CN114342319B - 用于计算机安全的方法、介质和系统 - Google Patents

用于计算机安全的方法、介质和系统 Download PDF

Info

Publication number
CN114342319B
CN114342319B CN202080061725.5A CN202080061725A CN114342319B CN 114342319 B CN114342319 B CN 114342319B CN 202080061725 A CN202080061725 A CN 202080061725A CN 114342319 B CN114342319 B CN 114342319B
Authority
CN
China
Prior art keywords
attacker
request
honey
iaas
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202080061725.5A
Other languages
English (en)
Chinese (zh)
Other versions
CN114342319A (zh
Inventor
C·J·瑞斯
N·A·拉沃瑞托
K·雷蒙德
P·安德鲁斯
C·斯库拉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oracle International Corp
Original Assignee
Oracle International Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oracle International Corp filed Critical Oracle International Corp
Publication of CN114342319A publication Critical patent/CN114342319A/zh
Application granted granted Critical
Publication of CN114342319B publication Critical patent/CN114342319B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
CN202080061725.5A 2019-09-04 2020-09-02 用于计算机安全的方法、介质和系统 Active CN114342319B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201962895847P 2019-09-04 2019-09-04
US62/895,847 2019-09-04
US17/009,634 2020-09-01
US17/009,634 US11750651B2 (en) 2019-09-04 2020-09-01 Honeypots for infrastructure-as-a-service security
PCT/US2020/049013 WO2021046094A1 (en) 2019-09-04 2020-09-02 Honeypots for infrastructure-as-a-service security

Publications (2)

Publication Number Publication Date
CN114342319A CN114342319A (zh) 2022-04-12
CN114342319B true CN114342319B (zh) 2024-07-19

Family

ID=74681952

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202080061725.5A Active CN114342319B (zh) 2019-09-04 2020-09-02 用于计算机安全的方法、介质和系统

Country Status (5)

Country Link
US (2) US11750651B2 (https=)
EP (1) EP4026297B1 (https=)
JP (3) JP7538217B2 (https=)
CN (1) CN114342319B (https=)
WO (1) WO2021046094A1 (https=)

