Methods, systems and computer program products for obscuring traffic in a distributed system

US 7,747,774 B2
Filed: 10/21/2004
Issued: 06/29/2010
Est. Priority Date: 08/23/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method for obscuring real traffic in a distributed network, comprising:

generating obscuring traffic associated with ones of a plurality of components coupled to the distributed network;

transmitting the generated obscuring traffic to the ones of the plurality of components so as to obscure the real traffic from intruders of the distributed network; and

maintaining knowledge of the obscuring traffic so as to allow differentiation between the generated obscuring traffic and the real traffic in the distributed network,wherein maintaining knowledge comprises transmitting update messages to the ones of the plurality of components so as to allow the components to distinguish between the generated obscuring traffic and the real traffic;

wherein generating the obscuring traffic comprises generating a list of messages to be included in dummy packets;

wherein transmitting the generated obscuring traffic comprises transmitting dummy packets including messages from the list; and

wherein the update messages includes a message identifier referring to a message in the list of messages, a source identifier, a destination identifier and a transmit time for the associated dummy packet.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods for obscuring real traffic in a distributed network are provided. In particular, obscuring traffic associated with ones of a plurality of components is generated on the distributed network. The generated obscuring traffic is transmitted to the ones of the plurality of components so as to obscure the real traffic from intruders of the distributed network. Related systems and computer program products are also provided.

239 Citations

26 Claims

1. A method for obscuring real traffic in a distributed network, comprising:
- generating obscuring traffic associated with ones of a plurality of components coupled to the distributed network;
  
  transmitting the generated obscuring traffic to the ones of the plurality of components so as to obscure the real traffic from intruders of the distributed network; and
  
  maintaining knowledge of the obscuring traffic so as to allow differentiation between the generated obscuring traffic and the real traffic in the distributed network,wherein maintaining knowledge comprises transmitting update messages to the ones of the plurality of components so as to allow the components to distinguish between the generated obscuring traffic and the real traffic;
  
  wherein generating the obscuring traffic comprises generating a list of messages to be included in dummy packets;
  
  wherein transmitting the generated obscuring traffic comprises transmitting dummy packets including messages from the list; and
  
  wherein the update messages includes a message identifier referring to a message in the list of messages, a source identifier, a destination identifier and a transmit time for the associated dummy packet.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein transmitting update messages further comprises transmitting a first update message for a first time period and transmitting a second update message for a second time period before expiration of the first time period.
  - 3. The method of claim 1, further comprising:
    - receiving the transmitted obscuring traffic at the ones of the plurality of components; and
      
      discarding the received obscuring traffic at the ones of the plurality of components.
  - 4. The method of claim 1, wherein generating the obscuring traffic comprises generating the dummy packets using a script or sequencing method that utilizes the message identifier, the source identifier and the transmit time.
  - 5. The method of claim 1, wherein generating the obscuring traffic comprises generating a dummy packet including data from a previously transmitted real packet and wherein transmitting the generated obscuring traffic comprises transmitting the dummy packet including the data from the previously sent real packet.
  - 6. The method of claim 1, wherein generating the obscuring traffic comprises generating the obscuring traffic using a mathematical algorithm.
  - 7. The method of claim 1, further comprising increasing or decreasing an amount of generated obscuring traffic responsive to a perceived threat to the distributed network.
  - 8. The method of claim 1, wherein generating obscuring traffic comprises generating different obscuring traffic for each of the ones of a plurality of components coupled to the distributed network.

9. A system for obscuring real traffic in a distributed network, comprising:
- a data processor;
  
  a deceiver circuit associated with the data processor and configured to generate obscuring traffic associated with ones of a plurality of components coupled to the distributed network; and
  
  a transmission circuit associated with the data processor and configured to transmit the generated obscuring traffic to the ones of the plurality of components so as to obscure the real traffic from intruders of the distributed network,wherein the deceiver circuit is further configured to maintain knowledge of the obscuring traffic so as to allow differentiation between the generated obscuring traffic and the real traffic in the distributed network and to maintain knowledge of the obscuring traffic by transmitting update messages to the ones of the plurality of components so as to allow the components to distinguish between the generated obscuring traffic and the real traffic,wherein the deceiver circuit is further configured to generate a list of messages to be included in dummy packets;
  
  wherein the transmission circuit is further configured to transmit dummy packets including messages from the list; and
  
  wherein the update messages includes a message identifier referring to a message in the list of messages, a source identifier, a destination identifier and a transmit time for the associated dummy packet.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the deceiver circuit is further configured to transmit a first update message for a first time period and transmit a second update message for a second time period before expiration of the first time period.
  - 11. The system of claim 9, further comprising:
    - a receiver circuit configured to receive the transmitted obscuring traffic at the ones of the plurality of components; and
      
