Security Network Interface Controller (SNIC) Preprocessor with Cyber Data Threat Detection and Response Capability that Provides Security Protection for a Network Device with Memory or Client Device with Memory or Telecommunication Device with Memory
Data Input Output (I/O) processing interfaces such as the typical Network Interface Controller (NIC) do not prevent a hacker from accessing sensitive device memory data. The existing typical NIC establishes the cyber data handshake with no data security layer or discriminant response to the data traffic content while performing protocol specification IEEE 802.x. The Security Network Interface Controller SNIC embodiment, collocated with the existing the NIC interface circuit location, provides preprocessing/filtering of the incoming message packet data for malware and Hacker threats, to secure the network device memory and prevent serious damage or data loss. The Security Network Interface Controller (SNIC) embodiment method with autonomous response to the hacker ensures that the device memory is never breached, but the hacker will think they have gained access to the targeted device memory while intelligence on the Hacker is reported.
Provisional Utility patent application 62/7,863,288 filed on/or about 2018 Dec. 29
BACKGROUND OF THE INVENTIONThis invention idea is applicable to receiving and responding to network data traffic originating from Hacker, defined as any unauthorized user attempting to gain access to client memory data information, damage to internet devices, or hold internet devices captive through data message traffic incoming to a client with memory to receive incoming data in which a typical Network Interface Controller (NIC) resides for porting the data traffic or a telecommunications device in which a Radio Frequency typical wireless virtual NIC (VNIC or WNIC) transceiver resides. Data Network message traffic may be received and transmitted by electronic interface circuit devices that use Ethernet cable, coax's, wireless RF or other network message I/O protocol IEEE 802.X or any authorized user of a Client device with memory that uses a typical NIC network cable portal interface(s) or Radio Frequency RF wireless WNIC interface(s) portal to protocol specification IEEE 802.3/X.
Cyber electronic circuit devices with memory use a Network Interface Controller NIC to process client device data flow to and from a cyber network and provide buffering and handshaking operations. A NIC electronic circuit device port operates in accordance but may not be limited to IEEE 802.3/11/14 or similar network specification without a security layer. It simply handles the protocol message traffic for input/output data based on the protocol TCP/IP specification format for the data message throughput. The frame data traffic is moved to the client device memory via interrupt processing from the NIC or WNIC MAC processor(s) to the client device processor in which to move the frame data over the client device data bus to the Client device memory without regard to message content or from where the sender is located. The format of the frame data is described in the IEEE 802.3/X Ethernet specification.
It is desirable to provide typical NIC a security data layer of a preprocessing embodiment architecture collocated with the typical NIC electronic circuit device by adding a microprocessor with embedded code for improved frame data handling processes to obtain a data security network interface controller (SNIC) comprised of an Artificial Intelligent (AI) sequencer that is synchronized with a discriminating comparator circuit and which recognizes frame data threats or malware contained within the network message data I/O traffic frame processes and in which the result is to give an autonomous option spoof response to the Hacker and when a data threat is discovered at the time of SNIC comparator process of threat filter compare process, electronically respond with a deceptive acknowledgement scheme while capturing intelligence on the unaware Hacker and to protect the Client device memory from threat intrusion or contamination of Hacker data by allowing only validated data of integrity to move into the Client device memory. Malware is undesirable and brought in through embedded data links or by attachments of executable files or imbedded links within incoming message data traffic that make it into the Client device memory. Denial of Service (DOS) attacks are launched to overwhelm network devices with NICs. Malware threats can be circumvented by the SNIC autonomously and all message traffic from the Hacker can be safely contained, quarantined and stored, to a write only device memory or retrieved off line for forensic analysis. Spoofing and deception of the Hacker is desirable in which the Hacker will think they got into the targeted site, but autonomously will be directed to an endless address and time out. Each instance of a threat discovery is time stamped, counted and reported from received frame data header of the message data header received and stored in SNIC memory, for reporting the incident to the
Network Operator. If no threat is detected or discovered, the frame data is routed as normal to the Client device memory from the SNIC memory buffer. Removing the data security defense program applications (such as Norton or Fire-shark) from the Client device program memory to the SNIC circuit device memory defensive custom program location, frees the Client device program memory for other application tasks and ensures by SNIC preprocessing, message data content of the Client device memory data base remains secure, safe and non-accessible by the cyber Hacker. Current defensive measures do not work against DOS attacks. The SNIC defeats DOS attacks by a three-tier method. These methods are software algorithms that are called for priority of sender ID and destination routines, hacker attempt to enter count, and spoofing response to the Hacker by the DNIC processor. This tiered method will defeat DOS attacks.
