ADAPTING DECOY DATA PRESENT IN A NETWORK
First Claim
Patent Images
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program, when executed, causing the at least one computing device to at least:
- obtain policy data, the policy data specifying decoy data eligible to be inserted in a data store and further specifying a behavioral characteristic for accessing the data store;
obtain a response to an access of the data store, the response comprising the decoy data among a plurality of non-decoy data;
determine legitimacy of the access of the data store based at least in part upon the behavioral characteristic associated with the access; and
initiate an action associated with the decoy data, the action being initiated in response to the legitimacy of the access.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for obtaining policy data specifying decoy data eligible to be inserted within a response to an access of a data store. The decoy data is detected in the response among a plurality of non-decoy data based at least upon the policy data. An action associated with the decoy data is initiated in response to the access of the data store meeting a configurable threshold.
67 Citations
20 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program, when executed, causing the at least one computing device to at least:
-
obtain policy data, the policy data specifying decoy data eligible to be inserted in a data store and further specifying a behavioral characteristic for accessing the data store; obtain a response to an access of the data store, the response comprising the decoy data among a plurality of non-decoy data; determine legitimacy of the access of the data store based at least in part upon the behavioral characteristic associated with the access; and initiate an action associated with the decoy data, the action being initiated in response to the legitimacy of the access. - View Dependent Claims (2, 3)
-
-
4. A system, comprising:
at least one computing device connected to a network, the at least one computing device configured to at least; obtain policy data, the policy data specifying decoy data eligible to be inserted in a data store and further specifying a behavioral characteristic for accessing the data store; obtain a response to an access of the data store, the response comprising the decoy data among a plurality of non-decoy data; determine legitimacy of the access of the data store based at least in part upon the behavioral characteristic associated with the access; and initiate an action associated with the decoy data, the action being initiated in response to the legitimacy of the access. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
-
13. A method, comprising:
-
obtaining, by at least one computing device, policy data specifying decoy data eligible to be inserted within a response to an access of a data store and further specifying a threshold associated with a user accessing the data store; detecting, by the at least one computing device, decoy data among a plurality of non-decoy data based at least upon the policy data, the decoy data being inserted in the response to the access of the data store; and interrupting, via the computing device, delivery of the response to a client application when the access falls below the threshold. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification