system generates data associating a test agent with a target and also generates data associating the test agent with a tree node in the risk model. The test agent performs a data gathering routine that gathers data from the target associated with the test agent. The gathered data may indicate whether the event corresponding to the tree node is occurring. Furthermore, the analysis computing system may perform the data gathering routine according to a recurrence pattern of the data gathering routine. The analysis computing system may output a graphical representation of the data indicating whether the event corresponding to the tree node is occurring.

公开(公告)号：US10346628B2

公开(公告)日：2019-07-09

申请号：US15164673

申请日：2016-05-25

Applicant: Architecture Technology Corporation

Inventor： Daniel James Tingstrom ,  Judson Powers ,  Matthew P. Donovan

IPC: G06F21/53 ,  G06F21/62 ,  H04W12/08 ,  G06F16/22

Abstract: An example method includes selecting, based at least on first and second policies, first and second containers in which to execute first and second applications, respectively. The example method further includes isolating execution of the first application in the first container, and isolating execution of the second application in the second container. The example method also includes applying, based at least on the first policy, a first group of security controls to the first application executing in the first container, wherein the first container defines a first domain in which the first application is executed, and applying, based at least on the second policy, a second group of security controls to the second application executing in the second container, wherein the second container defines a second domain in which the second application is executed.

公开(公告)号：US10284592B1

公开(公告)日：2019-05-07

申请号：US15604875

申请日：2017-05-25

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce ,  Daniel McArdle

IPC: G06F3/00 ,  H04L29/06 ,  G06F21/44 ,  G06F9/455 ,  G06F8/61 ,  G06F9/54

Abstract: An example method includes providing, by a computing system, first randomized configuration information, generating, by the computing system and based on the first randomized configuration information, a first unique instance of a software component, providing second randomized configuration information, wherein the second randomized configuration information is different from the first randomized configuration information, and generating, based on the second randomized configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system, and the first and second unique instances of the software component are each further configured, during execution on the runtime computing system, to output false information to an external computing system.

公开(公告)号：US10200406B1

公开(公告)日：2019-02-05

申请号：US15605168

申请日：2017-05-25

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce ,  Daniel McArdle

IPC: G06F3/00 ,  H04L29/06 ,  G06F9/455 ,  G06F9/54

Abstract: An example method includes providing, by a computing system, first randomized configuration information, generating, by the computing system and based on the first randomized configuration information, a first unique instance of a software component, providing second randomized configuration information, wherein the second randomized configuration information is different from the first randomized configuration information, and generating, based on the second randomized configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system, and the first and second unique instances of the software component are each further configured, during execution on the runtime computing system, to output false information to an external computing system.

公开(公告)号：US10078510B1

公开(公告)日：2018-09-18

申请号：US15785940

申请日：2017-10-17

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Daniel McArdle ,  Robert A. Joyce

IPC: G06F9/44 ,  G06F8/71 ,  G06F8/41 ,  G06F8/61

CPC classification number: G06F8/71 ,  G06F8/4441 ,  G06F8/62

Abstract: In general, the techniques of this disclosure describe a method that includes receiving, by a computing device, a user interaction for identifying one or more undesired features of a software program to be removed. The software program is provisioned on the computing device as a software binary. The method further including identifying, by the computing device, one or more execution paths of the software binary that implement the one or more undesired features. Identifying the one or more execution paths includes outputting an indication directing the user to interact with the one or more undesired features, generating undesired feature information of an execution log, and determining the one or more execution paths using the execution log. The method further includes removing, by the computing device, the one or more execution paths to generate a modified software binary.

公开(公告)号：US10007498B2

公开(公告)日：2018-06-26

申请号：US15228698

申请日：2016-08-04

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce

IPC: G06F3/00 ,  G06F9/44 ,  G06F8/52 ,  G06F8/30 ,  G06F9/54 ,  G06F9/445

CPC classification number: G06F8/52 ,  G06F8/30 ,  G06F8/37 ,  G06F8/41 ,  G06F8/71 ,  G06F9/44568 ,  G06F9/54 ,  G06F21/14 ,  G06F21/57

Abstract: An example method includes generating, by a computing system, first unique configuration information, generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component, generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information, and generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.

公开(公告)号：US09838415B2

公开(公告)日：2017-12-05

申请号：US15295778

申请日：2016-10-17

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Stephen K. Brueckner ,  Kenneth J. Thurber

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/55 ,  G06F9/455

CPC classification number: H04L63/1441 ,  G06F9/45558 ,  G06F21/552 ,  G06F2009/45587 ,  H04L63/02 ,  H04L63/1416 ,  H04L63/20

Abstract: A network node includes enhanced functionality to fight through cyber-attacks. A plurality of virtual machines run at the network node. The network node receives a plurality of transaction requests and distributes a copy of each of the transaction requests to the plurality of virtual machines over a plurality of time steps. Based on the first virtual machine having executed (n) transaction requests in the plurality of transaction requests, the node detects whether any of the virtual machines has been compromised. In response to detecting the plurality of virtual machines includes a compromised virtual machine, the network node isolates the compromised virtual machine. Furthermore, after isolating the compromised virtual machine, the network node may receive a subsequent transaction request and dispatch the subsequent transaction request to the compromised virtual machine. The compromised virtual machine may execute the subsequent transaction request.

