System and method for verifying malicious actions by utilizing virtualized elements
First Claim
1. A networked system of hardware components configured with computer program code for verifying breach vulnerabilities within the networked system, the networked system comprising:
- a memory device having executable instructions stored therein; and
a processing device, in response to executing the executable instructions, configured to;
prepare breach simulation tasks by reading configurations for types of breach scenarios and preparing a list of tasks to be simulated;
send breach simulation tasks to simulator nodes, the simulator nodes being deployed in the networked system and given access to a production server in the networked system, the breach simulation tasks sent to at least a first simulator node is designed to simulate an attacker party and the breach simulation tasks sent to at least a second simulator node is designed to simulate attacked parties involved in the types of breach scenarios;
execute the breach simulation tasks on the simulator nodes, wherein the at least first simulator node executes attacker tasks from the list of tasks that simulate an attacker party and the at least second simulator node executes attacked party tasks from the list of tasks that simulate an attacked party;
receive results from the simulator nodes;
determine that the simulator nodes of the attacker and attacked parties report on a same result by identifying corresponding outcomes between the simulator nodes of the attacker and attacked parties from the execution of the breach simulation tasks on the simulator nodes, wherein reporting on the same result comprising comparing transferred data transferred by the at least first simulator node and a copy of the transferred data that was successfully received at the at least second simulator node to verify whether breached data and transmitted copy of the breach data are the same;
determine that the simulator nodes of the attacker and attacked parties report on successful execution of the breach simulation tasks; and
identify a successful breach based on the simulator nodes of the attacker and attacked parties report on the same result and the simulator nodes of the attacker and attacked parties report on the successful execution of the breach simulation tasks.
4 Assignments
0 Petitions
Accused Products
Abstract
A system comprising a memory device having executable instructions stored in the memory device, and a processing device, in response to the executable instructions, configured to prepare breach simulation tasks by reading configurations for types of breach scenarios and preparing a list of tasks to be simulated, send breach simulation tasks to simulator nodes, the simulator nodes simulating parties involved in the types of breach scenarios, execute the breach simulation tasks on the simulator nodes, receive results from the simulator nodes, determine that the parties report on a same result, determine that the parties report on successful results, and identify a successful breach based on the parties report on the same result and the parties report on the successful results.
-
Citations
16 Claims
-
1. A networked system of hardware components configured with computer program code for verifying breach vulnerabilities within the networked system, the networked system comprising:
-
a memory device having executable instructions stored therein; and a processing device, in response to executing the executable instructions, configured to; prepare breach simulation tasks by reading configurations for types of breach scenarios and preparing a list of tasks to be simulated; send breach simulation tasks to simulator nodes, the simulator nodes being deployed in the networked system and given access to a production server in the networked system, the breach simulation tasks sent to at least a first simulator node is designed to simulate an attacker party and the breach simulation tasks sent to at least a second simulator node is designed to simulate attacked parties involved in the types of breach scenarios; execute the breach simulation tasks on the simulator nodes, wherein the at least first simulator node executes attacker tasks from the list of tasks that simulate an attacker party and the at least second simulator node executes attacked party tasks from the list of tasks that simulate an attacked party; receive results from the simulator nodes; determine that the simulator nodes of the attacker and attacked parties report on a same result by identifying corresponding outcomes between the simulator nodes of the attacker and attacked parties from the execution of the breach simulation tasks on the simulator nodes, wherein reporting on the same result comprising comparing transferred data transferred by the at least first simulator node and a copy of the transferred data that was successfully received at the at least second simulator node to verify whether breached data and transmitted copy of the breach data are the same; determine that the simulator nodes of the attacker and attacked parties report on successful execution of the breach simulation tasks; and identify a successful breach based on the simulator nodes of the attacker and attacked parties report on the same result and the simulator nodes of the attacker and attacked parties report on the successful execution of the breach simulation tasks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer readable medium comprising program code that when executed by a programmable processor comprised in a networked system of hardware components configured with computer program code causes execution of a method for verifying breach vulnerabilities within the networked system, the computer readable media comprising:
-
computer program code for preparing breach simulation tasks by reading configurations for types of breach scenarios and preparing a list of tasks to be simulated; computer program code for sending breach simulation tasks to simulator nodes, the simulator nodes being deployed in the networked system and given access to a production server in the networked system, the breach simulation tasks sent to at least a first simulator node is designed to simulate an attacker party and the breach simulation tasks sent to at least a second simulator node is designed to simulate attacked parties involved in the types of breach scenarios; computer program code for executing the breach simulation tasks on the simulator nodes, wherein the at least first simulator node executes attacker tasks from the list of tasks that simulate an attacker party and the at least second simulator node executes attacked party tasks from the list of tasks that simulate an attacked party; computer program code for receiving results from the simulator nodes; computer program code for determining that the simulator nodes of the attacker and attacked parties report on a same result by identifying corresponding outcomes between the simulator nodes of the attacker and attacked parties from the execution of the breach simulation tasks on the simulator nodes, wherein reporting on the same result comprising comparing transferred data transferred by the at least first simulator node and a copy of the transferred data that was successfully received at the at least second simulator node to verify whether breached data and transmitted copy of the breach data are the same; computer program code for determining that the simulator nodes of the attacker and attacked parties report on successful execution of the breach simulation tasks; and computer program code for identifying a successful breach based on the simulator nodes of the attacker and attacked parties report on the same result and the simulator nodes of the attacker and attacked parties report on the successful execution of the breach simulation tasks. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification