Our New Technology
A key advantage of cloud computing is considered to be increased security resulting from virtualisation that prevents malware propagating from one virtual machine to another, so containment and removal of malware is relatively straightforward. Our research has shown that it is possible to create malware that is aware of the cloud dynamic environment and is able to propagate through the system via hypervisors and even from one virtual machine to another.
This new and innovative technology will counter such threats using a similar self-propagating strategy to exploit the cloud for benign purposes, propagating through the network by efficiently exploiting the dynamic features of the environment.
Protection is initiated by controller software that deploys agents to the nodes of a cloud network susceptible to malware. Each agent can perform anti-malware operations, active defence, network maintenance and/or network health monitoring according to its configuration. To ensure comprehensive protection the controller is able to deploy agents across virtualisation boundaries and hierarchical layers in the network.
The software offers unparalleled security against self-propagating malware agents in cloud-based networks. A key advantage compared to existing software security is its ability to actively search for vulnerabilities in a system in the same way that malware does, enabling it to block these gaps in security before they can be exploited by malware. Its ability to operate in a semi-autonomous fashion reduces the operational resources required.
The distribution of agents across multiple layers of the cloud environment allows collaboration between the agents, forming an expansive, redundant, robust and distributed system suited to surviving the elasticity of the cloud environment.
The technology is suitable for the protection of any major cloudware installation, either as a stand-alone protection system or complementary to existing security software. Anti-virus applications can propagate throughout the cloud environments automatically to trace any potential malware and stops it from spreading the infection, a significant advantage over existing solutions. An additional application will be automated penetration testing to identify system vulnerabilities that can then be rectified by conventional means.
The anti-malware system is currently at the proof-of-concept stage and is ready to be licensed for development into a commercial product. The University is seeking an established security software provider as a partner and licensee. All avenues to the market will be considered, including contract development, KTP, funded studentships and commercial collaboration. Sale of a product by a commercial partner would be linked to suitable royalties to the University. Alternatively, the entire IP package, including the patent application, is available for sale, with the options for further collaboration with the University to commercialise the package.
The technology is protected by a UK patent application, with the expectation of a PCT application once a commercial partner has been identified. The patent is backed up by considerable know-how, which will be made available to any commercial partner for the development of the proof-of-principle demonstrator into a commercial product.
UK patent application number 1604143.6