Cloud protection techniques
First Claim
1. A non-transitory computer-readable storage medium comprising executable instructions that when executed by one or more processors perform a method to:
- detect a security event indicating an intruder is operating within a source environment;
migrate resources of the source environment to a target environment;
generate fake resources to represent the resources within the source environment and creating a fake processing environment of the source environment with the fake resource operational within the fake processing environment as a combination of fake services, fake systems, fake directories, and fake data stores; and
log actions taken by the intruder against the fake resources during migration of the resources to the target environment.
4 Assignments
0 Petitions
Accused Products
Abstract
Cloud protection techniques are provided. A security breach is detected in a source cloud environment. An enterprise system processing in the source cloud environment is immediately locked down and is dynamically migrated to a target cloud environment. While the enterprise system is migrating, the source cloud environment creates a fake environment with fake resources within the source cloud environment to dupe an intruder having access as a result of the security breach. Metrics and logs are gathered with respect to activities of the intruder within the source cloud environment.
23 Citations
8 Claims
-
1. A non-transitory computer-readable storage medium comprising executable instructions that when executed by one or more processors perform a method to:
-
detect a security event indicating an intruder is operating within a source environment; migrate resources of the source environment to a target environment; generate fake resources to represent the resources within the source environment and creating a fake processing environment of the source environment with the fake resource operational within the fake processing environment as a combination of fake services, fake systems, fake directories, and fake data stores; and log actions taken by the intruder against the fake resources during migration of the resources to the target environment. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising:
-
a source cloud processing environment comprising;
resources, at least one hardware processor, and non-transitory computer-readable storage medium having executable instructions;a target cloud processing environment comprising;
an instance of the resources, at least one hardware processor, and non-transitory computer-readable storage medium having executable instructions;the at least one hardware processor of the source cloud processing environment executes the executable instructions from the non-transitory computer-readable storage medium of the source cloud processing environment, and wherein the executable instructions of the source cloud processing environment is configured to perform processing to;
i) detect an unauthorized intruder operating in the source cloud processing environment, ii) migrate the instance to the target cloud processing environment, iii) generate fake resources representing the resources in the source cloud processing environment with the fake resource operational within the source cloud processing environment as a combination of fake services, fake systems, fake directories, and fake data stores, iv) create one or more honeypots through configured interactions between the fake resources within the source cloud processing environment, v) monitor actions taken by the unauthorized intruder during migration to the target cloud processing environment, and vi) shut down the source cloud processing environment once the instance is operational in the target cloud processing environment. - View Dependent Claims (8)
-
Specification