Network security system and method

US 20030208694A1
Filed: 04/28/2003
Published: 11/06/2003
Est. Priority Date: 05/03/2002
Status: Active Grant

First Claim

Patent Images

1. A network security system for examining and processing a a user request for an inner data system, said network security system comprising:

a reaction system;

an examination module for receiving the user request and determining whether the user request satisfies a predetermined safety condition for producing a examination result; and

a redirect system for receiving the examination result, wherein the redirect system transmits the user request to the inner data system if the examination result shows the safety condition is satisfied, and the redirect system transmits the user request to the reaction system and the reaction system provides response contents according to the user request with a predetermined response method if the examination result shows the user request fails to satisfy the safety condition, and wherein the response contents has a same format as a response result of the inner data system if the user request is transmitted to the inner data system.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network security system and method for reacting to unauthorized data access in an inner data system by combining a redirect system is described. The examples of the redirect system include modified firewalls, IP sharing devices and gateways with examining mechanism. A user request is transmitted to the inner data system via the redirect system if the user request satisfies a certain safety condition. Otherwise, the user request is transmitted to a reaction system which provides virtual data similar to real data so that unauthorized users have the illusion of successfully hacking the inner data system. Meanwhile, the illegal activities are recorded and certain programs like Trojan programs can be used for executing reactions.

49 Citations

View as Search Results

26 Claims

1. A network security system for examining and processing a a user request for an inner data system, said network security system comprising:
- a reaction system;
  
  an examination module for receiving the user request and determining whether the user request satisfies a predetermined safety condition for producing a examination result; and
  
  a redirect system for receiving the examination result, wherein the redirect system transmits the user request to the inner data system if the examination result shows the safety condition is satisfied, and the redirect system transmits the user request to the reaction system and the reaction system provides response contents according to the user request with a predetermined response method if the examination result shows the user request fails to satisfy the safety condition, and wherein the response contents has a same format as a response result of the inner data system if the user request is transmitted to the inner data system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The network security system of claim 1, wherein the examination module is selectively coupled to either the reaction system or the redirect system.
  - 3. The network security system of claim 1, wherein the reaction system has an interface for a system administrator to set selectively multiple response contents of the response method.
  - 4. The network security system of claim 2, wherein the interface of the reaction system also allows the system administrator to set selectively a reaction number, wherein the reaction number is the maximum number of the user requests failing to satisfy the safety condition for the reaction system in a unit of time.
  - 5. The network security system of claim 1, wherein the predetermined method of the reaction system comprises recording at least one successive action of the user after the user receives the response contents.
  - 6. The network security system of claim 5, wherein the predetermined method of the reaction system further comprises tracing related user information.
  - 7. The network security system of claim 1, wherein the response contents of the reaction system are virtual, non-secure data.
  - 8. The network security system of claim 7, wherein the reaction system provides an interface for a system administrator to set contents of the virtual data and the virtual data selectively contain at least one reaction program.
  - 9. The network security system of claim 1, wherein the redirect system is a hardware firewall system and the examination module is a firmware in the hardware firewall system, wherein the firmware is modified to change the safety condition.
  - 10. The network security system of claim 1, wherein the redirect system is a software firewall system.
  - 11. The network security system of claim 1, wherein the safety condition is whether a number of failed user login attempts exceeds a predetermined number.
  - 12. The network security system of claim 1, wherein the safety condition is whether the user request contains a predetermined instruction.
  - 13. The network security system of claim 1, wherein the safety condition is to detect an identification code of the user request by an electronic device, and the identification code is selectively generated using an encryption method.

14. A network security method for examining and processing a request of a user corresponding to an inner data system, the method comprising:
- receiving the user request;
  
  examining whether the user request satisfies a predetermined safety condition for generating an examination result;
  
  a redirect system transmitting the user request to the inner data system if the examination result shows that the user request satisfies the safety condition, and the redirect system transmitting the user request to a reaction system if the user request fails to satisfy the safety condition, wherein the reaction system the reaction system provides response contents according to the user request by a predetermined response method, and wherein the response contents has a same format as a response result of the inner data system if the user request is transmitted to the inner data system.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The method of claim 14, wherein the predetermined response method is selectively set by a system administrator.
  - 16. The method of claim 14, wherein an examination module is provided for examining whether the user request satisfies the safety condition and the examination module is selectively coupled to the redirect system or the reaction system.
  - 17. The method of claim 14, wherein reaction system provides an interface for a system administrator to set the predetermined response method.
  - 18. The method of claim 17, wherein the interface of the reaction system further allows the system administrator to set a reaction number, wherein the reaction number is the maximum number of user requests failing to satisfy the safety condition for the reaction system in a unit of time.
  - 19. The method of claim 17, wherein the predetermined method of the reaction system further comprises tracing related user information.
  - 20. The method of claim 14, wherein the reaction system provides an interface for a system administrator to set contents of the virtual data and the virtual data selectively contain at least one reaction program.
  - 21. The method of claim 14, wherein the reaction system provides an interface for a system administrator to set contents of the virtual data and the virtual data selectively contain at least one reaction program.
  - 22. The method of claim 14, wherein the redirect system is a hardware firewall system and the examination module is a firmware in the hardware firewall system, wherein the firmware is modified to change the safety condition.
  - 23. The method of claim 14, wherein the redirect system is a software firewall system.
  - 24. The method of claim 14, wherein the safety condition is whether a number of failed user login attempts exceeds a predetermined number.
  - 25. The method of claim 14, wherein the safety condition is whether the user request contains a predetermined instruction.
  - 26. The method of claim 14, wherein the safety condition is to detect an identification code of the user request by an electronic device, and the identification code is selectively generated using an encryption method.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ko-Cheng Fang
Original Assignee
Ko-Cheng Fang
Inventors
Fang, Ko-Cheng

Granted Patent

US 7,930,745 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/02 for separating internal fro...

Network security system and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Network security system and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links