SYSTEM FOR DETECTING, ANALYZING, AND CONTROLLING INFILTRATION OF COMPUTER AND NETWORK SYSTEMS
First Claim
1. A method for detecting and manipulating a malicious actor/communication on a computer system, the method comprising the steps of:
- providing multiple detection points at specific locations in the computer system, each detection point presenting an opportunity to detect and manipulate a malicious actor/communication;
detecting a malicious actor/communication on the system based on a triggering of a first detection point;
controlling or manipulating the malicious actor/communication to a second detection point;
characterizing the malicious actor/communication to determine some information about the malicious actor/communication based on an analysis of the activities or aspects of the malicious actor/communication detected by the triggering of one or more of the detection points.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for detecting and manipulating a malicious actor/communication on a computer network or system. The method includes the steps of incorporating one or more synthetic vulnerabilities into the computer system at distinct locations, where each synthetic vulnerability presents an opportunity for exploitation by a malicious actor/communication, detecting an exploitation of one of the vulnerabilities by an actor, analyzing the actor to determine if the actor is a malicious actor/communication; and manipulating the malicious actor/communication. A computer program on a storage medium is also disclosed.
141 Citations
30 Claims
-
1. A method for detecting and manipulating a malicious actor/communication on a computer system, the method comprising the steps of:
-
providing multiple detection points at specific locations in the computer system, each detection point presenting an opportunity to detect and manipulate a malicious actor/communication; detecting a malicious actor/communication on the system based on a triggering of a first detection point; controlling or manipulating the malicious actor/communication to a second detection point; characterizing the malicious actor/communication to determine some information about the malicious actor/communication based on an analysis of the activities or aspects of the malicious actor/communication detected by the triggering of one or more of the detection points. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for detecting and manipulating a malicious actor/communication on a computer network or system, the method comprising the steps of:
-
creating multiple detection points for detecting, capturing or directing a malicious actor/communication; implementing, integrating, or applying the multiple detection points to a target system or network; intercepting a malicious actor/communication that is directed to the target system or network based on a triggering of a first detection point; controlling or manipulating the malicious actor/communication to proceed to another detection point; and characterizing the malicious actor/communication to determine some information about the malicious actor/communication based on an analysis of the activities or aspects of the malicious actor/communication that triggered at least one of the detection points. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer usable medium having a computer readable program code embodied therein, the computer readable program code adapted to be executed to implement a method for detecting and manipulating a malicious actor/communication on a computer network or system, the method comprising the steps of:
-
creating one or more detection points for detecting, capturing or directing a malicious actor/communication; implementing, integrating, or applying the one or more of the detection points to a target system or network; intercepting a malicious actor/communication that is directed to the target system or network based on a triggering of at least one detection point; characterizing the malicious actor/communication to determine some information about the malicious actor/communication based on an analysis of the activities or aspects of the malicious actor/communication; and controlling or manipulating the malicious actor/communication.
-
-
28. A protection system for detecting and manipulating a malicious actor/communication on a target computer program, the protection system comprising:
-
a computer engine module configured to receive communications including malicious communications, the engine module including one or more detection points, each detection point including one or more match rules and actions to be accomplished upon a match being found, the engine module including program coding configured to compare the received communication against the match rules associated with the detection point to characterize the communication as a malicious communication, implement the actions associated with a detection point upon a determination that a communication matches the rules, and manipulating the malicious communication; a report generator in communication with the engine module, the report generator adapted to generate a report upon a determination that a communication matches the rules; a storage database for receiving and storing detection points and reports; and an admin GUI module for creating detection points and sending the detection points to the engine module. - View Dependent Claims (29, 30)
-
Specification