Cloudbric is an award-winning network security provider with over 20 years of information security expertise. Cloudbric started as an in-house business of Penta Security Systems, the number one professional enterprise web application security provider in the Asia Pacific region. Within 3 years of operation, Cloudbric has successfully expanded its global operations of website security and DDoS protection services to more than 10,000 registered members and organizations, more than 50 global partners and resellers, and more than 25 data centers. In 2018, Cloudbric shifted focus, expanding its services into the blockchain space by providing real-time endpoint device security, encrypted asset protection, and improving its existing web security technology with new patent-pending deep learning AI technology. CLB tokens are used to activate Cloudbric's security system services, pay for security plans, receive service discounts, and rewards.

Project Introduction

Cloudbric started out as an outsourced cloud security service in Penta Security's most advanced web application firewall (WAF) hardware appliance (called WAPPLES) in the market. Cloudbric quickly began to carve out a strong niche, targeting SMBs and general website owners interested in a full-service WAF solution. Cloudbric's enterprise-level solutions can really meet the needs of first-time users, making it easier for them to understand the concept of network security.

Cloudbric has been in operation for two years, with considerable growth in sales and user volume. Notable achievements during the period include: opening more than 25 international points of presence (POP) or service areas; growth of 10,000 users; cooperation with more than 50 global infrastructures , web hosting and distribution alliances to establish partnerships.

Cloudbric's success in the small business niche has also earned recognition from leading industry analyst firms such as Gartner (Magic Quadrant for Web Application Firewalls) and Frost & Sullivan. Cloudbric was also named "Best SMB Security Solution" and "Most Popular Web Application Firewall Company" by SC Magazine Awards Europe 2016 and Cyber ​​Defense Journal respectively. At the end of FY 2017, due to Cloudbric's success in the market, the Cloudbric core executive team decided to create a new company independent of Penta Security Systems, Inc, called Cloudbric Pte Ltd. The Cloudbric core team can focus on the development of artificial intelligence deep learning patented technology designed exclusively for Cloudbric network security. Cloudbric is dedicated to bridging cybersecurity and artificial intelligence. Therefore, Cloudbric will propose the concept of secondary market ICO (Reverse ICO) in fiscal year 2018, and launch a complete set of the most advanced user-centric security solutions on the market.

Project Vision

Although Cloudbric has enough conditions to become a top website security provider, it still desires to provide users with more autonomy and more advanced data protection services. This idea motivates Cloudbric to develop a new general-purpose security platform powered by deep learning.

Cloudbric's deep learning module, VISION, will soon provide a more intelligent detection system to protect various end-user devices, systems and protocols in the new wave of cyber threat attacks. Integrating deep learning technology into Cloudbric's common security platform will allow Cloudbric to be the most accurate and lowest false positive solution on the market. In addition, deep learning will be the backbone of Cloudbric's development of decentralized plans, a cybersecurity ecosystem including the development of a user security reward system, cybersecurity resource tools for developers, and extensive collaboration featuring complementary solutions and services partner network, etc.

Cloudbric's patented deep learning module, VISION, will employ a Convolutional Neural Network (CNN) learning model to leverage multiple attack inputs and data extraction behavioral patterns. More details on Cloudbric's deep learning technology can be found in the appendix Technical Overview section.

The next stage in the evolution of Cloudbric's services will come from the development of a new mobile/PC device security client called Cloudbric SecureWeb Gateway. Cloudbric Secure Web Gateway will enable all Internet users to secure their data communications in various ways. For example, users who download the Cloudbric Security Client will automatically receive 24/7 real-time security protection against malicious spam/phishing URLs and malware-infected files, email protection, and more.

In addition, the main advantage of Secure Web Gateway client is the protection of encrypted electronic assets. The process of transferring private information and accessing encrypted currency assets is very vulnerable to hacker attacks. Over the past year, hackers have stolen millions of dollars in cryptocurrency directly from users or exchanges.

Project advantages

As of now, the technology market is gradually being confused by buzzwords in the industry, such as artificial intelligence, machine learning, deep learning and so on. Properly utilizing and integrating these technologies for a specific purpose is extremely difficult. However, the potential for AI technology's advantages and ability to disrupt the market is endless, which is why Cloudbric's R&D team has been focused on developing an in-house patented deep learning engine for cybersecurity detection. Although Cloudbric has the lowest false positive rate in detecting network attacks in the market, we still hope to find other ways to do our best. Cloudbric also realizes that with continuous traffic monitoring, it is sometimes better to detect cyberattacks with the naked eye. Since it is difficult to spend human resources on logistics to monitor online traffic, Cloudbric's R&D team finally decided to build the world's first deep learning module dedicated to intelligent detection and differentiation of online traffic data.

