ATE532289T1 - System und verfahren für computersicherheit unter verwendung mehrerer käfige - Google Patents

System und verfahren für computersicherheit unter verwendung mehrerer käfige

Info

Publication number
ATE532289T1
ATE532289T1 AT02721805T AT02721805T ATE532289T1 AT E532289 T1 ATE532289 T1 AT E532289T1 AT 02721805 T AT02721805 T AT 02721805T AT 02721805 T AT02721805 T AT 02721805T AT E532289 T1 ATE532289 T1 AT E532289T1
Authority
AT
Austria
Prior art keywords
routed
user
computer security
multiple cages
generated
Prior art date
Application number
AT02721805T
Other languages
English (en)
Inventor
Stephen Sorkin
Michael Lyle
Robert Ross
James Maricondo
Original Assignee
Symantec Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Symantec Corp filed Critical Symantec Corp
Application granted granted Critical
Publication of ATE532289T1 publication Critical patent/ATE532289T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99933Query processing, i.e. searching
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99939Privileged access

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)
AT02721805T 2001-04-23 2002-04-23 System und verfahren für computersicherheit unter verwendung mehrerer käfige ATE532289T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/841,700 US6907533B2 (en) 2000-07-14 2001-04-23 System and method for computer security using multiple cages
PCT/US2002/012842 WO2002087155A1 (en) 2001-04-23 2002-04-23 System and method for computer security using multiple cages

Publications (1)

Publication Number Publication Date
ATE532289T1 true ATE532289T1 (de) 2011-11-15

Family

ID=25285499

Family Applications (1)

Application Number Title Priority Date Filing Date
AT02721805T ATE532289T1 (de) 2001-04-23 2002-04-23 System und verfahren für computersicherheit unter verwendung mehrerer käfige

Country Status (4)

Country Link
US (2) US6907533B2 (de)
EP (1) EP1382154B8 (de)
AT (1) ATE532289T1 (de)
WO (1) WO2002087155A1 (de)

