Cyber-attacks pose an escalating threat to security and the economy due to a proliferation of sophisticated malware toolkits and a rapidly expanding reliance on Internet Protocol (IP)-based communication. According to Gartner, Inc., the number of connected devices will exceed 8 billion in 2017, and will grow to more than 20 billion by 2020. Many of these devices reside in machine-to-machine (M2M) “Internet of Things” (IoT) networks managing critical infrastructure, sensitive data, and hazardous industrial processes. Each application (for example end-user applications and mobile apps) and device is a potential target or attack platform for malware, compromising traditional trust assumptions between communicating devices. Even networks that have been walled off from the public Internet may be vulnerable due to non-Ethernet interfaces such as USB ports.
Even as confidential data is increasingly maintained online and accessed by remote applications such as personal end-user apps, current technologies are not effective and practical against all cyber-attacks. A compromised device, for instance, may spread malware to additional devices through a virtual private network. Moreover, conventional device-level protection, inclusive of anti-malware software and intrusion detection technology, tends to consume significant computing resources, and may degrade Quality-of-Service (QoS) to an unacceptable level in certain device networks. For instance, it may not be practical to install conventional device-level protection on lightweight edge appliances in IoT networks configured to provide line speed or near line speed performance. Improved end application tools are needed for secure communication of sensitive information such as financial or heath information.
The present disclosure relates, in certain embodiments, to methods, systems, products, software, middleware, computing infrastructure and/or apparatus applicable to device networks with QoS requirements for secure, trusted Ethernet-based communications by applications in the presence of malware attack vectors.