Detecting Covert Attacks on Confidential Data Transfers

Binary code behind a padlock

Available for Licensing
TRL: 2

IP Status

US Provisional Patent

Reference No: 2022-053
Licensing Manager

Aly Hoeher

At a Glance

The proposed method detects data confidentiality attacks in a system of transmitting signals. By reducing the amount of power used to send a signal to a detector, a malicious detector is no longer able to covertly monitor or snoop data. In this manner, the invention provides a novel technique that, when combined with conventional capabilities such as traditional CRC or Hamming codes in network packet headers- provides quick and effective detection of data corruption and data confidentiality attacks having occurred in the optical interconnect part of a transport network.


The ongoing trend of using optical fiber to greater extents in computing and communications technologies increased the amount and types of data that are transmitted over optical networks. An assumption that fiber optical data transmission is inherently safe(r) from cyber threats is proving to be false. The danger to data and confidentiality has migrated from when the data is at rest in hard drives and other storage mechanisms within premises of enterprises and data centers, to when the data is transmitted from a storage location to another point such as a user’s computer.


The proposed methodology utilizes the architecture of the existing network to detect losses by the (data) packets moving from the transmitting point, such as a data center, to the receiving point, such as an enterprise user’s computer.  It checks the amount of laser power required to send the data from the source node to be validated (i.e. correctly detected) at the destination node. If there is a significant variation in this measure, it detects that data confidentiality may have been breached during the transmission.

By integrating this measure into the overall data transmission methodology and incorporating elements such as estimating and accounting for the changes (i.e., losses, gains) due to the distance traveled, amplification of the data, and others; the destination node can decipher if the integrity of the data has been compromised along the way and decide if it should be disregarded as not being authentic.

An illustration of the intended technology to prevent snooping of data in optical networks

Figure 1. A malicious node can filter a small amount of signal for covert data snooping. Using just enough power for the sending data to arrive at the active reading node destination, will lead to data corruption that can be detected and traced back to the snooping.
  •  Improves the ability to securely send data on optical networks
  •  Allows for quick detection of data confidentiality attacks in optical network
  • Simple and effective design can be implemented in photonic integrated circuits without
    any changes to fabrication technique
  •  Can be used in combination with encryption methods to secure data
  • A wide variety of cyber threats, such as hardware Trojans, can be detected and addressed using the proposed method
  • Data security over optical networks
  • Data security in optically-connected processors and chiplet platforms 

Last updated: February 2024