User-customized deceptions and their deployment in networks
First Claim
1. A system for generating and deploying custom deceptions for a network, comprising:
- an administrator computer for generating custom deception entities (CDEs), each CDE comprising parameters including inter alia (i) a type of entity, (ii) conditions for deployment of the CDE, and (iii) a deception type; and
a management server, comprising;
an application programming interface (API) for use by said administrator computer to generate CDEs through a medium of a formal language for specifying deceptions, the formal language comprising keyword placeholders for servers, usernames and passwords; and
a translator for translating formal language CDEs to deceptions that are installable in network endpoint computers, comprising replacing the keyword placeholders for servers, usernames and passwords with actual server names, usernames and passwords,wherein said management computer receives a request from a network endpoint computer to retrieve CDEs, selects CDEs that are relevant to the requesting network endpoint computer based on the parameters of the CDE, translates the selected CDEs to installable deceptions, and transmits the installable deceptions to the network endpoint computer for installation thereon.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for generating and deploying custom deceptions for a network, including an administrator computer for generating custom deception entities (CDEs), each CDE including parameters including inter alia (i) a type of entity, (ii) conditions for deployment of the CDE, and (iii) a deception type, and a management server, comprising an application programming interface for use by the administrator computer to generate CDEs through the medium of a formal language for specifying deceptions, and a translator for translating formal language CDEs to deceptions that are installable in network endpoint computers, wherein the management computer receives a request from a network endpoint computer to retrieve CDEs, selects CDEs that are relevant to the requesting network endpoint computer based on the parameters of the CDE, translates the requested CDEs to installable deceptions, and transmits the installable deceptions to the network endpoint computer for installation thereon.
-
Citations
8 Claims
-
1. A system for generating and deploying custom deceptions for a network, comprising:
-
an administrator computer for generating custom deception entities (CDEs), each CDE comprising parameters including inter alia (i) a type of entity, (ii) conditions for deployment of the CDE, and (iii) a deception type; and a management server, comprising; an application programming interface (API) for use by said administrator computer to generate CDEs through a medium of a formal language for specifying deceptions, the formal language comprising keyword placeholders for servers, usernames and passwords; and a translator for translating formal language CDEs to deceptions that are installable in network endpoint computers, comprising replacing the keyword placeholders for servers, usernames and passwords with actual server names, usernames and passwords, wherein said management computer receives a request from a network endpoint computer to retrieve CDEs, selects CDEs that are relevant to the requesting network endpoint computer based on the parameters of the CDE, translates the selected CDEs to installable deceptions, and transmits the installable deceptions to the network endpoint computer for installation thereon. - View Dependent Claims (2, 3, 4)
-
-
5. A method performed by a management server of a network for generating and deploying custom deceptions for the network, comprising:
-
providing an application programming interface for generating custom deception entities (CDEs) through a medium of a formal language for specifying deceptions, the formal language comprising keyword placeholders for servers, usernames and passwords, each CDE comprising parameters including inter alia (i) a type of entity, (ii) conditions for deployment of the CDE, and (iii) a deception type; receiving a request from a network endpoint computer to retrieve CDEs; selecting CDEs that are relevant to the requesting network endpoint computer based on the parameters of the CDE; translating the selected CDEs from their formal language description to installable deceptions, comprising replacing the keyword placeholders for servers, usernames and passwords with actual server names, usernames and passwords; and transmitting the installable deceptions to the network endpoint computer for installation thereon. - View Dependent Claims (6, 7, 8)
-
Specification