System and method for computer security

US 8,549,640 B2
Filed: 02/12/2008
Issued: 10/01/2013
Est. Priority Date: 07/14/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for providing security for a computer network, comprising:

automatically generating content for a file system for a first computer associated with the network, wherein automatically generating content comprises, for at least a subset of the generated content, selecting through an automated process and without human intervention a corresponding value for each of one or more inputs of at least one template comprising fictitious content, the fictitious content comprising at least one of a decoy user name, a decoy domain name, and a decoy host name;

creating a directory within the first computer;

copying the file system of the first computer into the directory;

routing a user who attempts to gain unauthorized access to a second computer associated with the network to the directory in the first computer, wherein the routing is specified by a policy indicating that the user is to be routed to the directory in the first computer in the event the user attempts to access at least one of;

a specified port and a specified service; and

employing processes running outside of the directory to screen requests by the user to access files to prevent the user from detecting processes used to monitor the user.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are disclosed for providing security for a computer network. Content is generated for a computer associated with the network. It is determined whether a user should be routed to the generated content. If it is determined that the user should be routed to the generated content, the user is so routed.

176 Citations

12 Claims

1. A method for providing security for a computer network, comprising:
- automatically generating content for a file system for a first computer associated with the network, wherein automatically generating content comprises, for at least a subset of the generated content, selecting through an automated process and without human intervention a corresponding value for each of one or more inputs of at least one template comprising fictitious content, the fictitious content comprising at least one of a decoy user name, a decoy domain name, and a decoy host name;
  
  creating a directory within the first computer;
  
  copying the file system of the first computer into the directory;
  
  routing a user who attempts to gain unauthorized access to a second computer associated with the network to the directory in the first computer, wherein the routing is specified by a policy indicating that the user is to be routed to the directory in the first computer in the event the user attempts to access at least one of;
  
  a specified port and a specified service; and
  
  employing processes running outside of the directory to screen requests by the user to access files to prevent the user from detecting processes used to monitor the user.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 further comprising generating operating system configuration information for the first computer.
  - 3. The method of claim 1 further comprising copying an operating system of the first computer into the directory.
  - 4. The method of claim 1, wherein the automatically generated content further comprises non-confidential information drawn from the computer network being protected.

5. A system for providing security for a computer network, comprising:
- a computer processor configured to;
  
  generate content automatically for a file system for a first computer associated with the network, wherein automatically generating content comprises, for at least a subset of the generated content, selecting through an automated process and without human intervention a corresponding value for each of one or more inputs of at least one template comprising fictitious content, the fictitious content comprising at least one of a decoy user name, a decoy domain name, and a decoy host name;
  
  create a directory within the first computer;
  
  copy the file system of the first computer into the directory;
  
  route a user who attempts to gain unauthorized access to a second computer associated with the network to the directory in the first computer, wherein the routing is specified by a policy indicating that the user is to be routed to the directory in the first computer in the event the user attempts to access at least one of;
  
  a specified port and a specified service; and
  
  employ processes running outside of the directory to screen requests by the user to access files to prevent the user from detecting processes used to monitor the user.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, wherein the computer processor is further configured to generate operating system configuration information for the first computer.
  - 7. The system of claim 5, wherein the computer processor is further configured to copy an operating system of the first computer into the directory.
  - 8. The system of claim 5, wherein the automatically generated content further comprises non-confidential information drawn from the computer network being protected.

9. A computer program product for providing security for a computer network, the computer program product being embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
- automatically generating content for a file system for a first computer associated with the network, wherein automatically generating content comprises, for at least a subset of the generated content, selecting through an automated process and without human intervention a corresponding value for each of one or more inputs of at least one template comprising fictitious content, the fictitious content comprising at least one of a decoy user name, a decoy domain name, and a decoy host name;
  
  creating a directory within the first computer;
  
  copying the file system of the first computer into the directory;
  
  routing a user who attempts to gain unauthorized access to a second computer associated with the network to the directory in the first computer, wherein the routing is specified by a policy indicating that the user is to be routed to the directory in the first computer in the event the user attempts to access at least one of;
  
  a specified port and a specified service; and
  
  employing processes running outside of the directory to screen requests by the user to access files to prevent the user from detecting processes used to monitor the user.
- View Dependent Claims (10, 11, 12)
- - 10. The computer program product of claim 9 further comprising generating operating system configuration information for the first computer.
  - 11. The computer program product of claim 9 further comprising copying an operating system of the first computer into the directory.
  - 12. The computer program product of claim 9, wherein the automatically generated content further comprises non-confidential information drawn from the computer network being protected.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gen Digital Inc.
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Lyle, Michael P., Ross, Robert F., Maricondo, James R.
Primary Examiner(s)
HOLDER, BRADLEY W

Application Number

US12/069,873
Publication Number

US 20080141349A1
Time in Patent Office

2,058 Days
Field of Search

726/23, 726/22, 726/24, 726/26, 726/27, 726/28
US Class Current

726/23
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 2221/2127   Bluffing

H04L 63/10   for controlling access to d...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1491   using deception as counterm...

System and method for computer security

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

176 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for computer security

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

176 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links