Abstract
A method for cyber security monitor includes monitoring a network interface that is input-only configured to surreptitiously and covertly receive bit-level, physical layer communication between networked control and sensor field devices. During a training mode, a baseline distinct native attribute (DNA) fingerprint is generated for each networked field device. During a protection mode, a current DNA fingerprint is generated for each networked field device. The current DNA fingerprint is compared to the baseline DNA fingerprint for each networked field device. In response to detect at least one of RAA and PAA based on a change in the current DNA fingerprint to the baseline DNA fingerprint of one or more networked field devices, an alert is transmitted, via an external security engine interface to an external security engine.
Document Type
Patent
Status
Issued
Issue Date
12-26-2023
Patent Number
US 11856012 B2 [ 11,856,012 ]
CPC Classification
H04L63/14
Application number
18/106,533
Assignees
United States of America, as represented by the Secretary of the Air Force, Wright-Patterson AFB, OH (US)
Filing Date
2-7-2023
Recommended Citation
Rondeau, Christopher M., Michael A. Temple, Juan Lopez, Jr., and J. Addison Betances. Passive Physical Layer…. United States Patent 11856012 (B2), issued 26 December 2023. https://scholar.afit.edu/patents/32