      a data handling circuit configured discard the received obscuring traffic at the ones of the plurality of components.
  - 12. The system of claim 9, wherein the deceiver circuit is further configured to generate the obscuring traffic using a script or sequencing method that utilizes the message identifier, the source identifier and the transmit time.
  - 13. The system of claim 9, wherein the deceiver circuit is further configured to generate a dummy packet including data from a previously transmitted real packet and wherein the deceiver circuit is further configured to transmit the dummy packet including the data from the previously sent real packet.
  - 14. The system of claim 9, wherein the deceiver circuit is further configured to generate the obscuring traffic using a mathematical algorithm.
  - 15. The system of claim 9, wherein the deceiver circuit is further configured to increase or decrease an amount of generated obscuring traffic responsive to a perceived threat to the distributed network.
  - 16. The system of claim 9, wherein the deceiver circuit is further configured to generate different obscuring traffic for each of the ones of a plurality of components coupled to the distributed network.

17. A system for obscuring real traffic in a distributed network, comprising:
- a data processor configured to;
  
  generate obscuring traffic associated with ones of a plurality of components coupled to the distributed network;
  
  transmit the generated obscuring traffic to the ones of the plurality of components so as to obscure the real traffic from intruders of the distributed network; and
  
  maintain knowledge of the obscuring traffic so as to allow differentiation between the generated obscuring traffic and the real traffic in the distributed network,wherein the data processor is further configured to transmit update messages to the ones of the plurality of components so as to allow the components to distinguish between the generated obscuring traffic and the real traffic;
  
  generate a list of messages to be included in dummy packets; and
  
  transmit dummy packets including messages from the list; and
  
  wherein the update messages includes a message identifier referring to a message in the list of messages, a source identifier, a destination identifier and a transmit time for the associated dummy packet.
- View Dependent Claims (18)
- - 18. The system of claim 17, wherein the data processor is further configured to:
    - receive the transmitted obscuring traffic at the ones of the plurality of components; and
      
      discard the received obscuring traffic at the ones of the plurality of components.

19. An article of manufacture for obscuring real traffic in a distributed network, the article of manufacture comprising:
- a computer readable medium having computer readable program code embodied therein, the computer readable program code comprising;
  
  computer readable program code configured to generate obscuring traffic associated with ones of a plurality of components coupled to the distributed network;
  
  computer readable program code configured to transmit the generated obscuring traffic to the ones of the plurality of components so as to obscure the real traffic from intruders of the distributed network;
  
  computer readable program code configured to maintain knowledge of the obscuring traffic so as to allow differentiation between the generated obscuring traffic and the real traffic in the distributed network;
  
  computer readable program code configured to transmit update messages to the ones of the plurality of components so as to allow the components to distinguish between the generated obscuring traffic and the real traffic;
  
  computer readable program code configured to generate a list of messages to be included in dummy packets; and
  
  computer readable program code configured to transmit dummy packets including messages from the list,wherein the update messages include a message identifier referring to a message in the list of messages, a source identifier, a destination identifier.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The article of manufacture of claim 19, wherein the computer readable program code configured to transmit update messages further comprises computer readable program code configured to transmit a first update message for a first time period and transmit a second update message for a second time period before expiration of the first time period.
  - 21. The article of manufacture of claim 19, further comprising:
    - computer readable program code configured to receive the transmitted obscuring traffic at the ones of the plurality of components; and
      
      computer readable program code configured to discard the received obscuring traffic at the ones of the plurality of components.
  - 22. The article of manufacture of claim 19, wherein the computer readable program code configured to generate comprises computer readable program code configured to generate the obscuring traffic using a script or sequencing method that utilizes the message identifier, the source identifier and the transmit time.
  - 23. The article of manufacture of claim 19, further comprising:
    - computer readable program code configured to generate a dummy packet including data from a previously transmitted real packet; and
      
      computer readable program code configured to transmit the dummy packet including the data from the previously sent real packet.
  - 24. The article of manufacture of claim 19, further comprising computer readable program code configured to generate the obscuring traffic using a mathematical algorithm.
  - 25. The article of manufacture of claim 19, further comprising computer readable program code configured to increase or decrease an amount of generated obscuring traffic responsive to a perceived threat to the distributed network.
  - 26. The article of manufacture of claim 19, further comprising computer readable program code configured to generate different obscuring traffic for each of the ones of a plurality of components coupled to the distributed network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
LinkedIn Corporation (Microsoft Corporation)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Aaron, Jeffrey A.
Primary Examiner(s)
DENNISON, JERRY B

Application Number

US10/970,630
Publication Number

US 20060041653A1
Time in Patent Office

2,077 Days
Field of Search

709/203, 709/225, 709/238, 709/243, 713/150
US Class Current

709/238
CPC Class Codes

G09B 7/00   Electrically-operated teach...

H04L 63/04   for providing a confidentia...

H04L 63/1441   Countermeasures against mal...

Methods, systems and computer program products for obscuring traffic in a distributed system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

239 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, systems and computer program products for obscuring traffic in a distributed system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

239 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links