公开(公告)号：US11683333B1

公开(公告)日：2023-06-20

申请号：US17111988

申请日：2020-12-04

Applicant: Architecture Technology Corporation

Inventor： Christopher Dominessy ,  Scott Aloisio ,  Robert A. Joyce

IPC: H04L9/40 ,  H04L43/045 ,  H04L43/06

CPC classification number: H04L63/1433 ,  H04L43/045 ,  H04L43/06 ,  H04L63/1441

Abstract: An example network security and threat assessment system is configured to determine, based on one or more events that have occurred during execution of one or more applications, a potential security vulnerability of a target computing system, where the one or more events correspond to a node represented in the hierarchical risk model. The system is further configured to identify, based on a mapping of the node represented in the hierarchical risk model to a node represented in a hierarchical game tree model, one or more actions that are associated with the potential security vulnerability and that correspond to the node represented in the hierarchical game tree model, and to output, for display in a graphical user interface, a graphical representation of the potential security vulnerability and the one or more actions associated with the potential security vulnerability.

公开(公告)号：US11461477B1

公开(公告)日：2022-10-04

申请号：US16838595

申请日：2020-04-02

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Robert A. Joyce ,  Scott Aloisio ,  Matthew A. Stillerman

IPC: G06F21/60 ,  G06F21/52 ,  G06F21/62 ,  H04L9/12

Abstract: An example method includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform, the nodes including one or more compute nodes and a controller node, and performing at least one of: (a) code-level obfuscation for the distributed computing platform to obfuscate interactions between an external user computing system and the nodes, wherein performing the code-level obfuscation comprises obfuscating data associated with one or more commands provided by the user computing system and sending one or more obfuscated commands to at least one of the nodes in the distributed computing platform; or (b) system-level obfuscation for the distributed computing platform, wherein performing the system-level obfuscation comprises at least one of obfuscating system management tasks that are performed to manage the nodes or obfuscating network traffic data that is exchanged between the nodes.

公开(公告)号：US10554685B1

公开(公告)日：2020-02-04

申请号：US15604850

申请日：2017-05-25

Applicant: Architecture Technology Corporation

Inventor： Daniel McArdle ,  Judson Powers ,  Robert A. Joyce

IPC: H04L29/06 ,  G06F9/4401 ,  G06F9/455 ,  G06F11/20 ,  G06F8/41 ,  G06F8/61

Abstract: For each respective virtual machine (VM) of a plurality of VMs, a distributed computing system generates a unique Application Binary Interface (ABI) for an operating system for the respective VM, compiles a software application to use the unique ABI, and installs the operating system and the compiled software application on the respective VM. A dispatcher node dispatches, to one or more VMs of the plurality of VMs that provide a service and are in the active mode, request messages for the service. Furthermore, a first host device may determine, in response to software in the first VM invoking a system call in a manner inconsistent with the unique ABI for the operating system of the first VM, that a failover event has occurred. Responsive to the failover event, the distributed computing system fails over from the first VM to a second VM.

公开(公告)号：US09766986B2

公开(公告)日：2017-09-19

申请号：US14011642

申请日：2013-08-27

Applicant: Architecture Technology Corporation

Inventor： Stephen K. Brueckner ,  Robert A. Joyce ,  Carl Manson ,  Hajime Inoue ,  Kenneth J. Thurber

IPC: H04L29/06 ,  G06F11/14 ,  G06F9/455 ,  G06F9/46 ,  G06F21/60

CPC classification number: G06F11/1469 ,  G06F9/45533 ,  G06F9/466 ,  G06F21/606 ,  H04L63/145

Abstract: A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.

公开(公告)号：US20150046405A1

公开(公告)日：2015-02-12

申请号：US14011642

申请日：2013-08-27

Applicant: Architecture Technology Corporation

Inventor： Stephen K. Brueckner ,  Robert A. Joyce ,  Carl Manson ,  Hajime Inoue ,  Kenneth J. Thurber

IPC: G06F11/14 ,  G06F9/46 ,  G06F21/60 ,  G06F9/455

CPC classification number: G06F11/1469 ,  G06F9/45533 ,  G06F9/466 ,  G06F21/606 ,  H04L63/145

Abstract: A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.

Abstract translation: 服务器系统从客户端计算设备接收消息。 每个消息都对应一个事务。 服务器系统将每个相应的事务分配给相应的新鲜虚拟机。 此外，服务器系统作为处理相应事务的相应虚拟机的一部分执行与相应事务相关联的修改到共享数据库。 独立于多个虚拟机来保持共享数据库。 响应于确定相应交易的处理完成，服务器系统丢弃相应的虚拟机。 响应于确定相应的交易与网络攻击相关联，服务器系统使用与相应交易相关联的检查点数据来将与相应交易相关联的修改回滚到共享数据库。

公开(公告)号：US20140108414A1

公开(公告)日：2014-04-17

申请号：US13651235

申请日：2012-10-12

Applicant: ARCHITECTURE TECHNOLOGY CORPORATION

Inventor： Matthew A. Stillerman ,  Robert A. Joyce

IPC: G06F17/30

CPC classification number: G06F17/30 ,  G06F17/30312 ,  G06F17/3048

Abstract: In general, techniques are described for an RDF (Resource Description Framework) database system which can scale to huge size for realistic data sets of practical interest. In some examples, a database system includes a Resource Description Framework (RDF) database that stores a plurality of data chunks to one or more storage drives, wherein each of the plurality of data chunks includes a plurality of triples of the RDF database. The database system also includes a working memory, a query interface that receives a query for the RDF database, a SPARQL engine that identifies a subset of the data chunks relevant to the query, and an index interface that includes one or more bulk loaders that load the subset of the data chunks to the working memory. The SPARQL engine executes the query only against triples included within the loaded subset of the data chunks to obtain a query result.

