MANAGING DYNAMIC DECEPTIVE ENVIRONMENTS
0 Assignments
0 Petitions
Accused Products
Abstract
A deception management system to detect attackers within a dynamically changing network of computer resources, including a deployment governor dynamically designating deception policies, each deception policy including names of non-existing web servers, and levels of diversity for planting the names of non-existing web servers in browser histories of web browsers within resources of the network, the levels of diversity specifying how densely the name of each non-existing web server is planted within resources of the network, a deception deployer dynamically planting the names of non-existing web servers in the browser histories of the web browsers in resources in the network, in accordance with the levels of diversity of the current deception policy, and a notification processor transmitting an alert to an administrator of the network in response to an attempt to access one of the non-existing web servers.
14 Citations
28 Claims
-
1-20. -20. (canceled)
-
21. A deception management system (DMS) to detect attackers within a dynamically changing network of computer resources, comprising:
-
a deployment governor dynamically designating deception policies, each deception policy comprising (i) names of non-existing web servers, and (ii) levels of diversity for planting the names of non-existing web servers in browser histories of web browsers within resources of the network, the levels of diversity specifying how densely the name of each non-existing web server is planted within resources of the network; a deception deployer dynamically planting the names of non-existing web servers in the browser histories of the web browsers in resources in the network, in accordance with the levels of diversity of the current deception policy; and a notification processor transmitting an alert to an administrator of the network in response to an attempt to access one of the non-existing web servers. - View Dependent Claims (22, 23, 24)
-
-
25. A deception management system (DMS) to detect attackers within a dynamically changing network of computer resources, comprising:
-
a deployment governor dynamically designating deception policies, each deception policy comprising (i) files containing non-existing usernames and passwords, and (ii) levels of diversity for planting the files containing the non-existing usernames and passwords within resources of the network, the levels of diversity specifying how densely each file containing non-existing usernames and passwords is planted within resources of the network; a deception deployer dynamically planting the files containing non-existing usernames and passwords in resources in the network, in accordance with the levels of diversity of the current deception policy; and a notification processor transmitting an alert to an administrator of the network in response to an attempt to user one of the non-existing usernames and passwords. - View Dependent Claims (26, 27, 28)
-
Specification