VIRTUALIZED NETWORK HONEYPOTS
First Claim
Patent Images
1. A method, comprising:
- receiving, via at least one of one or more computing devices, network traffic from a connecting device;
determining, via at least one of the one or more computing devices, whether the network traffic is authorized; and
selectively routing, via at least one of the one or more computing devices, the network traffic to a requested network service or to a honeypot server based at least in part on whether the network traffic is authorized, wherein the network traffic is selectively routed by one of the one or more computing devices that also executes the requested network service.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for virtualized network honeypots. Network traffic is received from a connecting device. It is determined whether the network traffic is authorized or unauthorized. The network traffic is selectively routed to a requested network service or to a honeypot server based at least in part on whether the network traffic is authorized or unauthorized.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, via at least one of one or more computing devices, network traffic from a connecting device; determining, via at least one of the one or more computing devices, whether the network traffic is authorized; and selectively routing, via at least one of the one or more computing devices, the network traffic to a requested network service or to a honeypot server based at least in part on whether the network traffic is authorized, wherein the network traffic is selectively routed by one of the one or more computing devices that also executes the requested network service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
a computing device; a network service executable in the computing device; and a connection routing service executable in the computing device, wherein when executed the connection routing service causes the computing device to at least; receive network traffic from a connecting device, the network traffic specifying the network service as a destination; determine whether the network traffic is authorized; and selectively route the network traffic to the network service or to a honeypot server based at least in part on whether the network traffic is authorized. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable medium embodying a program executable in at least one computing device, wherein when executed the program causes the at least one computing device to at least:
-
receive first network traffic from a first connecting device, the first network traffic specifying a network service as a destination; determine that the first network traffic is authorized; route the first network traffic to the network service, the network service being executed in a same computing device as the program; receive second network traffic from a second connecting device, the second network traffic specifying the network service as the destination; determine that the second network traffic is unauthorized; and route the second network traffic to a honeypot server instead of the network service, the honeypot server being configured to masquerade as the network service to the second connecting device. - View Dependent Claims (19, 20)
-
Specification