Patents by Inventor Stephen K. Brueckner
Stephen K. Brueckner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10872539Abstract: An example method includes outputting a graphical dashboard that includes one or more learning objective nodes and one or more skill nodes, selecting one or more software agents that are associated with the one or more skill nodes, providing, to at least one host computing system, an indication of the one or more software agents that are configured to collect parameter data from the at least one host computing system while a trainee performs actions, receiving the parameter data collected by the one or more software agents during execution, determining, based on the parameter data, that the one or more skills represented by the one or more skill nodes have been demonstrated by the trainee, and updating the one or more skill nodes to graphically indicate that one or more represented skills have been demonstrated.Type: GrantFiled: September 21, 2018Date of Patent: December 22, 2020Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Stephen K. Brueckner, Matthew P. Donovan
-
Patent number: 10777093Abstract: This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.Type: GrantFiled: August 9, 2018Date of Patent: September 15, 2020Assignee: ARCHITECTURE TECHNOLOGY CORPORATIONInventors: Stephen K. Brueckner, Frank N. Adelstein, Haim Yehuda Bar, Matthew P. Donovan
-
Patent number: 10083624Abstract: An example method includes outputting a graphical dashboard that includes one or more learning objective nodes and one or more skill nodes, selecting one or more software agents that are associated with the one or more skill nodes, providing, to at least one host computing system, an indication of the one or more software agents that are configured to collect parameter data from the at least one host computing system while a trainee performs actions, receiving the parameter data collected by the one or more software agents during execution, determining, based on the parameter data, that the one or more skills represented by the one or more skill nodes have been demonstrated by the trainee, and updating the one or more skill nodes to graphically indicate that one or more represented skills have been demonstrated.Type: GrantFiled: July 28, 2015Date of Patent: September 25, 2018Assignee: Architecture Technology CorporationInventors: Stephen K. Brueckner, Matthew P. Donovan
-
Patent number: 10068493Abstract: This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.Type: GrantFiled: June 30, 2016Date of Patent: September 4, 2018Assignee: Architecture Technology CorporationInventors: Stephen K. Brueckner, Frank N. Adelstein, Haim Yehuda Bar, Matthew P. Donovan
-
Patent number: 9838415Abstract: A network node includes enhanced functionality to fight through cyber-attacks. A plurality of virtual machines run at the network node. The network node receives a plurality of transaction requests and distributes a copy of each of the transaction requests to the plurality of virtual machines over a plurality of time steps. Based on the first virtual machine having executed (n) transaction requests in the plurality of transaction requests, the node detects whether any of the virtual machines has been compromised. In response to detecting the plurality of virtual machines includes a compromised virtual machine, the network node isolates the compromised virtual machine. Furthermore, after isolating the compromised virtual machine, the network node may receive a subsequent transaction request and dispatch the subsequent transaction request to the compromised virtual machine. The compromised virtual machine may execute the subsequent transaction request.Type: GrantFiled: October 17, 2016Date of Patent: December 5, 2017Assignee: Architecture Technology CorporationInventors: Judson Powers, Stephen K. Brueckner, Kenneth J. Thurber
-
Patent number: 9769250Abstract: A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to a trigger, such as determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.Type: GrantFiled: July 2, 2015Date of Patent: September 19, 2017Assignee: Architecture Technology CorporationInventors: Judson Powers, Stephen K. Brueckner, Robert A. Joyce, Kenneth J. Thurber
-
Patent number: 9766986Abstract: A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.Type: GrantFiled: August 27, 2013Date of Patent: September 19, 2017Assignee: Architecture Technology CorporationInventors: Stephen K. Brueckner, Robert A. Joyce, Carl Manson, Hajime Inoue, Kenneth J. Thurber
-