BRIEF SUMMARY OF THE INVENTIONThe architecture of the existing typical Network Interface Controller (NIC) design is mature but archaic due to lack of a data security process layer or data checking means in the NIC design for integrity of the message sender or content data contained in the serial message format. If a threat from a Hacker is sent via the Network to a client device typical NIC interface, the typical NIC is not designed to respond to the Hacker threat autonomously. This SNIC electronic circuit invention adds design hardware and embedded Artificial Intelligence AI code to augment the existing NIC architecture to accomplish internet data traffic content integrity, threat discovery and provide autonomous response to the Hacker, which makes them think they were able to get a desired response from the target destination port address, when in reality, intelligence data is gathered and stored and reported about the Hacker, and reactive responses are generated by the SNIC embodiment, as described in this disclosure, to deceive the Hacker. Additionally, when any content of message received is found to be undesirable. undesirable threat message data is dumped to a SNIC embodiment security memory storage (SMS) device and threat data is deleted to protect the client device memory when 70% SMS capacity is attained. Distributed Denial of Service DDOS attacks are dealt with by the SNIC embodiment AI software using a priority of IP address list, an authorization list and spoofing techniques algorithms.
Currently, only a Firewall responds to a threat by blocking the port access to the network and the Hacker is denied a response from the destination client or server desired. If the NIC Card were designed to upload a known safe list of client addresses through ports to a buffer memory, with which the NIC embodiment could compare the list against the Hacker sender address and port for validity and integrity, then the typical NIC embodiment would have the needed method and processes to make the decision to respond deceptive to the Hacker sender, or redirect all of the senders message packet content data into a secured storage buffer for isolation and quarantine, or being a valid listed sender with acceptable data content, let the sender message packet data pass through the Network Firewall filter to the intended Network client device memory for processing and display.
The SNIC invention embodiment satisfies a network security response to threat or any harmful sender by preprocessing the incoming data message to determine if the message contains embedded links or attachments, then categorizing the threat type before routing the dangerous threat data to the SMS device memory storage and before it is completely validated and authorized to be sent to the client device memory. A timely comparison is made of an authorized users acceptable address from an uploaded list of targeted suspected threat addresses by the SNIC embodiment sequencer processes. Non-authorized address detected by, the SNIC sequencer coded module will return a deceptive ready to receive data acknowledgement header packet. The Hacker gets the response but loses the handshake to establish address contact and data transfer processing to the target contact over the network.
The SNIC provides a security layer that was originally designated in specification IEEE 802.3 in 1986 pre-release document but never implemented. The interface SNIC embodiment collocated with the NIC secures the network data routed to the targeted Client device memory by providing, content malware filtering and making output threat reports. The SNIC embodiment invention interface of preprocess filtering of message content data before Client device memory entry architecture method, can become a typical network device interface security option for a device memory requiring new strong security protection. A replacement of all existing nonsecure NIC interfaces with the SNIC invention embodiment will provide a means to capture the Hacker information and deceive the Hacker while capturing and storing the Hacker response header data for intelligence analysis and generate a status report on Hacker intelligence. All network protocols such as but not limited to, TCP/IP UDP, are handled by the SNIC processor. This disclosure invention idea does not require the Network firewall to block a port as is done when a denial of service (DOS) attack occurs. The SNIC allows all data traffic, but if it is an undesired IP address, the SNIC will deceive the sender to some dead zone while capturing the sender's information for analysis by the Network or Client device and generate a status report containing the header information, a time stamp count of Hacker attempts, and type of attack. The DOS response by the SNIC is determined autonomously as dependent on IP priority, destination IP priority, repetition of received IP, count of repetition and authorization infringement due to malware content.