Traffic conversion volume

At the initial stage of Cloudbric's development, there was no other deep learning module on the market that could correctly convert characters into multiple sets of different images. Cloudbric was able to accomplish this feat by testing two open-source machines based on a convolutional neural network (CNN) architecture. Cloudbric tested both machines and found that both had their merits. The first machine was easier to train, but performed with less accuracy than the second machine. Cloudbric ultimately chose the faster module for network traffic inspection because the latter could not handle the excessive network traffic logs that were continuously updated. After choosing the right machine, the R&D team encountered another problem. When they attempted to use the machine against specialized cyberattacks, the team quickly realized that certain characters in the attack URL could not be contained within the traditional 68 letters (recognizable by the machine). This meant that the Cloudbric team had to find a way to keep machines from any character restrictions, as the site could be built in a variety of languages. The team then applied another patented technique, which reads cyberattacks in UTF-8 hexadecimal format and sends them to deep learning machines. The deep learning machine could now accept any UTF-8-based character, and eventually the team was able to specifically train network traffic recognition as well.

Precise traffic detection

When it comes to machine accuracy, the Cloudbric team came up with a crude but effective solution—incremental learning. Instead of using a single machine to do all the work, the Cloudbric team built four deep learning machines at the same time from the beginning, and each machine had to undergo four weeks of network attack data training. The team then assigns weights to each machine based on their error rate.

Secure Web Gateway

There are many ways to compromise the security of an endpoint device. Rather than partnering with previous endpoint security providers using Cloudbric's extensive resource database, Cloudbric plans to seek to mitigate the above security risks and provide a common platform to protect all user endpoint devices. In addition, the integrated Cloudbric deep learning engine can more effectively pour out new and unknown malware sources, virus-infected files, spam and phishing URLs, etc. This will eventually be packaged into a unified end client called the Cloudbric Secure Web Gateway.

Cloudbric (CLB) cryptocurrency wallet

Cloudbric will develop a more reliable cryptocurrency wallet (preliminary development in early FY2019) using key elements of secure web gateway technology for more secure storage and protection against unnecessary risk of transfers to fraudulent addresses. The Cloudbric CLB crypto wallet will be available on smartphones and PCs. In addition, one of the key features of the CLB encrypted wallet is that the private key of the wallet will never be revealed. Instead, the user will have twelve (12) user-authenticated passwords to activate the wallet. After the wallet is activated, the user will have the option to set a secure password or use biometrics to re-access the wallet.

Threat Database

Cloudbric's decentralized threat intelligence database (compiled by Cloudbric's security systems and real-time user contributions) plans to become the go-to resource for preventing spam and phishing addresses. Cloudbric's Secure Web Gateway will leverage this growing database to block malicious email phishing attacks and/or access to fraudulent websites. Additionally, Cloudbric is also known to transfer funds to fraudulent cryptocurrency addresses listed in decentralized threat intelligence databases.

Data Protection and User Authentication

Cloudbric will prioritize establishing an extensive network of Cloudbric service nodes (data centers) around the world. These service nodes will fully proxy between end users and the rest of the world. Since the basic concept of the Cloudbric Secure Web Gateway is to tunnel traffic through a virtual private network, all traffic will enter and flow through these global service nodes to the end user's device. Each node will monitor all internet connection traffic from the device and allow the user to control the type of traffic flowing in and out of the end device. Although it has the same function as the Cloudbric WAF service, it has more fine-tuned standards to meet the security needs of mobile devices.

Application scenario

Each user account's wallet must deposit or accumulate a certain amount of CLB tokens to activate Cloudbric's security system service (minimum amount has not been determined yet). Unlimited Cloudbric personal global security services will be settled if the user can maintain the CLB account specific limit (whether direct CLB deposit or earned in CLB Security Rewards). Enterprise customers and organizations must use a paid security plan. However, enterprise users who purchase Cloudbric security plans with CLB will be rewarded.

Enterprise customers who purchase monthly service plans using CLB tokens will automatically receive a 50% discount off the Cloudbric catalog price. Users who do not wish to purchase with CLB will still have the option to pay with a valid credit card or PayPal account.

Safe Web Coalition

Cloudbric Secure Network Federation is a tool only available to users of CLB tokens. This is a global network of partners who collectively use Cloudbric's common security platform to protect their businesses and offer exclusive benefits to Cloudbric users in CLB tokens.

Users can check out the latest Safe Web Alliance offers from the Cloudbric Marketplace or partner sites. Each partner is verified with the Safe Web Alliance web seal and displayed on their company homepage. This ensures partner transactions are secure and partners are duly authorized to pay in CLB tokens. All CLB transactions of partners and/or users will be recorded and verified on the blockchain.

Safety Development Ecosystem

All decentralized cyber threat information will be made available to the public as free interactive tools and resources on Cloudbric Labs. Cloudbric Labs beta is available at https://labs.cloudbric.com.

Cloudbric will also seek to promote a new security development ecosystem, encouraging complementary service providers, government agencies or security developers to directly leverage Cloudbric's global threat database to create their own proprietary tools and software. This will help foster innovation, awareness, and adoption of cybersecurity best practices in the wider community.

Potential service providers can consume Cloudbric Labs data through custom APIs. But the total amount of API and cyber threat information (divided into weekly, monthly or annual data increments) will be enforced through the enterprise token management system. Service providers who hold a large amount of CLB tokens in their accounts will have access to a larger amount of cyber threat data. The requirement for a minimum CLB balance per data will be determined by Cloudbric users as part of the user-managed voting system mentioned earlier.