Publication number: 20170034198Abstract: A network node includes enhanced functionality to fight through cyber-attacks. A plurality of virtual machines run at the network node. The network node receives a plurality of transaction requests and distributes a copy of each of the transaction requests to the plurality of virtual machines over a plurality of time steps. Based on the first virtual machine having executed (n) transaction requests in the plurality of transaction requests, the node detects whether any of the virtual machines has been compromised. In response to detecting the plurality of virtual machines includes a compromised virtual machine, the network node isolates the compromised virtual machine. Furthermore, after isolating the compromised virtual machine, the network node may receive a subsequent transaction request and dispatch the subsequent transaction request to the compromised virtual machine. The compromised virtual machine may execute the subsequent transaction request.Type: ApplicationFiled: October 17, 2016Publication date: February 2, 2017Inventors: Judson Powers, Stephen K. Brueckner, Kenneth J. Thurber
-
Publication number: 20170032694Abstract: An example method includes outputting a graphical dashboard that includes one or more learning objective nodes and one or more skill nodes, selecting one or more software agents that are associated with the one or more skill nodes, providing, to at least one host computing system, an indication of the one or more software agents that are configured to collect parameter data from the at least one host computing system while a trainee performs actions, receiving the parameter data collected by the one or more software agents during execution, determining, based on the parameter data, that the one or more skills represented by the one or more skill nodes have been demonstrated by the trainee, and updating the one or more skill nodes to graphically indicate that one or more represented skills have been demonstrated.Type: ApplicationFiled: July 28, 2015Publication date: February 2, 2017Inventors: Stephen K. Brueckner, Matthew P. Donovan
-
Publication number: 20170032695Abstract: This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.Type: ApplicationFiled: June 30, 2016Publication date: February 2, 2017Inventors: Stephen K. Brueckner, Frank N. Adelstein, Haim Yehuda Bar, Matthew P. Donovan
-
Patent number: 9473526Abstract: A survivable network is described in which one or more network device includes enhanced functionality to fight through cyber attacks. A Fight-Through Node (FTN) is described, which may be a combined hardware/software system that enhances existing networks with survivability properties. A network node comprises a hardware-based processing system having a set of one or more processing units, a hypervisor executing on each one of the processing units, and a plurality of virtual machines executing on each of the hypervisor. The network node includes an application-level dispatcher to receive a plurality of transaction requests from a plurality of network communication session with a plurality of clients and distribute a copy of each of the transaction requests to the plurality of virtual machines executing on the network node over a plurality of time steps to form a processing pipeline of the virtual machines.Type: GrantFiled: July 27, 2015Date of Patent: October 18, 2016Assignee: Architecture Technology CorporationInventors: Stephen K. Brueckner, Kenneth J. Thurber
-
Patent number: 9384677Abstract: This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.Type: GrantFiled: April 10, 2015Date of Patent: July 5, 2016Assignee: Architecture Technology CorporationInventors: Stephen K. Brueckner, Frank N. Adelstein, Haim Yehuda Bar, Matthew P. Donovan
-
Publication number: 20150334130Abstract: A survivable network is described in which one or more network device includes enhanced functionality to fight through cyber attacks. A Fight-Through Node (FTN) is described, which may be a combined hardware/software system that enhances existing networks with survivability properties. A network node comprises a hardware-based processing system having a set of one or more processing units, a hypervisor executing on each one of the processing units, and a plurality of virtual machines executing on each of the hypervisor. The network node includes an application-level dispatcher to receive a plurality of transaction requests from a plurality of network communication session with a plurality of clients and distribute a copy of each of the transaction requests to the plurality of virtual machines executing on the network node over a plurality of time steps to form a processing pipeline of the virtual machines.Type: ApplicationFiled: July 27, 2015Publication date: November 19, 2015Inventors: Stephen K. Brueckner, Kenneth J. Thurber
-
Publication number: 20150309831Abstract: A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to a trigger, such as determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.Type: ApplicationFiled: July 2, 2015Publication date: October 29, 2015Inventors: Judson Powers, Stephen K. Brueckner, Robert A. Joyce, Kenneth J. Thurber
-
Publication number: 20150213730Abstract: This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.Type: ApplicationFiled: April 10, 2015Publication date: July 30, 2015Inventors: Stephen K. Brueckner, Frank N. Adelstein, Haim Yehuda Bar, Matthew P. Donovan
-