Families Citing this family (100)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7117532B1 (en) 1999-07-14 2006-10-03 Symantec Corporation System and method for generating fictitious content for a computer
US6981155B1 (en) 1999-07-14 2005-12-27 Symantec Corporation System and method for computer security
WO2001006386A1 (en) 1999-07-14 2001-01-25 Recourse Technologies, Inc. System and method for dynamically changing a computer port or address
US7203962B1 (en) 1999-08-30 2007-04-10 Symantec Corporation System and method for using timestamps to detect attacks
US7032114B1 (en) * 2000-08-30 2006-04-18 Symantec Corporation System and method for using signatures to detect computer intrusions
US20020046351A1 (en) * 2000-09-29 2002-04-18 Keisuke Takemori Intrusion preventing system
US20020095607A1 (en) * 2001-01-18 2002-07-18 Catherine Lin-Hendel Security protection for computers and computer-networks
US20020188649A1 (en) * 2001-06-12 2002-12-12 Ron Karim Mechanism for safely executing an untrusted program
US8087083B1 (en) * 2002-01-04 2011-12-27 Verizon Laboratories Inc. Systems and methods for detecting a network sniffer
US7743415B2 (en) * 2002-01-31 2010-06-22 Riverbed Technology, Inc. Denial of service attacks characterization
US20030191948A1 (en) * 2002-04-05 2003-10-09 Kenneth Nelson Security method and apparatus
US7581023B2 (en) * 2002-04-30 2009-08-25 Riverbed Technology, Inc. Architecture to thwart denial of service attacks
TWI235580B (en) * 2002-05-03 2005-07-01 Ke-Cheng Fang Network security system and method for recording and resisting hacker
US20040162994A1 (en) * 2002-05-13 2004-08-19 Sandia National Laboratories Method and apparatus for configurable communication network defenses
US7412722B1 (en) * 2002-08-08 2008-08-12 Verizon Laboratories Inc. Detection of softswitch attacks
US7437766B2 (en) * 2002-10-03 2008-10-14 Sandia National Laboratories Method and apparatus providing deception and/or altered operation in an information system operating system
US7383578B2 (en) 2002-12-31 2008-06-03 International Business Machines Corporation Method and system for morphing honeypot
US7412723B2 (en) * 2002-12-31 2008-08-12 International Business Machines Corporation Method and system for morphing honeypot with computer security incident correlation
JP4120415B2 (ja) * 2003-02-10 2008-07-16 株式会社日立製作所 トラフィック制御計算装置
US7698730B2 (en) * 2004-03-16 2010-04-13 Riverbed Technology, Inc. Service detection
JP2005352673A (ja) * 2004-06-09 2005-12-22 Fujitsu Ltd 不正アクセス監視プログラム、装置および方法
US20060036748A1 (en) * 2004-07-28 2006-02-16 Nusbaum Edward S Apparatus and method for computerized information management
US20060041940A1 (en) * 2004-08-21 2006-02-23 Ko-Cheng Fang Computer data protecting method
WO2006095334A2 (en) * 2005-03-09 2006-09-14 Beefence Ltd Method, system and computer readable medium for intrusion control
WO2006107712A2 (en) * 2005-04-04 2006-10-12 Bae Systems Information And Electronic Systems Integration Inc. Method and apparatus for defending against zero-day worm-based attacks
US9384345B2 (en) * 2005-05-03 2016-07-05 Mcafee, Inc. Providing alternative web content based on website reputation assessment
US7562304B2 (en) * 2005-05-03 2009-07-14 Mcafee, Inc. Indicating website reputations during website manipulation of user information
US20060253584A1 (en) * 2005-05-03 2006-11-09 Dixon Christopher J Reputation of an entity associated with a content item
US8566726B2 (en) 2005-05-03 2013-10-22 Mcafee, Inc. Indicating website reputations based on website handling of personal information
US20060253582A1 (en) * 2005-05-03 2006-11-09 Dixon Christopher J Indicating website reputations within search results
US8438499B2 (en) 2005-05-03 2013-05-07 Mcafee, Inc. Indicating website reputations during user interactions
US7822620B2 (en) * 2005-05-03 2010-10-26 Mcafee, Inc. Determining website reputations using automatic testing
US7765481B2 (en) * 2005-05-03 2010-07-27 Mcafee, Inc. Indicating website reputations during an electronic commerce transaction
KR100734145B1 (ko) * 2005-10-12 2007-07-03 주식회사 안철수연구소 키보드 데이터 인증을 이용한 키 입력 도용 방지 방법
KR20070076848A (ko) * 2006-01-20 2007-07-25 삼성전자주식회사 카드 인증 시스템의 보안레벨을 향상시키는 장치 및 방법
US8196205B2 (en) * 2006-01-23 2012-06-05 University Of Washington Through Its Center For Commercialization Detection of spyware threats within virtual machine
US8701196B2 (en) 2006-03-31 2014-04-15 Mcafee, Inc. System, method and computer program product for obtaining a reputation associated with a file
US7845009B2 (en) * 2006-05-16 2010-11-30 Intel Corporation Method and apparatus to detect kernel mode rootkit events through virtualization traps
US8640247B2 (en) * 2006-05-31 2014-01-28 The Invention Science Fund I, Llc Receiving an indication of a security breach of a protected set of files
US8209755B2 (en) 2006-05-31 2012-06-26 The Invention Science Fund I, Llc Signaling a security breach of a protected set of files
WO2007143011A2 (en) * 2006-05-31 2007-12-13 The Trustees Of Columbia University In The City Ofnew York Systems, methods, and media for generating bait information for trap-based defenses
US8191140B2 (en) * 2006-05-31 2012-05-29 The Invention Science Fund I, Llc Indicating a security breach of a protected set of files
US20070282723A1 (en) * 2006-05-31 2007-12-06 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Monitoring a status of a database by placing a false identifier in the database
US8667581B2 (en) * 2006-06-08 2014-03-04 Microsoft Corporation Resource indicator trap doors for detecting and stopping malware propagation
US7934258B2 (en) * 2006-08-17 2011-04-26 Informod Control Inc. System and method for remote authentication security management
US7962756B2 (en) * 2006-10-31 2011-06-14 At&T Intellectual Property Ii, L.P. Method and apparatus for providing automatic generation of webpages
US8180873B2 (en) * 2006-11-14 2012-05-15 Fmr Llc Detecting fraudulent activity
US8949986B2 (en) 2006-12-29 2015-02-03 Intel Corporation Network security elements using endpoint resources
US20080209558A1 (en) * 2007-02-22 2008-08-28 Aladdin Knowledge Systems Self-defensive protected software with suspended latent license enforcement
US8806604B2 (en) * 2007-04-09 2014-08-12 Sandisk Il Ltd. Methods for firewall protection of mass-storage devices
