What technology area does this patent fall under?

Primary CPC classification G06F9/54. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Feb 05 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Evaluating results of multiple virtual machines that use application randomization mechanism

US10200401B1 · US · B1

Patent metadata
Field	Value
Publication number	US-10200401-B1
Application number	US-201715604957-A
Country	US
Kind code	B1
Filing date	May 25, 2017
Priority date	Dec 17, 2015
Publication date	Feb 5, 2019
Grant date	Feb 5, 2019

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

An example method includes providing, by a computing system, first randomized configuration information, generating, by the computing system and based on the first randomized configuration information, a first unique instance of a software component, providing second randomized configuration information, wherein the second randomized configuration information is different from the first randomized configuration information, and generating, based on the second randomized configuration information, a second unique instance of the software component that is executable on the runtime computing system. The first and second unique instances of the software component comprise different instances of the same software component that each are configured to have uniquely different operating characteristics during execution on the runtime computing system, and the first and second unique instances of the software component are each further configured, during execution on the runtime computing system, to output false information to an external computing system.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: initializing, by a computing system, a plurality of virtual machines (VMs), wherein initializing the plurality of VMs comprises: for at least one particular VM of the plurality of VMs: generating, by the computing system, a randomized instance of an operating system for the particular VM, wherein the randomized instance of the operating system for the particular VM has a randomized Application Binary Interface (ABI), the randomized ABI being a randomized version of an ABI of the operating system; and installing, by the computing system, the randomized instance of the operating system for the particular VM on the particular VM; and deploying, by the computing system, the plurality of VMs; receiving, by the computing system, a series of incoming messages from a client device; distributing, by the computing system, a copy of each incoming message in the series of incoming messages to each VM of the plurality of VMs; receiving, by the computing system, results generated by the plurality of VMs in response to the series of incoming messages, wherein the results generated by the VMs in response to the series of incoming messages include a first result different from a second result if code executing in one of the VMs uses the randomized version of the ABI and code executing in another one of the VMs uses a publicly available version of the ABI, the publicly available version of the ABI being different from the randomized version of the ABI; performing, by the computing system, a comparison on the results; and in response to the comparison revealing that two or more of the results are not the same, performing, by the computing system, a cybersecurity defense action. 2. The method of claim 1 , wherein receiving the results comprises receiving, by the computing system, response messages generated by the plurality of VMs for transmission to the client device. 3. The method of claim 1 , wherein receiving the results comprises receiving, by the computing system, error reports from the plurality of VMs. 4. The method of claim 1 , wherein receiving the results comprises receiving, by the computing system, receiving VM configuration data. 5. The method of claim 1 , wherein the particular VM is a first VM, and wherein an ABI of an operating system of a second VM of the plurality of VMs is the same as the publicly available ABI of the operating system of the second VM. 6. The method of claim 1 , wherein the particular VM is a first VM, wherein the randomized ABI of the randomized instance of the operating system for the first VM is a first randomized ABI, and wherein initializing the plurality of VMs comprises: generating, by the computing system, a randomized instance of the operating system for a second VM of the plurality of VMs, wherein the randomized instance of the operating system for the second VM has a second randomized ABI; and installing, by the computing system, the randomized instance of the operating system for the second VM, wherein the first randomized ABI is different from the second randomized ABI, and neither the first randomized ABI nor the second randomized ABI are the same as the publicly available ABI of the operating system. 7. A computing system comprising: a development computing system comprising a first set of one or more processors; a runtime computing system comprising a second set of one or more processors; a distributor comprising a third set of one or more processors; and a result evaluator comprising a fourth set of one or more processors, wherein the development computing system is configured to: initialize a plurality of virtual machines (VMs), wherein the development computing system is configured such that, as part of initializing the plurality of VMs, the development computing system: for at least one particular VM of the plurality of VMs: generates a randomized instance of an operating system for the particular VM, wherein the randomized instance of the operating system for the particular VM has a randomized Application Binary Interface (ABI), the randomized ABI being a randomized version of an ABI of the operating system; and installs the randomized instance of the operating system for the particular VM on the particular VM; and deploy the plurality of VMs on the runtime computing system, wherein the distributor is configured to: receive a series of incoming messages from a client device; and distribute a copy of each incoming message in the series of incoming messages to each VM of the plurality of VMs, and wherein the result evaluator is configured to: receive results generated by the plurality of VMs in response to the series of incoming messages, wherein the results generated by the VMs in response to the series of incoming messages include a first result different from a second result if code executing in one of the VMs uses the randomized version of the ABI and code executing in another one of the VMs uses a publicly available version of the ABI, the publicly available version of the ABI being different from the randomized version of the ABI; perform a comparison on the results; and in response to the comparison revealing that two or more of the results are not the same, perform a cybersecurity defense action. 8. The computing system of claim 7 , wherein the results comprise response messages generated by the plurality of VMs for transmission to the client device. 9. The computing system of claim 7 , wherein the results comprise error reports from the plurality of VMs. 10. The computing system of claim 7 , wherein the results comprise VM configuration data. 11. The computing system of claim 7 , wherein the particular VM is a first VM and an ABI of an operating system of a second VM of the plurality of VMs is the same as the publicly available ABI of the operating system of the second VM. 12. The computing system of claim 7 , wherein the particular VM is a first VM, and the randomized ABI of the randomized instance of the operating system for the first VM is a first randomized ABI, and the development computing system is configured such that, as part of initializing the plurality of VMs, the development computing system: generates a randomized instance of the operating system for a second VM of the plurality of VMs, wherein the randomized instance of the operating system for the second VM has a second randomized ABI; and installs the randomized instance of the operating system for the second VM on the second VM, wherein the first randomized ABI is different from the second randomized ABI, and neither the first randomized ABI nor the second randomized ABI are the same as the publicly available ABI of the operating system. 13. A non-transitory computer-readable storage medium having instructions stored thereon that, when executed, cause a computing system to: initialize a plurality of virtual machines (VMs), wherein as part of causing the computing system to initialize the plurality of VMs, the instructions cause the computing system to: for at least one particular VM of the plurality of VMs: generate a randomized instance of an operating system for the particular VM, wherein the randomized instance of the operating system for the particular VM has a randomized Application Binary Interface (ABI), the randomized ABI being a randomized version of an ABI of the operating system; and install the randomized instance of the operating system for the particular VM on the particular VM; and deploy the plurality of VMs; receive a series of incoming messages from a client device; distribute a copy of each incoming message in the series of i

Assignees

Architecture Tech Corp

Inventors

Classifications

G06F2221/2127
Bluffing · CPC title
G06F9/54Primary
Interprogram communication · CPC title
G06F2009/45562
Creating, deleting, cloning virtual machine instances · CPC title
G06F21/53
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
G06F21/552
involving long-term monitoring or reporting · CPC title

Patent family

Related publications grouped by family.

View patent family 65200139

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10200401B1 cover?: An example method includes providing, by a computing system, first randomized configuration information, generating, by the computing system and based on the first randomized configuration information, a first unique instance of a software component, providing second randomized configuration information, wherein the second randomized configuration information is different from the first randomi…
Who is the assignee on this patent?: Architecture Tech Corp
What technology area does this patent fall under?: Primary CPC classification G06F9/54. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Feb 05 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).