Patent number: 9094449Abstract: A survivable network is described in which one or more network device includes enhanced functionality to fight through cyber attacks. A Fight-Through Node (FTN) is described, which may be a combined hardware/software system that enhances existing networks with survivability properties. A network node comprises a hardware-based processing system having a set of one or more processing units, a hypervisor executing on each one of the processing units, and a plurality of virtual machines executing on each of the hypervisor. The network node includes an application-level dispatcher to receive a plurality of transaction requests from a plurality of network communication session with a plurality of clients and distribute a copy of each of the transaction requests to the plurality of virtual machines executing on the network node over a plurality of time steps to form a processing pipeline of the virtual machines.Type: GrantFiled: January 27, 2014Date of Patent: July 28, 2015Assignee: Architecture Technology CorporationInventors: Stephen K. Brueckner, Kenneth J. Thurber
-
Publication number: 20150143355Abstract: This disclosure is directed to techniques for providing version control functionality for web services of one or more service oriented architecture (SOA) systems. According to these techniques, a version control service (VCS) may receive an indication of a version update for a first web service. In response to the received request, the VCS determines whether the version update, if executed within the SOA system, will cause a change in operation of a second web service. If the version update will cause a change, VCS provides an indication of the determined change to a user.Type: ApplicationFiled: November 24, 2014Publication date: May 21, 2015Inventors: Daniel James Tingstrom, Robert A. Joyce, Matthew A. Stillerman, Stephen K. Brueckner, Haim Yehuda Bar
-
Publication number: 20150046405Abstract: A server system receives messages from client computing devices. Each of the messages corresponds to a transaction. The server system assigns each respective transaction to a respective fresh virtual machine. Furthermore, the server system performs, as part of a respective virtual machine processing a respective transaction, a modification associated with the respective transaction to a shared database. The shared database is persisted independently of the plurality of virtual machines. In response to determining that processing of the respective transaction is complete, the server system discards the respective virtual machine. In response to determining that the respective transaction is associated with a cyber-attack, the server system uses checkpoint data associated with the respective transaction to roll back the modifications associated with the respective transaction to the shared database.Type: ApplicationFiled: August 27, 2013Publication date: February 12, 2015Applicant: Architecture Technology CorporationInventors: Stephen K. Brueckner, Robert A. Joyce, Carl Manson, Hajime Inoue, Kenneth J. Thurber
-
Publication number: 20140310810Abstract: A survivable network is described in which one or more network device includes enhanced functionality to fight through cyber attacks. A Fight-Through Node (FTN) is described, which may be a combined hardware/software system that enhances existing networks with survivability properties. A network node comprises a hardware-based processing system having a set of one or more processing units, a hypervisor executing on each one of the processing units, and a plurality of virtual machines executing on each of the hypervisor. The network node includes an application-level dispatcher to receive a plurality of transaction requests from a plurality of network communication session with a plurality of clients and distribute a copy of each of the transaction requests to the plurality of virtual machines executing on the network node over a plurality of time steps to form a processing pipeline of the virtual machines.Type: ApplicationFiled: January 27, 2014Publication date: October 16, 2014Applicant: Architecture Technology CorporationInventors: Stephen K. Brueckner, Kenneth J. Thurber
-
Patent number: 8862803Abstract: An apparatus for mediating communication between a universal serial bus (USB) device and a host computing device is described. In an example, the apparatus includes a USB host interface configured to be connected to a downstream USB device, and a USB device interface configured to be connected to an upstream host computing device. The apparatus also includes a mediation module positioned between the USB host interface and the USB device interface and configured to determine whether the USB device is authorized to communicate with the host computing device.Type: GrantFiled: May 31, 2011Date of Patent: October 14, 2014Assignee: Architecture Technology CorporationInventors: Judson Powers, Matthew P. Donovan, Frank N. Adelstein, Michael Kentley, Stephen K. Brueckner