公开(公告)号：US20190342309A1

公开(公告)日：2019-11-07

申请号：US16509844

申请日：2019-07-12

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/55

Abstract: Approaches for providing data protection in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes generating, by the at least one computer device, a second system in the networked computing environment, wherein the second system includes a patch based on the breach. The method additionally includes converting, by the at least one computer device, the first system to a decoy system. The method further includes generating, by the at least one computer device, a third system in the networked computing environment, wherein the third system has reduced security relative to the first system.

公开(公告)号：US20180109547A1

公开(公告)日：2018-04-19

申请号：US15842131

申请日：2017-12-14

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/55

CPC classification number: H04L63/1416 ,  G06F21/554 ,  G06F21/577 ,  H04L63/1433 ,  H04L63/1491

Abstract: Approaches for providing data protection in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes generating, by the at least one computer device, a second system in the networked computing environment, wherein the second system includes a patch based on the breach. The method additionally includes converting, by the at least one computer device, the first system to a decoy system. The method further includes generating, by the at least one computer device, a third system in the networked computing environment, wherein the third system has reduced security relative to the first system.

公开(公告)号：US20180103048A1

公开(公告)日：2018-04-12

申请号：US15840460

申请日：2017-12-13

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L63/1491

Abstract: Approaches for providing security in a networked computing environment are provided. The method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes identifying a second system in the in the networked computing environment as an at-risk system based on a proximity of the second system to the first system. The method additionally includes re-generating, by the at least one computer device, the second system as a new system at a new location in the networked computing environment. The method further includes converting, by the at least one computer device, the second system to a decoy system.

公开(公告)号：US20190273751A1

公开(公告)日：2019-09-05

申请号：US16416624

申请日：2019-05-20

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F21/55

Abstract: Approaches for managing security breaches in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a production system in the networked computing environment, wherein the networked computing environment includes a decoy system interweaved with the production system. The method also includes receiving, by the at least one computer device, a communication after the detecting the breach. The method further includes determining, by the at least one computer device, the communication is associated with one of a valid user and a malicious user. The method additionally includes, based on the determining, routing the valid user to an element of the production system when the communication is associated with the valid user and routing the malicious user to a corresponding element of the decoy system when the communication is associated with the malicious user.

公开(公告)号：US20190098031A1

公开(公告)日：2019-03-28

申请号：US16204354

申请日：2018-11-29

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F9/455

Abstract: Approaches for providing security in a networked computing environment are provided. The method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes identifying a second system in the in the networked computing environment as an at-risk system based on a proximity of the second system to the first system. The method additionally includes re-generating, by the at least one computer device, the second system as a new system at a new location in the networked computing environment. The method further includes converting, by the at least one computer device, the second system to a decoy system.

公开(公告)号：US20180083989A1

公开(公告)日：2018-03-22

申请号：US15827003

申请日：2017-11-30

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F21/55

CPC classification number: H04L63/1416 ,  G06F21/552 ,  G06F2221/2127 ,  H04L63/1491

Abstract: Approaches for managing security breaches in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a production system in the networked computing environment, wherein the networked computing environment includes a decoy system interweaved with the production system. The method also includes receiving, by the at least one computer device, a communication after the detecting the breach. The method further includes determining, by the at least one computer device, the communication is associated with one of a valid user and a malicious user. The method additionally includes, based on the determining, routing the valid user to an element of the production system when the communication is associated with the valid user and routing the malicious user to a corresponding element of the decoy system when the communication is associated with the malicious user.

公开(公告)号：US20160323301A1

公开(公告)日：2016-11-03

申请号：US14699218

申请日：2015-04-29

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F9/445 ,  G06F21/60

CPC classification number: H04L63/1416 ,  G06F21/554 ,  G06F21/577 ,  H04L63/1433 ,  H04L63/1491

Abstract: Approaches for providing data protection in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes generating, by the at least one computer device, a second system in the networked computing environment, wherein the second system includes a patch based on the breach. The method additionally includes converting, by the at least one computer device, the first system to a decoy system. The method further includes generating, by the at least one computer device, a third system in the networked computing environment, wherein the third system has reduced security relative to the first system.

Abstract translation: 提供了在联网计算环境中提供数据保护的方法。 一种方法包括由至少一个计算机设备检测网络计算环境中的第一系统的违规。 所述方法还包括由所述至少一个计算机设备生成所述联网计算环境中的第二系统，其中所述第二系统包括基于所述违规的补丁。 该方法还包括由至少一个计算机设备将第一系统转换成诱饵系统。 所述方法还包括由所述至少一个计算机设备生成所述联网计算环境中的第三系统，其中所述第三系统相对于所述第一系统具有降低的安全性。

公开(公告)号：US20190260774A1

公开(公告)日：2019-08-22

申请号：US16404236

申请日：2019-05-06

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/55

Abstract: Approaches for providing data protection in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes generating, by the at least one computer device, a second system in the networked computing environment, wherein the second system includes a patch based on the breach. The method additionally includes converting, by the at least one computer device, the first system to a decoy system. The method further includes generating, by the at least one computer device, a third system in the networked computing environment, wherein the third system has reduced security relative to the first system.

公开(公告)号：US20180109548A1

公开(公告)日：2018-04-19

申请号：US15842952

申请日：2017-12-15

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/55

CPC classification number: H04L63/1416 ,  G06F21/554 ,  G06F21/577 ,  H04L63/1433 ,  H04L63/1491

Abstract: Approaches for providing data protection in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes generating, by the at least one computer device, a second system in the networked computing environment, wherein the second system includes a patch based on the breach. The method additionally includes converting, by the at least one computer device, the first system to a decoy system. The method further includes generating, by the at least one computer device, a third system in the networked computing environment, wherein the third system has reduced security relative to the first system.

公开(公告)号：US20160373470A1

公开(公告)日：2016-12-22

申请号：US15251023

申请日：2016-08-30

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor： Gregory J. Boss ,  Rick A. Hamilton, II ,  Jeffrey R. Hoy ,  Agueda M.H. Magro

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  G06F21/552 ,  G06F2221/2127 ,  H04L63/1491

Abstract: Approaches for managing security breaches in a networked computing environment are provided. A method includes detecting, by at least one computer device, a breach of a production system in the networked computing environment, wherein the networked computing environment includes a decoy system interweaved with the production system. The method also includes receiving, by the at least one computer device, a communication after the detecting the breach. The method further includes determining, by the at least one computer device, the communication is associated with one of a valid user and a malicious user. The method additionally includes, based on the determining, routing the valid user to an element of the production system when the communication is associated with the valid user and routing the malicious user to a corresponding element of the decoy system when the communication is associated with the malicious user.

Abstract translation: 提供了一种用于管理联网计算环境中的安全漏洞的方法。 一种方法包括通过至少一个计算机设备检测网络计算环境中的生产系统的违反，其中所述联网计算环境包括与所述生产系统交织的诱饵系统。 所述方法还包括在检测到所述违规之后由所述至少一个计算机设备接收通信。 所述方法还包括由所述至少一个计算机设备确定所述通信与有效用户和恶意用户之一相关联。 所述方法还包括：当所述通信与所述有效用户相关联时，基于所述确定将所述有效用户路由到所述生产系统的元素，并且当所述通信与所述有效用户相关联时，将所述恶意用户路由到所述诱饵系统的相应元件 恶意用户。