CLOUD PROTECTION TECHNIQUES
4 Assignments
0 Petitions
Accused Products
Abstract
Cloud protection techniques are provided. A security breach is detected in a source cloud environment. An enterprise system processing in the source cloud environment is immediately locked down and is dynamically migrated to a target cloud environment. While the enterprise system is migrating, the source cloud environment creates a fake environment with fake resources within the source cloud environment to dupe an intruder having access as a result of the security breach. Metrics and logs are gathered with respect to activities of the intruder within the source cloud environment.
-
Citations
21 Claims
-
1. (canceled)
-
2. A method, comprising:
-
detecting activity within an environment that indicates an intruder within the environment; migrating the environment to a new environment; creating a feigned environment within the environment to encourage additional activity by the intruder; and monitoring the additional activity within the feigned environment as the environment is migrating to the new environment. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium comprising executable instructions that when executed by one or more processors perform a method to:
-
detect a security event indicating an intruder is operating within a source environment; migrate resources of the source environment to a target environment; generate fake resources to represent the resources within the source environment and creating a fake environment of the source environment; and log actions taken by the intruder against the fake resources during migration of the resources to the target environment. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A system, comprising:
-
a source cloud processing environment comprising resources; and a target cloud processing environment comprising an instance of the resources; wherein the source cloud processing is configured to;
i) detect an unauthorized intruder operating in the source cloud processing environment, ii) migrate the instance to the target cloud processing environment, iii) generate fake resources representing the resources in the source cloud processing environment, iv) create one or more honeypots through configured interactions between the fake resources within the source cloud processing environment, v) monitor actions taken by the unauthorized intruder during migration to the target cloud processing environment, and vi) shut down the source cloud processing environment once the instance is operational in the target cloud processing environment. - View Dependent Claims (21)
-
Specification