The Sensitive Number Finder (SENF) Preprocessor for Networks

Background The SENF Client algorithm was originally developed for university staff and faculty to identify sensitive numbers (social security numbers and credit card numbers) residing on individual computers. The client algorithm has been adopted widely, primarily to detect legacy data.

The SENF Preprocessor is a derivative work based on the SENF Client, designed to detect sensitive numbers in open protocols traversing any high-speed, multi-gigabit computer network. A real-time detection of any sensitive data that may be leaking would be indicative of data intrusion, unauthorized access, data theft, or a violation of administrative policies.

Invention Description The SENF algorithm creates a low-level bitmask pattern match of content that resembles sensitive data, and then applies another pattern match, filters, threshold to validate resemblance. The preprocessor, written in C, can be adapted to various hardware and is operating-system independent.

The preprocessor has been engineered for speed and accuracy. It applies thresholds to the different types of matches it finds to determine candidate packets on a network, and excludes a very large number of packets based on rules. It then performs extensive analysis on candidate packets before generating an alert to decrease the likelihood of false positives.

Benefits

Faster, with a high degree of accuracy over a high flow of traffic. Tested in real time on sustained gigabits/second large storage (multi terabyte) networks, and beats any competing solution Very low rate of false positives or false negatives Hardware/OS independent (can be adapted easily) Cost effective: lowers cost of hardware requirements

Features

Unique set of exclusion and validation rules Written in Java/C Simple efficient code: works with much less processing power, as in cheaper hardware

Market Potential/Applications Any network that could potentially be storing sensitive data; could be embedded into any commercially available intrusion prevention system

Development Stage Beta product/commercial prototype

UT Researcher Jason Phelps, Information Security Office, The University of Texas at Austin Sean Reid, Information Security Office, The University of Texas at Austin Daryl Ashley, Information Security Office, The University of Texas at Austin

Type of Offer: Licensing

Contact Patent Owner or Broker


Next Patent »
« More Software Patents

Share on      

CrowdSell Your Patent