Dynamic loading and configuation of threat detectors based on feedback from other nodes

Assignee

• The Boeing Company · US

Inventors

• Mark Handel · Seattle, US
• Douglas Alan Stuart · Holden, US
• Hugh L Taylor · Mukilteo, US
• Steven A. Dorris · Saint Peters, US
• Brett Michael Wilson · Seattle, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/12
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Artificial Immune Systems (AIS) including the Dendritic Cell Algorithm (DCA) are an emerging method to detect malware in computer systems. The DCA implementation may use an inflammation signal to communicate information among the processes of device or a network or among nodes of a network, where the inflammatory signal indicates a likelihood that a process or a node has been attacked by malicious software. The DCA implementation may dynamically change the malware sensitivity and responsiveness based on the inflammation signals without requiring user intervention. The inflammatory signal includes one or more inflammatory tuples, which may include multiple components such as a strength, a PrimeIndicator, and an optional third element, p. The strength component may be an indication of the magnitude of an attack and provide a degree of certainty of the attack. The PrimeIndicator may be an identifier of the indicator type that is the source of the inflammation tuple.