| CPC H04L 63/1408 (2013.01) [H04L 41/12 (2013.01); H04L 41/16 (2013.01); H04L 43/026 (2013.01); H04L 43/04 (2013.01); H04L 63/0428 (2013.01)] | 11 Claims |
|
1. A system for remediating computing system breaches by reversibly distributing data, the system comprising:
a memory device with computer-readable program code stored thereon;
a communication device; and
a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code to:
detect a topology of a plurality of computing devices in the network by:
identifying, from the origin network traffic log, one or more outgoing data transfers from one of the plurality of computing devices in the network; and
matching, using the destination network traffic log, the one or more outgoing data transfers with one or more incoming data transfers from one of the plurality of computing devices in the network;
retrieve one or more historical network traffic logs from the plurality of computing devices in the network, wherein the one or more historical network traffic logs comprises an origin network traffic log and a destination network traffic log;
based on the one or more historical network traffic logs, detect one or more data transfers within the plurality of computing devices in the network, wherein each data transfer comprises one or more datasets;
identify a breach vector within a network;
generate a ranked list of likelihood scores for each of the one or more datasets, wherein the likelihood scores reflect a likelihood of the breach vector affecting the one or more datasets and wherein the likelihood scores are dynamically adjusted based on one or more intelligence feeds external to the network;
based on one or more likelihood scores of the ranked list of likelihood scores exceeding a predetermined threshold value, divide each of the one or more datasets into a plurality of partial data packets, wherein each partial data packet comprises a variable size;
encrypt each partial data packet;
transmit each one of the plurality of partial data packets to a different computing device of a plurality of computing devices outside of the network, such that no two partial data packets are transmitted to a same computing device;
determine that the breach vector is not active within the network;
recall each partial data packet from the plurality of computing devices outside of the network; and
rebuild each of the one or more datasets within the network from the plurality of partial data packets.
|