DEVICE, SYSTEM AND METHOD FOR DEFENDING A COMPUTER NETWORK
2 Assignments
0 Petitions
Accused Products
Abstract
A device, system, and method for defending a computer network are described. network communications are received by a traffic filter, which dynamically determines whether the communications include an anomaly (i.e., are “anomalous” communications), or whether the communications are normal, and do not include an anomaly. The traffic filter routes normal communications to the correct device within its network for servicing he service requested by the communications. The traffic filter routes any anomalous communications to a virtual space engine, which is configured to fake a requested service (e.g., to entice deployment of a malicious payload). Anomalous communications are analyzed using an analytical engine, which can dynamically develop rules for handling anomalous communications in-line, and the rules developed by the analytical engine can be employed by the traffic filter against future received communications.
9 Citations
38 Claims
-
1-18. -18. (canceled)
-
19. A router, comprising:
a processor-readable medium including code representing instructions to cause a processor to perform operations including routing received information communicated from a first network to a component associated with a service within a second network, responsive to a determination that the received information is to be handled by a service that exists within the second network; and routing the received information to a predetermined component, responsive to a determination that the received information is to be handled by a service that does not exist within the second network. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
26. A processor-readable medium including code representing instructions to cause a processor to perform operations comprising:
-
routing received information communicated from a first network to a component associated with a service within a second network, responsive to a determination that the received information is to be handled by a service that exists within the second network; and routing the received information to a predetermined component, responsive to a determination that the received information is to be handled by a service that does not exist within the second network. - View Dependent Claims (27, 28, 29, 30, 31, 32)
-
-
33. A method, comprising:
-
routing received information communicated from a first network to a component associated with a service within a second network, responsive to a determination that the received information is to be handled by a service that exists within the second network; and routing the received information to a predetermined component, responsive to a determination that the received information is to be handled by a service that does not exist within the second network. - View Dependent Claims (34, 35, 36, 37, 38)
-
Specification