×

System and method for directing malicous activity to a monitoring system

  • US 9,609,019 B2
  • Filed: 11/20/2014
  • Issued: 03/28/2017
  • Est. Priority Date: 05/07/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • accessing, by a client device, a service on a first server system;

    recording, by the client device in a memory device operably coupled thereto, a first record of the accessing of the service on the first server, the first record including an identifier of the first server system and a first description of the accessing of the service;

    receiving, by the client device, a second record referencing a second server system and a second description mimicking the first description, the second server system implementing services and monitoring functions operable to gather data with respect to unauthorized code accessing the second server system;

    recording, by the client device, the second record in the memory device;

    accessing, by the client device using a malicious code module one of accessing and executing on the client device, the second record;

    accessing, by the malicious code module executing on one of the client device and another device, the second server system using data contained in the second record;

    monitoring, by the second server, activities of the malicious code module with respect to the second server; and

    characterizing, by the second server system, the malicious code module according to the monitoring of the activities of the malicious code module;

    wherein accessing, by the client device, the service on the first server system comprises authenticating the client device with the service on the first server system; and

    wherein recording the first record in the memory device comprises receiving a first credential for automatically authenticating the client device with the service on the first server system and storing the first credential in the memory device; and

    wherein the second record is a second credential mimicking data contained in the first credential but referencing the second server.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×