Systems and methods for dynamic self correcting secure computer systems
地域:
MO
MO Kansas City
摘要
A self-correcting secure computer system is provided. The computer system includes a read-only memory (ROM) device, a random access memory (RAM) device, and at least one processor in communication with the ROM device and the RAM device. The at least one processor is programmed to receive an activation signal, retrieve, from the ROM device, data to execute an operating system, and execute, on the RAM device, the operating system based on the data from the ROM device.
說明書
This application is a continuation in Part of U.S. patent application Ser. No. 16/743,931, filed on Jan. 15, 2020, entitled “SYSTEMS AND METHODS FOR SELF CORRECTING SECURE COMPUTER SYSTEMS,” which is a continuation of U.S. patent application Ser. No. 15/939,496 filed on Mar. 29, 2018, entitled “SYSTEMS AND METHODS FOR SELF CORRECTING SECURE COMPUTER SYSTEMS”, which is hereby incorporated by reference in its entirety.
The field of the invention relates generally to secure computer systems, and more specifically, to systems and methods for having computer systems securely load to prevent persistent attacks.
Currently, operating systems are executed from persistent memory, which increases vulnerability to persistent attacks. Verifying the integrity of an operating system stored in persistent memory may be resource intensive and time consuming. Specifically, persistent storage may have lengthy random access times compared to volatile memory. Tracking changes to an operating system configuration stored in persistent memory may be similarly resource intensive.
In one aspect, a self-correcting secure computer system is provided. The computer system includes a read-only memory (ROM) device, a random access memory (RAM) device, and at least one processor in communication with the ROM device and the RAM device. The at least one processor is programmed to receive an activation signal, retrieve, from the ROM device, data to execute an operating system, and execute, on the RAM device, the operating system based on the data from the ROM device.
權(quán)利要求
What is claimed is:1. A system comprising:a self-correcting secure computer system comprising: a read-only memory (ROM) device; a random access memory (RAM) device; and at least one processor in communication with the ROM device and the RAM device, the at least one processor programmed to: execute, on the RAM device, an operating system based on data from the ROM device; execute a network connection; detect a trigger event in network traffic over the network connection; deactivate the network connection; randomly select and adjust one or more network settings; and reactivate the network connection using the one or more adjusted network settings. 2. The system in accordance with claim 1 , wherein the at least one processor is further programmed to monitor communications over the network connection. 3. The system in accordance with claim 1 , wherein the at least one processor is further programmed to:store a plurality of network settings in a database; and randomly select a network setting to adjust from the plurality of network settings in the database. 4. The system in accordance with claim 1 , wherein the trigger event is at least one of a change in network traffic, a timer, an authentication process, a user switch, initialization of a program, and destination domain change. 5. The system in accordance with claim 1 , wherein the one or more network settings include at least one of user agent, network response, media access control address, virtual private network connections, firewall rules, ports, security protocol, computer name, and network devices. 6. The system in accordance with claim 1 , wherein adjust one or more network settings further comprises:deactivate an active virtual private network; adjust one or more settings of the virtual private network; and create a new virtual private network based on the adjusted one or more settings of the virtual private network. 7. The system in accordance with claim 6 , wherein the at least one processor is further programmed to change encryption type of the virtual private network. 8. The system in accordance with claim 1 , wherein the at least one processor is further programmed to store the one or more network settings to a persistent memory. 9. The system in accordance with claim 1 , wherein the at least one processor is further programmed to store the one or more network settings to the RAM device. 10. The system in accordance with claim 1 , wherein the at least one processor is further programmed to:store a plurality of sets of network connection settings in a persistent memory; and select a set of network connection settings of the plurality of sets of network connection settings for the network connection; and initiate the network connection using the selected set of network connection settings on start-up of the operating system. 11. A method of operating a self-correcting secure computer system comprising a read-only memory (ROM) device, a random access memory (RAM) device, and at least one processor in communication with the ROM device and the RAM device, the method comprising:executing, on the RAM device, an operating system based on data from the ROM device; executing a network connection; detecting a trigger event in network traffic over the network connection; deactivating the network connection; adjusting one or more network settings including at least one of a device name and a media access control address; and reactivating the network connection using the one or more adjusted network settings. 12. A method in accordance with claim 11 further comprising monitoring communications over the network connection. 13. The method in accordance with claim 11 further comprising randomly determining the one or more network settings to adjust. 14. The method in accordance with claim 13 further comprising:storing a plurality of network settings in a database; and randomly selecting a network setting to adjust from the plurality of network settings in the database. 15. The method in accordance with claim 11 , wherein the trigger event is at least one of a change in network traffic, a timer, an authentication process, a user switch, initialization of a program, and destination domain change. 16. The method in accordance with claim 11 , wherein the one or more network settings include at least one of user agent, network response, media access control address, virtual private network connections, firewall rules, ports, security protocol, computer name, and network devices. 17. The method in accordance with claim 11 further comprises:deactivating an active virtual private network; adjusting one or more settings of the virtual private network; and creating a new virtual private network based on the adjusted one or more settings of the virtual private network. 18. A system comprising:a read-only memory (ROM) device; a random access memory (RAM) device; and at least one processor in communication with the ROM device and the RAM device, the at least one processor programmed to: store a plurality of network settings; execute a network connection; monitor communications over the network connection to detect a trigger event in network traffic over the network connection; deactivate the network connection in response to detecting a trigger event; randomly select one or more network settings to adjust from the stored plurality of network settings; adjust the selected one or more network settings; and reactivate the network connection using the adjusted network settings. 19. The system in accordance with claim 18 , wherein the trigger event is at least one of a change in network traffic, a timer, an authentication process, a user switch, initialization of a program, and destination domain change, and wherein the one or more network settings include at least one of user agent, network response, media access control address, virtual private network connections, firewall rules, ports, security protocol, computer name, and network devices. 20. A system comprising:a self-correcting secure computer system comprising: a read-only memory (ROM) device; a random access memory (RAM) device; and at least one processor in communication with the ROM device and the RAM device, the at least one processor programmed to: store a plurality of sets of network connection settings; select a set of network connection settings of the plurality of sets of network connection settings for a network connection; execute, on the RAM device, an operating system based on data from the ROM device; initiate the network connection using the selected set of network connection settings on start-up of the operating system; detect a trigger event based on the network connection; deactivate the network connection; adjust one or more network settings of the network connection; and reactivate the network connection using the one or more adjusted network settings.
意見反饋
使用該功能遇到問題