System for Deterring Malicious Network Attacks

Categories: "Computer Science"

Reference #: 2013-022

OTC Contact: Zeinab Abouissa, 202-687-2702 (Directory Information | Send a Message)

DESCRIPTION

Despite the massive amount of investment in computer security, conventional computer security systems
regularly fail to prevent the capture of sensitive data. Once inside the network, hackers can steal data by
transferring it out over the network to a private computer system and these access attempts will be made as
rapidly as possible so that the data contained in the files can be exfiltrated before the hacker's breach is
discovered and administrators on the compromised network can terminate the hacker's access to the system.
Researchers at Georgetown University’s Department of Computer Science have developed a system and
method to prevent hackers’ access to sensitive data by differentiating the rapid access patterns of hackers from
the access patterns of normal users as well as access patterns of system administrators that also need to quickly
access files for back-up. This is achieved by taking advantage of the mismatch between increasing storage
space in computer systems and the stagnant interface speed by which different hardware components transfer
data in the system. In contrast to the exponential increase in magnetic drive storage capacity, the transfer
speed of the hardware interfaces with which a computer system's magnetic drives interact and transmit data to
other computer system components has not experienced similar exponential growth. Thus, there is a large and
exponentially growing difference between magnetic storage capacity and the interface speeds used to transfer
data from magnetic drives.

Malicious network attacks are prevented by expanding system data files so that it physically takes a longer
time for users to read data from the system's storage media. Because normal users access few files per day
with longer times between each data access, a slower file-access speed (e.g. few seconds) would not be
discerned. However, hackers who attempt to mine sensitive data are faced with a physical bottleneck, which
significantly increases the amount of time necessary to read data from the system and transfer it to the hacker's
private system. Remote hackers are unable to bypass the physical bottleneck because of the need to physically
read an expanded file from the system's storage media. This invention also utilizes an encryption to allow
authorized users who need to access a large number of files to use the system (e.g. administrators can have the
ability to back up the entire file system without running into the physical bottleneck that restrains unauthorized
users).

Advantages

  • “Un-bypassable” security, even if hardware is stolen

  • Allows for backups along fast access path

  • Writing is very fast with some preprocessing

PATENT STATUS

U.S. Patent no. 9,483,640
U.S. Patent no. 10,146,705
U.S. Patent application no. 16/204,623

INVENTORS

Clay Sheilds