发明授权
US08656493B2 Decoy network technology with automatic signature generation for intrusion detection and intrusion prevention systems
有权
诱饵网络技术,具有入侵检测和入侵防御系统的自动签名生成功能
- 专利标题: Decoy network technology with automatic signature generation for intrusion detection and intrusion prevention systems
- 专利标题(中): 诱饵网络技术,具有入侵检测和入侵防御系统的自动签名生成功能
-
申请号: US13759335申请日: 2013-02-05
-
公开(公告)号: US08656493B2公开(公告)日: 2014-02-18
- 发明人: Alen Capalik
- 申请人: Alen Capalik
- 申请人地址: US CA Santa Monica
- 专利权人: NeuralIQ, Inc.
- 当前专利权人: NeuralIQ, Inc.
- 当前专利权人地址: US CA Santa Monica
- 代理机构: Morgan, Lewis & Bockius LLP
- 主分类号: G06F21/00
- IPC分类号: G06F21/00
摘要:
Improved methods and systems for decoy networks with automatic signature generation for intrusion detection and intrusion prevention systems. A modular decoy network with front-end monitor/intercept module(s) with a processing back-end that is separate from the protected network. The front-end presents a standard fully functional operating system that is a decoy so that the instigator of an attack is lead to believe a connection has been made to the protected network. The front-end includes a hidden sentinel kernal driver that monitors connections to the system and captures attack-identifying information. The captured information is sent to the processing module for report generation, data analysis and generation of an attack signature. The generated attack signature can then be applied to the library of signatures of the intrusion detection system or intrusion prevention system of the protected network to defend against network based attacks including zero-day attacks.
公开/授权文献
信息查询