The SNIC threat data base is initialized by Operator Input 615 with preformatted threat data at port Upload Threat 618. This threat data is moved into RAM storage 619 for later comparison with NIC 602 incoming data RAM memory 614 as determined by the sequencer SNIC Management Register bit settings 644. If the message frame data 603 is clear of threats, the frame data message 603 is moved to Parallel Data Register 612 and serial FIFO Register 610, the SNIC processor 604 generates an interrupt to Client device processor 600 to take the data on the bus from 610 or 612 to the Client device memory bus dependent Client device architecture.
Claims
1. The Security Network Interface Controller (SNIC) comprised of electronic circuit components, utilizes a typical Network Interface Controller (NIC) or RF Wireless Network Interface Controller (WNIC) connected to a collocated SNIC embodiment containing a processor and program memory, connected to a SNIC embodiment start up PROM for initialization of the SNIC embodiment components, connected to a SNIC embodiment Random Access Memory (RAM) buffer memory common to a Client buss, connected to a SNIC embodiment flash memory that stores the software security program, connected to a SNIC embodiment upload interface port and memory to store threat data lists and authorized data lists, connected to a SNIC embodiment threat status memory storage (SMS) as write only memory (WOM) component to capture isolate and quarantine Hacker malware that could have optional forensic analysis and retrieval, connected to a SNIC embodiment set of register indicators for CPU AI program vectoring, connected to a SNIC embodiment output port for reporting Hacker frame header data content by generating SNIC embodiment register status, time stamp and Hacker attempt counts, connected to a unique SNIC embodiment sequencer/comparator to filter incoming data for malware, connected to a SNIC embodiment autonomous action spoofing Hacker response circuit are the hardware/software invention component features of the SNIC embodiment circuit to accomplish preprocessing and gatekeeper methods and processes of network message data integrity, cyber data security, Hacker deception for data traffic to and from a Client device memory and to prevent all known hacker attempts to bridge entry of a targeted network device memory or product device memory or Client device memory from contamination of the data contents or from accessing data from the above device memories that utilize IEEE 802.X protocols for data transmission interactive connections. (See FIGS. 1, 2)
2. The SNIC embodiment electronic circuit device embodiment defined in claim 1 wherein the startup program read only memory (PROM) circuit device will be initialized for the device interface comprising of events cast for the environment in which it is installed in, that may be to include but is not limited to, wired or wireless interfaces or mounted platforms (See FIG. 5).
3. The SNIC embodiment electronic circuit device defined in claim 1 incorporates an AI sequencer/comparator decision making circuit that is a microprocessor driven software program that preprocesses and filters the incoming digitized data located between the NIC or VNIC or WNIC output and the Client Device Memory, automates the threat response and acknowledges handshaking with the threat sender with cyber defensive maneuvers and autonomous responses to a hacker from preprocessed message data content analytics and issues a spoof response to the Hacker when malware is discovered during the filtering process, but allows data through put to the Client device memory if no malware or Hacker threats are found and authorized (See FIGS. 3 and 4).
4. The SNIC embodiment electronic circuit device defined in claim 1 operates with multiple communication protocols but not limited to: Ethernet NIC, RF wireless telecommunications WNIC, custom application security software enabled with Artificial Intelligence (AI) for decision making responses to make the Hacker think entry of the device memory was bridged or obtained but in reality the Hacker was denied the targeted device memory by deception and spoofing AI algorithms, and custom user threat report log generation tailored to user capability and Hacker learning algorithms custom for the SNIC data sequencer program (See FIGS. 5, 6).
5. The SNIC embodiment electronic circuit device defined in claim 1 incorporates a protocol data frame search for threat content and executable software data code, to tag frames with a Management Register alarm bit if bad content data is discovered, to flag frames that have targeted words on incoming messages or threats designated for Client device memory, and set indicators that can be used to generate a status report of flagged data for display on the Network administrators display screen or client screen or printers, but not allowing the message data or data content to go into the targeted device memory of the addressed client device memory (See FIGS. 5, 6).