US8635686B2 (en) * 2007-05-25 2014-01-21 Apple Inc. Integrated privilege separation and network interception
US9009829B2 (en) * 2007-06-12 2015-04-14 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for baiting inside attackers
SG148891A1 (en) * 2007-06-21 2009-01-29 Novartis Ag Engineering expert system
US8234499B2 (en) * 2007-06-26 2012-07-31 International Business Machines Corporation Adaptive authentication solution that rewards almost correct passwords and that simulates access for incorrect passwords
CN101335746A (zh) * 2007-06-29 2008-12-31 国际商业机器公司 保护软件系统的完整性的安全设备和方法及其系统
JP5098487B2 (ja) * 2007-07-26 2012-12-12 富士ゼロックス株式会社 認証情報処理装置及びプログラム
PL2191610T3 (pl) * 2007-09-07 2019-10-31 Dis Ent Llc Oparte na oprogramowaniu, wielokanałowe, polimorficzne zaciemnianie danych
US20090292775A1 (en) * 2008-05-20 2009-11-26 Scott Wayne Flenniken Method and process for the Forensic Inspection of real time streams FIRST Engine
JP5282477B2 (ja) * 2008-08-12 2013-09-04 富士通株式会社 認証方法、プログラム、及び認証装置
US8769684B2 (en) 2008-12-02 2014-07-01 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for masquerade attack detection by monitoring computer user behavior
US20130276054A1 (en) * 2012-04-13 2013-10-17 Paul Michael Martini Recording activity-triggered computer video output
US8837902B2 (en) * 2009-06-09 2014-09-16 Iboss, Inc. Threshold based computer video output recording application
US9473460B2 (en) * 2009-06-22 2016-10-18 Microsoft Technology Licensing, Llc Using hypertext transfer protocol as a transport for bi-directional data streams
US8528091B2 (en) 2009-12-31 2013-09-03 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for detecting covert malware
US20120153568A1 (en) * 2010-12-17 2012-06-21 Sci-Tek, Inc. Random number generator and method
US9129257B2 (en) * 2010-12-20 2015-09-08 Verizon Patent And Licensing Inc. Method and system for monitoring high risk users
US8813227B2 (en) 2011-03-29 2014-08-19 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
US9262246B2 (en) 2011-03-31 2016-02-16 Mcafee, Inc. System and method for securing memory and storage of an electronic device with a below-operating system security agent
US9317690B2 (en) 2011-03-28 2016-04-19 Mcafee, Inc. System and method for firmware based anti-malware security
US8863283B2 (en) * 2011-03-31 2014-10-14 Mcafee, Inc. System and method for securing access to system calls
US9087199B2 (en) 2011-03-31 2015-07-21 Mcafee, Inc. System and method for providing a secured operating system execution environment
US9038176B2 (en) 2011-03-31 2015-05-19 Mcafee, Inc. System and method for below-operating system trapping and securing loading of code into memory
US9032525B2 (en) 2011-03-29 2015-05-12 Mcafee, Inc. System and method for below-operating system trapping of driver filter attachment
RU2472215C1 (ru) 2011-12-28 2013-01-10 Закрытое акционерное общество "Лаборатория Касперского" Способ выявления неизвестных программ с использованием эмуляции процесса загрузки
US20140007197A1 (en) * 2012-06-29 2014-01-02 Michael John Wray Delegation within a computing environment
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
CN103886249B (zh) * 2012-12-20 2018-03-27 腾讯科技(深圳)有限公司 系统超级用户权限下执行进程的方法及装置
CN103067384B (zh) * 2012-12-27 2016-12-28 华为技术有限公司 威胁处理方法及系统、联动客户端、安全设备及主机
JP5966948B2 (ja) * 2013-01-25 2016-08-10 富士ゼロックス株式会社 プラグイン配信システム及び画像処理装置並びにプラグイン配信制御方法
US10298598B1 (en) * 2013-12-16 2019-05-21 Amazon Technologies, Inc. Countering service enumeration through imposter-driven response
US10440036B2 (en) * 2015-12-09 2019-10-08 Checkpoint Software Technologies Ltd Method and system for modeling all operations and executions of an attack and malicious process entry
US10880316B2 (en) 2015-12-09 2020-12-29 Check Point Software Technologies Ltd. Method and system for determining initial execution of an attack
US10637864B2 (en) 2016-05-05 2020-04-28 Ca, Inc. Creation of fictitious identities to obfuscate hacking of internal networks
US20170324774A1 (en) * 2016-05-05 2017-11-09 Javelin Networks, Inc. Adding supplemental data to a security-related query
US10515187B2 (en) 2016-06-29 2019-12-24 Symantec Corporation Artificial intelligence (AI) techniques for learning and modeling internal networks
US11170011B2 (en) * 2017-03-20 2021-11-09 Palo Alto Networks, Inc. Triggered scanning using provided configuration information
US10831838B2 (en) 2017-03-20 2020-11-10 Expanse, Inc. Triggered scanning based on network available data change
WO2019018033A2 (en) 2017-04-14 2019-01-24 The Trustees Of Columbia University In The City Of New York METHODS, SYSTEMS AND MEDIA FOR TESTING INTERNAL THREAT DETECTION SYSTEMS
US20180322305A1 (en) * 2017-05-05 2018-11-08 Mastercard International Incorporated System and method for data theft prevention
US10599838B2 (en) * 2017-05-08 2020-03-24 Micron Technology, Inc. Crypto-ransomware compromise detection
US11095678B2 (en) * 2017-07-12 2021-08-17 The Boeing Company Mobile security countermeasures
US10824367B2 (en) 2017-10-19 2020-11-03 Seagate Technology Llc Adaptive intrusion detection based on monitored data transfer commands
US10686836B1 (en) * 2017-10-30 2020-06-16 Allure Security Technology Inc. Host-based deception security technology
US10824751B1 (en) * 2018-04-25 2020-11-03 Bank Of America Corporation Zoned data storage and control security system
US10929556B1 (en) 2018-04-25 2021-02-23 Bank Of America Corporation Discrete data masking security system
US10601868B2 (en) 2018-08-09 2020-03-24 Microsoft Technology Licensing, Llc Enhanced techniques for generating and deploying dynamic false user accounts
US11212312B2 (en) * 2018-08-09 2021-12-28 Microsoft Technology Licensing, Llc Systems and methods for polluting phishing campaign responses
WO2020110053A1 (en) * 2018-11-30 2020-06-04 Morphisec Information Security 2014 Ltd. Malicious code protection for computer systems based on system call table modification and runtime application patching
US11714449B2 (en) * 2021-09-27 2023-08-01 International Business Machines Corporation High-speed deserializer with programmable and timing robust data slip function
US20240348654A1 (en) * 2023-04-14 2024-10-17 Palo Alto Networks, Inc. Security policy analysis

