公开(公告)号：US20190089722A1

公开(公告)日：2019-03-21

申请号：US16085199

申请日：2017-03-15

Applicant: SRI International

Inventor： Gabriela Ciocarlie ,  Michael E. Locasto ,  Cherita Corbett ,  Dejan Jovanovic

IPC: H04L29/06 ,  G06F21/55 ,  H04L29/08

Abstract: Intrusion detection systems and methods monitor legal control messages in an operational control system to detect subtly malicious sequences of control messages with undesirable emergent effects on devices in the operational control system. A message provenance component may investigate system-level correlations between messages rather than detecting if individual messages are anomalous. A semantic fuzzing component may search, based on the operational effect of candidate message sequences, the space of legal messages for sequences that cause actual harm. Behavior oracles may be used to test message sequences to identify sequences that induce drift towards a failure state. The intrusion detection system is able to prevent harm and disruption arising from control messages that individually appear legitimate and benign but that, in combination with other messages, can cause undesirable outcomes.

公开(公告)号：US11741247B2

公开(公告)日：2023-08-29

申请号：US16227599

申请日：2018-12-20

Applicant: SRI International

Inventor： Gabriela Ciocarlie ,  Karim Eldefrawy ,  Tancrede Lepoint

IPC: G06F21/62 ,  G06F21/64 ,  H04L9/00 ,  G06F21/78 ,  G06Q40/08 ,  H04L9/08

CPC classification number: G06F21/62 ,  G06F21/645 ,  G06F21/78 ,  G06Q40/08 ,  H04L9/008 ,  H04L9/085 ,  G06Q2220/10 ,  H04L9/50 ,  H04L2209/46

Abstract: A method, apparatus and system for providing controlled access to data in a distributed computing environment include storing received data to be accessed via the distributed computing environment in at least one storage device, generating at least one integrity data structure identifying at least a storage location of at least a respective portion of the stored data, storing the generated at least one integrity data structure in a block of a blockchain, encrypting the at least one integrity data structure in the block of the blockchain, and selectively providing at least a portion of at least one decryption key for decrypting the encrypted at least one integrity data structure to enable access to the respective portion of the stored data for which the at least one integrity data structure is generated. Additionally, the stored data can be encrypted and a decryption key can be provided for decrypting the stored data.

公开(公告)号：US11689544B2

公开(公告)日：2023-06-27

申请号：US16085199

申请日：2017-03-15

Applicant: SRI International

Inventor： Gabriela Ciocarlie ,  Michael E. Locasto ,  Cherita Corbett ,  Dejan Jovanovic

IPC: G06F21/55 ,  H04L67/12 ,  H04L9/40 ,  H04L67/50

CPC classification number: H04L63/1416 ,  G06F21/552 ,  G06F21/554 ,  H04L63/1408 ,  H04L67/535 ,  H04L67/12

Abstract: Intrusion detection systems and methods monitor legal control messages in an operational control system to detect subtly malicious sequences of control messages with undesirable emergent effects on devices in the operational control system. A message provenance component may investigate system-level correlations between messages rather than detecting if individual messages are anomalous. A semantic fuzzing component may search, based on the operational effect of candidate message sequences, the space of legal messages for sequences that cause actual harm. Behavior oracles may be used to test message sequences to identify sequences that induce drift towards a failure state. The intrusion detection system is able to prevent harm and disruption arising from control messages that individually appear legitimate and benign but that, in combination with other messages, can cause undesirable outcomes.