A novel approach
Our Reflex solution is a paradigm shift in the approach to information systems security. Currently, security companies generally only identify malicious code that can attack the system. However, this approach allows about 35% of attacks that have not been identified as malicious code, which makes the system vulnerable or even non-operational.
The Reflex solution revolutionises the security approach by reversing the procedure. Instead of focusing on identifying malicious code to prevent attacks, it acts as soon as the attack occurs to assess the risks and eradicate them before they attack the system. Thus, it is not a question of how to prevent the malicious code from entering the electronic zone of the organization, but rather to understand how code operates inside the system in order to neutralize it and restart the system if necessary.
Our method is inspired by the human immune system. In fact, when the body is attacked, it will trigger a chain of reactions that can be simplified as follows: Detection cells identify the infection, then communicate the information to the immune system that sends macrophage cells to destroy the infected cell. And finally, the immune system creates a healthy cell to replace the infected cell.
Our solution proceeds in the same way, it consists of three distinct entities: the patrol systems, the governor and the activator that interact in the following way.
- Patrol system detect the malfunction
- Patrol systems send this information to the governor
- The governor studies the nature of the malicious code and assesses the risk impact on the information system.
- The governor orders the activator to disable the action of the malicious code, or even turn off the infected system and replace it with a healthy system.
Proposes different monitoring systems that control the availability and integrity of a computer system, as well as an extrusion prevention system that controls all outgoing messages to ensure confidentiality. Reflex guarantees optimal security while minimizing the duration of system malfunction.
In May 2004, at the Black Hat during the Black Hat event in Las Vegas, Paul Simmonds confirmed that the security of the electronic perimeter is obsolete and proposed de-digitization. Deperimeterisation is a security approach that refers to a Two-Sided Triple Authentication (user, application, and system), as described in the NIST-800 Handbook.
In June 2004, Derek Buelma of the SANS Institute published an article entitled “Enforcing Policy at the Perimeter”. In this article, Derek has proposed a corporate security policy that includes security patch automation, Honey Pot and Sand Box strategies, and intrusion detection systems.
In July 2004, knowing that Derek Buelma’s approach is considered obsolete by Paul Simmonds, and that the approach of Paul Simmonds is very difficult to implement, Michel Paschalidés, then lecturer at the University of Applied Sciences , proposed the fluctuant perimeterisation approach.
Fluctuant perimeterisation is inspired by both the defense system of the HIV virus and fractalisation. Any biological organism has pores. Thanks to these pores, the micro-organism can breathe and feed itself, but at the same time, drugs can reach and kill it. The HIV virus has the peculiarity of having pores with sensors capable of opening or closing the pores according to the surrounding risks. In the same way, the fluctuant perimeterisation proposes a computer system having several ports equipped with patrollers able to open or close the ports according to the risks incurred.
In April 2017, Michel Paschalidés, then CTO of Cybernis Ltd, proposes Bio-Morphic perimetrisation. proposes Bio-Morphic perimetrisation combines two features, Fluctuant perimeterisation and activators. These activators are inspired by the role played by macrophages in the human immune system. Indeed, when the immune system detects a white blood cell infected by a virus, it sends a macrophage that eats the infected cell, the body can then replace it with a healthy cell. In the same way, in bio-morphic perimetry, the activator extinguishes the infected system which is then replaced by a healthy system.