公开(公告)号：US20170177314A1

公开(公告)日：2017-06-22

申请号：US15228698

申请日：2016-08-04

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce

IPC: G06F9/45 ,  G06F9/54 ,  G06F9/445 ,  G06F9/44

CPC classification number: G06F8/52 ,  G06F8/30 ,  G06F8/37 ,  G06F8/41 ,  G06F8/71 ,  G06F9/44568 ,  G06F9/54 ,  G06F21/14 ,  G06F21/57

Abstract: An example method includes generating, by a computing system, first unique configuration information, generating, by the computing system and based on the first unique configuration information, a first unique instance of a software component, generating second unique configuration information, wherein the second unique configuration information is different from the first unique configuration information, and generating, based on the second unique configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system.

公开(公告)号：US20170034198A1

公开(公告)日：2017-02-02

申请号：US15295778

申请日：2016-10-17

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Stephen K. Brueckner ,  Kenneth J. Thurber

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  G06F9/45558 ,  G06F21/552 ,  G06F2009/45587 ,  H04L63/02 ,  H04L63/1416 ,  H04L63/20

Abstract: A network node includes enhanced functionality to fight through cyber-attacks. A plurality of virtual machines run at the network node. The network node receives a plurality of transaction requests and distributes a copy of each of the transaction requests to the plurality of virtual machines over a plurality of time steps. Based on the first virtual machine having executed (n) transaction requests in the plurality of transaction requests, the node detects whether any of the virtual machines has been compromised. In response to detecting the plurality of virtual machines includes a compromised virtual machine, the network node isolates the compromised virtual machine. Furthermore, after isolating the compromised virtual machine, the network node may receive a subsequent transaction request and dispatch the subsequent transaction request to the compromised virtual machine. The compromised virtual machine may execute the subsequent transaction request.

Abstract translation: 网络节点包括增强的功能，以打击网络攻击。 多个虚拟机在网络节点运行。 网络节点接收多个事务请求，并且通过多个时间步骤将每个事务请求的副本分发给多个虚拟机。 基于在多个事务请求中执行（n）个事务请求的第一虚拟机，该节点检测虚拟机中的任一个是否已被破坏。 响应于检测到多个虚拟机包括受损的虚拟机，网络节点隔离受损的虚拟机。 此外，在隔离受损的虚拟机之后，网络节点可以接收后续的事务请求，并将后续的事务请求发送到受感染的虚拟机。 被破坏的虚拟机可以执行后续的事务请求。

公开(公告)号：US09501304B1

公开(公告)日：2016-11-22

申请号：US14741388

申请日：2015-06-16

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce

IPC: G06F17/30 ,  H04N7/16 ,  G06F9/455 ,  H04L29/08 ,  G06F21/62 ,  G06F21/60 ,  G06F1/00

CPC classification number: G06F21/606 ,  G06F8/60 ,  G06F9/45504 ,  G06F9/50 ,  H04L67/10 ,  H04L67/34

Abstract: An example method includes identifying a software package that is associated with a software application, wherein the software package includes platform-independent instructions that are configured to perform at least one computational task upon execution, and wherein the platform-independent instructions have a format that is not specific to any particular hardware platform. The method further includes selecting a computing system to perform the at least one computational task, providing, by the selected computing system, a container in which to perform the at least one computational task, obtaining, by the selected computing system, platform-dependent instructions that have been converted from the platform-independent instructions, wherein the platform-dependent instructions have a format that is specific to a hardware platform provided by the selected computing system, executing, by the selected computing system and in the container, the platform-dependent instructions to perform the at least one computational task.

Abstract translation: 示例性方法包括识别与软件应用相关联的软件包，其中所述软件包包括平台无关指令，其被配置为在执行时执行至少一个计算任务，并且其中所述平台无关指令具有格式为 不具体到任何特定的硬件平台。 所述方法还包括选择计算系统以执行所述至少一个计算任务，由所选择的计算系统提供其中执行所述至少一个计算任务的容器，由所选择的计算系统获得与平台相关的指令 已经从与平台无关的指令转换，其中依赖于平台的指令具有特定于由所选计算系统提供的硬件平台的格式，由所选择的计算系统和容器执行与平台相关的 用于执行所述至少一个计算任务的指令。