Families Citing this family (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10938854B2 (en) * 2017-09-22 2021-03-02 Acronis International Gmbh Systems and methods for preventive ransomware detection using file honeypots
US11750651B2 (en) 2019-09-04 2023-09-05 Oracle International Corporation Honeypots for infrastructure-as-a-service security
US11336528B2 (en) 2019-11-29 2022-05-17 Amazon Technologies, Inc. Configuration and management of scalable global private networks
US11533231B2 (en) * 2019-11-29 2022-12-20 Amazon Technologies, Inc. Configuration and management of scalable global private networks
US11729077B2 (en) * 2019-11-29 2023-08-15 Amazon Technologies, Inc. Configuration and management of scalable global private networks
US12058148B2 (en) * 2020-05-01 2024-08-06 Amazon Technologies, Inc. Distributed threat sensor analysis and correlation
US12041094B2 (en) 2020-05-01 2024-07-16 Amazon Technologies, Inc. Threat sensor deployment and management
US12363127B2 (en) * 2020-09-11 2025-07-15 Canon Kabushiki Kaisha Information processing apparatus, control method thereof, and non-transitory computer-readable storage medium
US12332995B2 (en) * 2020-10-23 2025-06-17 Red Hat, Inc. Containers system auditing through system call emulation
US20250124149A1 (en) * 2021-02-24 2025-04-17 Navindra Yadav Methods and systems for detecting hiding and data intelligence gathering in data lakes and cloud warehousing
US11960625B2 (en) * 2021-05-06 2024-04-16 Jpmorgan Chase Bank, N.A. Systems and methods for protecting sensitive data in user online activities
US20220385677A1 (en) * 2021-06-01 2022-12-01 International Business Machines Corporation Cloud-based security for identity imposter
CN114679292B (zh) * 2021-06-10 2023-03-21 腾讯云计算(北京)有限责任公司 基于网络空间测绘的蜜罐识别方法、装置、设备及介质
US11818172B1 (en) 2021-08-24 2023-11-14 Amdocs Development Limited System, method, and computer program for a computer attack response service
CN113645253B (zh) * 2021-08-27 2023-05-26 杭州安恒信息技术股份有限公司 一种攻击信息获取方法、装置、设备及存储介质
EP4149051A1 (en) * 2021-09-08 2023-03-15 Volvo Truck Corporation A tracking and management method for responding to a cyber-attack
CN114465747B (zh) * 2021-09-28 2022-10-11 北京卫达信息技术有限公司 基于动态端口伪装的主动欺骗防御方法及系统
WO2023058026A1 (en) * 2021-10-08 2023-04-13 Cymotive Technologies Ltd. Methods and systems of correlating network attacks with network element behavior
US12386956B1 (en) * 2021-10-26 2025-08-12 NTT DATA Services, LLC Automatic discovery and enterprise control of a robotic workforce
CN116032512B (zh) * 2021-10-26 2026-02-06 北京华安网信科技有限公司 一种面向工业控制网络的多节点动态诱捕系统及方法
CN114024728B (zh) * 2021-10-28 2024-04-02 杭州默安科技有限公司 一种蜜罐搭建方法以及应用方法
DE102021213115A1 (de) * 2021-11-22 2023-05-25 Robert Bosch Gesellschaft mit beschränkter Haftung Schutz von anwendungsprogrammierschnittstellen
US12592968B2 (en) * 2021-11-23 2026-03-31 Zscaler, Inc. Cloud-based deception technology with granular scoring for breach detection
US12445460B2 (en) 2021-12-03 2025-10-14 International Business Machines Corporation Tracking a potential attacker on an external computer system
CN114285660B (zh) * 2021-12-28 2023-11-07 赛尔网络有限公司 蜜网部署方法、装置、设备及介质
KR102850184B1 (ko) * 2022-03-29 2025-08-25 주식회사 아이티스테이션 허니팟을 이용한 악성 파일 탐지 방법 및 이를 이용한 시스템
US20230421562A1 (en) * 2022-05-19 2023-12-28 Capital One Services, Llc Method and system for protection of cloud-based infrastructure
US20240126581A1 (en) * 2022-06-17 2024-04-18 Oracle International Corporation Implementing communications within a container environment
CN114915493B (zh) * 2022-06-22 2024-05-28 云南电网有限责任公司 一种基于电力监控系统网络攻击的诱捕部署方法
CN115348105A (zh) * 2022-08-30 2022-11-15 中国银行股份有限公司 基于蜜网的校验方法、装置、存储介质及设备
CN115499204B (zh) * 2022-09-15 2025-04-18 杭州安恒信息技术股份有限公司 一种蜜罐攻击溯源方法、装置、设备、存储介质
US12505213B2 (en) 2022-10-04 2025-12-23 Dell Products L.P. Cyber recovery forensics kit configured to maintain communication and send return malware
US12505214B2 (en) 2022-10-14 2025-12-23 Dell Products L.P. Cyber recovery forensic kit—application-based granularity
JP7760989B2 (ja) * 2022-11-07 2025-10-28 トヨタ自動車株式会社 攻撃検知システム
CN115883169B (zh) * 2022-11-28 2026-02-13 国网辽宁省电力有限公司沈阳供电公司 基于蜜罐系统的工控网络攻击报文响应方法及响应系统
US12284211B2 (en) * 2023-02-02 2025-04-22 Advanced Security Technologies Asia Pte. Ltd. Cyber clone of a computing entity
US20240330480A1 (en) 2023-03-31 2024-10-03 Cisco Technology, Inc. System and method for triaging vulnerabilities by applying bug reports to a large language model (llm)
US12526313B2 (en) * 2023-04-25 2026-01-13 Dell Products L.P. Validation traps to detect adversary attempts to secure access
CN116527379B (zh) * 2023-05-22 2025-12-23 广州大学 基于蜜点生成的防网络攻击方法、系统及装置
US20250088536A1 (en) * 2023-09-12 2025-03-13 The United States Of America, As Represented By The Secretary Of The Navy Deceptive Resistance to Adversary Cyber Operations (DRACO)
DE102023209244A1 (de) * 2023-09-21 2025-03-27 Robert Bosch Gesellschaft mit beschränkter Haftung Verfahren zum Erzeugen eines Honeypots
EP4560982B1 (en) * 2023-11-23 2026-01-21 Tata Consultancy Services Limited Method, system and storage medium for protecting serverless cloud architecture using honeypots
US12423411B2 (en) * 2023-11-27 2025-09-23 Acronis International Gmbh Virtual file honey pots for computing systems behavior-based protection against ransomware attacks
GB2636091A (en) * 2023-11-28 2025-06-11 Joseph Cox Samuel System and method for implementing decoys in a cloud environment
US20250211617A1 (en) * 2023-12-21 2025-06-26 F5, Inc. Methods for capturing reconnaissance traffic
US12506781B2 (en) * 2024-03-15 2025-12-23 International Business Machines Corporation Generating deceptions using web assembly binaries
US20250317475A1 (en) * 2024-04-05 2025-10-09 Bank Of America Corporation System and method for securing software applications and computing networks
US12549600B1 (en) * 2024-06-22 2026-02-10 Bank Of America Corporation Detection and prevention of artificial intelligence attacks using digital twin based artificial intelligence centric polymorphic honey net
CN118400202B (zh) * 2024-06-27 2024-08-27 杭州海康威视数字技术股份有限公司 蜜罐诱捕策略编排调度的方法、系统、装置、设备及产品
KR20260031339A (ko) * 2024-08-28 2026-03-09 쿤텍 주식회사 사이버 위협 탐지 및 대응을 위한 멀티레이어 기만 방어 시스템
US20260073071A1 (en) * 2024-09-10 2026-03-12 Bank Of America Corporation System and method for generating decoy data and sharding sensitive data utilizing quantum computing
CN119696932B (zh) * 2025-02-24 2025-06-20 北京元支点信息安全技术有限公司 基于攻击诱捕系统内的蜜罐网络仿真模拟方法及系统

