×

Method and system for morphing honeypot with computer security incident correlation

  • US 7,412,723 B2
  • Filed: 12/31/2002
  • Issued: 08/12/2008
  • Est. Priority Date: 12/31/2002
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for operating a server, the method comprising:

  • emulating a service on a server;

    in response to receiving a request at the emulated service, sending a response that comprises information indicating a set of vulnerable characteristics at the server;

    obtaining, from a source external to the server, an event notification message concerning an event external to the server, wherein the source is one of;

    a network intrusion detection system, an operating system-based intrusion detection system, an application-based intrusion detection system, and a risk management system; and

    in response to obtaining the event notification message, and as the service is emulated on the server, automatically reconfiguring the set of vulnerable characteristics according to a vulnerability alteration rule when an operational condition associated with the emulated service, as specified in a rule, is detected.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×