Abstract translation: 一般来说，描述了RDF（资源描述框架）数据库系统的技术，该数据库系统可以扩展到具有实际意义的实际数据集的巨大尺寸。 在一些示例中，数据库系统包括资源描述框架（RDF）数据库，其将多个数据块存储到一个或多个存储驱动器，其中多个数据块中的每一个包括RDF数据库的多个三元组。 数据库系统还包括工作存储器，接收RDF数据库的查询的查询接口，标识与该查询相关的数据块的子集的SPARQL引擎，以及包括一个或多个加载器的批量加载器的索引接口 数据块的子集到工作记忆。 SPARQL引擎只针对包含在加载的数据块子集中的三元组执行查询，以获得查询结果。

公开(公告)号：US11748149B2

公开(公告)日：2023-09-05

申请号：US17943896

申请日：2022-09-13

Applicant: Architecture Technology Corporation

Inventor： Nathan Bahr ,  Robert A. Joyce

IPC: G06F15/16 ,  G06F9/455 ,  H04L9/40 ,  G06F9/50 ,  H04L67/568

CPC classification number: G06F9/45558 ,  G06F9/5077 ,  H04L63/1441 ,  H04L67/568 ,  G06F2009/45587

Abstract: Disclosed herein are embodiments of systems, methods, and products that provide adversary detection and threat hunting. A server may comprise a user side virtual machine facing the cyber protection users, a collection virtual machine facing the at-risk network, and a data repository. The server may receive user requests requesting status data from the at-risk network via the user side virtual machine. The server may collect status data from the at-risk network via the collection virtual machine and store the collected data into the data repository. Different users may request duplicate information from the at-risk network. The server may retrieve the requested information from the data repository for duplicate requests and return the responses immediately for such requests. Because the server does not query the at-risk network for duplicate requests, the server may reduce the amount of bandwidth needed to acquire and distribute the requested information.

公开(公告)号：US11652839B1

公开(公告)日：2023-05-16

申请号：US16401592

申请日：2019-05-02

Applicant: Architecture Technology Corporation

Inventor： Scott Aloisio ,  Robert A. Joyce ,  Kenneth McVearry ,  Mark E. Peters

IPC: G06F21/57 ,  H04L9/40 ,  G06F21/55

CPC classification number: H04L63/1433 ,  G06F21/552 ,  G06F21/577 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1441 ,  G06F2221/034

Abstract: An attack tree model for an aviation system comprises a plurality of tree nodes organized as a tree. For each tree node of the attack tree model model, the tree node corresponds to a respective event that may befall aviation system. An analysis computing system generates one or more attack tree models for the aviation system, wherein the aviation system includes one or more systems, sub-systems, or components. The analysis computing system further performs an assessment of one or more of the system, sub-systems, or components of the aviation system using the one or more attack tree models, and outputs metrics indicative of the assessment.

公开(公告)号：US11522904B2

公开(公告)日：2022-12-06

申请号：US16712576

申请日：2019-12-12

Applicant: Architecture Technology Corporation

Inventor： Daniel McArdle ,  Judson Powers ,  Robert A. Joyce

IPC: H04L29/06 ,  H04L9/40 ,  G06F9/4401 ,  G06F9/455 ,  G06F11/20 ,  G06F8/41 ,  G06F8/61

Abstract: For each respective virtual machine (VM) of a plurality of VMs, a distributed computing system generates a unique Application Binary Interface (ABI) for an operating system for the respective VM, compiles a software application to use the unique ABI, and installs the operating system and the compiled software application on the respective VM. A dispatcher node dispatches, to one or more VMs of the plurality of VMs that provide a service and are in the active mode, request messages for the service. Furthermore, a first host device may determine, in response to software in the first VM invoking a system call in a manner inconsistent with the unique ABI for the operating system of the first VM, that a failover event has occurred. Responsive to the failover event, the distributed computing system fails over from the first VM to a second VM.

公开(公告)号：US11122079B1

公开(公告)日：2021-09-14

申请号：US16377971

申请日：2019-04-08

Applicant: Architecture Technology Corporation

Inventor： Scott Aloisio ,  Robert A. Joyce ,  Paul Nicotera ,  Matthew A. Stillerman

IPC: G06F11/00 ,  H04L29/06 ,  G06F21/14 ,  G06F21/62 ,  G06F12/14

Abstract: An example technique includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform. The nodes include compute nodes that provide resources in the distributed computing platform and a controller node that performs resource management of the resources. The obfuscation computing system serves as an intermediary between the controller node and the compute nodes. The technique further includes outputting an interactive user interface (UI) providing a selection between a first privilege level and a second privilege level, and performing one of: based on the selection being for the first privilege level, a first obfuscation mechanism for the distributed computing platform to obfuscate digital traffic between a user computing system and the nodes, or based on the selection being for the second privilege level, a second obfuscation mechanism for the distributed computing platform to obfuscate digital traffic between the user computing system and the nodes.