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4719566A (en) 1985-10-23 1988-01-12 International Business Machines Corporation Method for entrapping unauthorized computer access
EP0472861B1 (de) 1990-08-31 1995-09-20 International Business Machines Corporation Verfahren und Gerät zur Querteilungssteuerung in einer verteilten Verarbeitungsumgebung
US5278901A (en) * 1992-04-30 1994-01-11 International Business Machines Corporation Pattern-oriented intrusion-detection system and method
FR2706652B1 (fr) * 1993-06-09 1995-08-18 Alsthom Cge Alcatel Dispositif de détection d'intrusions et d'usagers suspects pour ensemble informatique et système de sécurité comportant un tel dispositif.
US5991881A (en) * 1996-11-08 1999-11-23 Harris Corporation Network surveillance system
US5928363A (en) 1997-08-27 1999-07-27 International Business Machines Corporation Method and means for preventing unauthorized resumption of suspended authenticated internet sessions using locking and trapping measures
US5961644A (en) * 1997-09-19 1999-10-05 International Business Machines Corporation Method and apparatus for testing the integrity of computer security alarm systems
US6560611B1 (en) * 1998-10-13 2003-05-06 Netarx, Inc. Method, apparatus, and article of manufacture for a network monitoring system
US6321338B1 (en) 1998-11-09 2001-11-20 Sri International Network surveillance
WO2001006386A1 (en) * 1999-07-14 2001-01-25 Recourse Technologies, Inc. System and method for dynamically changing a computer port or address
US6647400B1 (en) * 1999-08-30 2003-11-11 Symantec Corporation System and method for analyzing filesystems to detect intrusions
US6470384B1 (en) * 1999-10-28 2002-10-22 Networks Associates, Inc. Modular framework for configuring action sets for use in dynamically processing network events in a distributed computing environment
US20020066034A1 (en) 2000-10-24 2002-05-30 Schlossberg Barry J. Distributed network security deception system
US7290283B2 (en) * 2001-01-31 2007-10-30 Lancope, Inc. Network port profiling

