Abstract: A system and method performs a moving target blind rendezvous by exchanging data through a distributed hash table. The system allows users to securely send small pieces of information over a network while only requiring an exchange of public keys ahead of time. The system relies on the size and resilience of the BitTorrent Distributed Hash Table and the security properties of cryptographic constructions such as Elliptic Curve Diffie-Hellman key exchange and secure one-way hash functions.

Abstract: A system and method performs a moving target blind rendezvous by exchanging data through a distributed hash table. The system allows users to securely send small pieces of information over a network while only requiring an exchange of public keys ahead of time. The system relies on the size and resilience of the BitTorrent Distributed Hash Table and the security properties of cryptographic constructions such as Elliptic Curve Diffie-Hellman key exchange and secure one-way hash functions.

Abstract: The invention dynamically obscures network and transport layer addresses of packets to achieve anonymity, including authentication privacy, as well as protection against tracking and traffic correlation and certain classes of network attacks by combining both intrusion protection with anonymity, avoiding the use of a separate management unit outside the host for distribution of obscured addresses. The invention enables a host to automatically configure obscured addresses and determine the obscured address of the intended recipient without outside involvement, computing addresses based on a set of parameters, and to operate without re-authentication whenever an address changes. The invention enables encryption of the packet payload to prevent traffic correlation. The technology of the invention can be implemented embedded on a host device or as a connected gateway device and requires negligible configuration and is therefore transparent to hosts.

Abstract: The invention dynamically obscures network and transport layer addresses of packets to achieve anonymity, including authentication privacy, as well as protection against tracking and traffic correlation and certain classes of network attacks by combining both intrusion protection with anonymity, avoiding the use of a separate management unit outside the host for distribution of obscured addresses. The invention enables a host to automatically configure obscured addresses and determine the obscured address of the intended recipient without outside involvement, computing addresses based on a set of parameters, and to operate without re-authentication whenever an address changes. The invention enables encryption of the packet payload to prevent traffic correlation. The technology of the invention can be implemented embedded on a host device or as a connected gateway device and requires negligible configuration and is therefore transparent to hosts.

Abstract: Software attacks such as worms and viruses are detected in an electronic device by monitoring power consumption patterns. In a first embodiment, software attacks are detected by an increase in power consumption. The increased power consumption can be caused by increased network traffic, or by increased activity in the microprocessor. Monitoring power consumption is particularly effective for detecting DOS/flooding attacks when the electronic device is in an idle state. In a second embodiment, a power consumption signal is converted to the frequency domain (e.g., by fast Fourier transform). The highest amplitude frequencies are identified. Specific software attacks produce characteristic frequencies in the power consumption signal. Software attacks are therefore detected by matching the highest amplitude frequencies with frequencies associated with specific worms and viruses.

Abstract: Software attacks such as worms and viruses are detected in an electronic device by monitoring power consumption patterns. In a first embodiment, software attacks are detected by an increase in power consumption. The increased power consumption can be caused by increased network traffic, or by increased activity in the microprocessor. Monitoring power consumption is particularly effective for detecting DOS/flooding attacks when the electronic device is in an idle state. In a second embodiment, a power consumption signal is converted to the frequency domain (e.g., by fast Fourier transform). The highest amplitude frequencies are identified. Specific software attacks produce characteristic frequencies in the power consumption signal. Software attacks are therefore detected by matching the highest amplitude frequencies with frequencies associated with specific worms and viruses.