USB baiting method and design
First Claim
1. A method for training personnel with respect to computer security, the method comprising:
- providing a lure device configured to include a universal serial bus (USB) connector or to be connectable using a USB connector, wherein the lure device includes a unique lure device identifier;
providing a data-gathering application to read files and registry entries from a first network-attached computer;
recognizing a plug-in event when the lure device is connected to the first network-attached computer by the registry entries generated in the first network-attached computer in the plug-in event;
reporting the plug-in event to a reporting server; and
associating a user with the first network-attached computer.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for training personnel includes providing a lure device including a unique lure device identifier; providing a data-gathering application to read files and registry entries from a first network-attached computer; recognizing a plug-in event when the lure device is connected to the first network-attached computer; and associating a user with the first network-attached computer. A system includes a lure device including a unique lure device identifier; a first network-attached computer configured to generate a registry entry when the lure device is connected to the first network-attached computer; a data-gathering application configured to determine an identity of the first network-attached computer and to read the registry entry and the lure device identifier on the first network-attached computer; and a reporting application configured to associate a user with the first network-attached computer.
-
Citations
20 Claims
-
1. A method for training personnel with respect to computer security, the method comprising:
-
providing a lure device configured to include a universal serial bus (USB) connector or to be connectable using a USB connector, wherein the lure device includes a unique lure device identifier; providing a data-gathering application to read files and registry entries from a first network-attached computer; recognizing a plug-in event when the lure device is connected to the first network-attached computer by the registry entries generated in the first network-attached computer in the plug-in event; reporting the plug-in event to a reporting server; and associating a user with the first network-attached computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for training personnel with respect to computer security, the system comprising:
-
a lure device configured to include a universal serial bus (USB) connector or to be connectable using a USB connector, wherein the lure device includes a unique lure device identifier; a first network-attached computer configured to generate a registry entry when the lure device is connected to the first network-attached computer; a data-gathering application resident on a second network-attached computer, wherein the data-gathering application is configured to determine an identity of the first network-attached computer, and to read the registry entry and the lure device identifier on the first network-attached computer; and a reporting application configured to receive the identity of the first network-attached computer from the data-gathering application and to associate a user with the first network-attached computer. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A system for training personnel with respect to computer security, the system comprising:
-
a lure device including a unique lure device identifier, wherein the lure device is a portable universal serial bus (USB) drive; a lure file stored on the lure device; a first network-attached computer configured to generate a registry entry when the lure device is connected to the first network-attached computer; a data-gathering application resident on a second network-attached computer, wherein the data-gathering application is configured to determine an identity of the first network-attached computer, and to read the registry entry and the lure device identifier on the first network-attached computer; a reporting application configured to receive the identity of the first network-attached computer from the data-gathering application and to associate a user with the first network-attached computer; and a web server configured to transmit a teachable moment web page to the first network-attached computer when the lure file is activated. - View Dependent Claims (18)
-
-
19. A method for training personnel with respect to computer security, the method comprising:
-
providing a lure device including a unique lure device identifier and a lure file, wherein the lure device is a portable universal serial bus (USB) drive; providing a data-gathering application to read files and registry entries from a first network-attached computer; recognizing a plug-in event when the lure device is connected to the first network-attached computer by the registry entries generated in the first network-attached computer in the plug-in event; associating a user with the first network-attached computer; responding to an activation of the lure file by transmitting a teachable moment web page to the first network-attached computer; and reporting the plug-in event and the lure file activation to a reporting server. - View Dependent Claims (20)
-
Specification