Also Published As

Publication number Publication date
EP1382154A1 (de) 2004-01-21
EP1382154B8 (de) 2012-03-21
US20050071684A1 (en) 2005-03-31
EP1382154A4 (de) 2009-04-29
EP1382154B1 (de) 2011-11-02
WO2002087155A1 (en) 2002-10-31
US7424735B2 (en) 2008-09-09
US20020157021A1 (en) 2002-10-24
US6907533B2 (en) 2005-06-14

Similar Documents

Publication Publication Date Title
ATE532289T1 (de) System und verfahren für computersicherheit unter verwendung mehrerer käfige
Abbott A dispersal‐induced paradox: synchrony and stability in stochastic metapopulations
TW200717349A (en) An item monitoring system and methods of using an item monitoring system
DE60119934D1 (de) Netzwerkverwaltungs- und zugriffssystem für unscharfe inhalte
GB0423030D0 (en) Data privacy management system and method
MY147614A (en) Collaboration spaces
MY130937A (en) Activity management system
WO2009064613A3 (en) Profiling system for online marketplace
WO2008045387A3 (en) Computerized management of grouping access rights
DE60115607D1 (de) Methode und system für die aktualisierung eines archivs einer datei
TW200704076A (en) Privacy entitlement protocols for secure data exchange, collection, monitoring and/or alerting
GB2444457A (en) Method for dynamic sensor network processing
WO2005114464A3 (en) System and method for providing remediation management
WO2008141256A3 (en) Social networking system
EP1220158A3 (de) Automatische Graphenerzeugung von Berichtdaten
DE602005009720D1 (de) Verfahren, systeme und computerprogrammprodukte zur bewertung der sicherheit einer netzwerkumgebung
WO2004044817A3 (en) System and method for assessing the functional ability or medical condition of an actor
WO2005040971A3 (en) System and model for performance value based collaborative relationships
WO2006110243A3 (en) Computer system for building a probabilistic model
ATE387703T1 (de) Auswahl eines musikstücks anhand von metadaten und einer externen tempo-eingabe
MXPA02006851A (es) Sistema y metodo para analizar estructuras sometidas a eventos catastroficos.
WO2007064896A3 (en) Data exchange system and method
WO2006104581A3 (en) Gaming device network managing system and method
GB201006641D0 (en) Method and arrangement relating to a media structure
Frank The mysterious disappearance of James Duesenberry