6. The SNIC electronic circuit device defined in claim 1 and claim 5 method and process claim is that if there are no threat contents in the message and the sender IP is recognized as authorized, then message data will be allowed to process as normal to the device memory and a status report output will show a verification of throughput to Client Device Memory (See FIGS. 3, 4, 5, 11, 12).
7. The SNIC embodiment electronic circuit device defined in claim 1 incorporates an input upload port and memory storage for a list of known Hacker ID and destination address information, known Authorized user ID and destination address and formatted in a priority sequence for each Hacker or Authorized user such that the SNIC sequencer and comparator circuits can filter the incoming data content for malware or dangerous threats to the Client device equipment or to the Client device memory(see FIG. 6).
8. The process and method of claim 7, wherein an authorization list further comprising priority of identification (ID) and destination IP address data code is uploaded to the SNIC embodiment Input Memory and whose content data will be compared to incoming frame data for validation to gain access to the Client Device Memory and if found to be a no match shall not be allowed to gain access to the Client Device Memory.
9. The process and method of claim 1, wherein a specific advantage of using a SNIC embodiment invention is that access to any SNIC embodiment connected Device Memory on a bus controlled by a Device CPU will have preprocessed, filtered and gatekeeper processes at the port of entry NIC or WNIC location which allows only validated data to pass to the Device Memory rather than from a software firewall (such as Wireshark or Norton) which are resident in the Device Memory and immediately bridged by a hacker because the Hacker data has to be in the Device Memory for these products to work.
10. The SNIC electronic circuit device defined in claim 1 negates the need for the Client device to have a need for a resident memory security firewall software program and this post interface processing task is now resident on the SNIC flash memory storage device in a unique algorithm for preprocessing and filtering methods and processes within custom embedded architecture and with Hacker response capability to preprocess and filter the message data to prevent the Client device memory from breach or contamination of data by the Hacker (See FIGS. 5 and 6).
11. The SNIC electronic circuit device defined in claim 1 will replace all typical nonsecure NIC interfaces with either a dongle box SNIC embodiment when a NIC mother board is involved or a drop in SNIC circuit board replacement for a home computer such as a PCI circuit board or as in the case of a portable device such as an I-Phone, Tablet, Laptop, shall be made to fit with the NIC or RF as an additional integrated circuit micro miniaturized collocated component to form a SNIC interface embodiment, the unique invention method and utility of memory security process being the same but not limited to fir (See FIGS. 2, 11, 12).
12. The SNIC embodiment electronic circuit device defined in claim 1, will defeat all known methods of hackers attempts to gain entry into a targeted device memory and adapt from learned experiences how to defeat future forms and methods of hack entry attacks while outputting a status report of such an occurrence and if an undesired occurrence by a Hacker is attempted, all message data will be dumped to a Secure Memory Storage (SMS) device as contaminated data for quarantine and isolation from the bus data traffic to the destination targeted Client device memory while preventing access to the device memory bus (See FIG. 5 520).
13. The process and method of claim 1 and claim 12, wherein a multiple of specific advantages of using a SNIC embodiment invention is that it doesn't give any feedback to the hacker while intelligence is gather on the Hacker, it has an embodiment memory isolation trap SMS where all harmful data is sent and quarantined, it spoofs the hacker and keeps them in the dark to its presence, it will learn and adapt to present and future attacks, it brings security to the beginning of the message process, and it can fit in any network device.
14. The process and method of claim 1 and claim 13, wherein a SNIC containing a typical NIC or WNIC can be architecturally sized for the environment such as a Laptop Computer requiring a dongle attachment to acquire the SNIC embodiment invention when a mother board containing an onboard NIC cannot be back fitted and security for the device memory is needed.
Type: Application
Filed: Feb 1, 2019
Publication Date: Jul 2, 2020
Applicant: SNIC Enterprises LLC MS Registration # 2018286128 (Brandon, MS)
Inventors: Ronald Taylor Ogan (Brandon, MS), Paul Edwin Watson (Forest, MS), Marshall Duane Boyette (Brandon, MS)
Application Number: 16/265,986