Family Cites Families (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7412723B2 (en) 2002-12-31 2008-08-12 International Business Machines Corporation Method and system for morphing honeypot with computer security incident correlation
US7725937B1 (en) * 2004-02-09 2010-05-25 Symantec Corporation Capturing a security breach
US7992204B2 (en) * 2004-05-02 2011-08-02 Markmonitor, Inc. Enhanced responses to online fraud
US8484639B2 (en) * 2011-04-05 2013-07-09 International Business Machines Corporation Fine-grained cloud management control using nested virtualization
JP5713445B2 (ja) 2011-06-24 2015-05-07 日本電信電話株式会社 通信監視システム及び方法及び通信監視装置及び仮想ホスト装置及び通信監視プログラム
JP5824911B2 (ja) * 2011-06-29 2015-12-02 富士通株式会社 情報処理装置、情報処理プログラムおよび管理方法
US9503463B2 (en) * 2012-05-14 2016-11-22 Zimperium, Inc. Detection of threats to networks, based on geographic location
US9485276B2 (en) * 2012-09-28 2016-11-01 Juniper Networks, Inc. Dynamic service handling using a honeypot
JP6081031B2 (ja) 2014-09-17 2017-02-15 三菱電機株式会社 攻撃観察装置、及び攻撃観察方法
US9716727B1 (en) * 2014-09-30 2017-07-25 Palo Alto Networks, Inc. Generating a honey network configuration to emulate a target network environment
US10044675B1 (en) * 2014-09-30 2018-08-07 Palo Alto Networks, Inc. Integrating a honey network with a target network to counter IP and peer-checking evasion techniques
US9860208B1 (en) * 2014-09-30 2018-01-02 Palo Alto Networks, Inc. Bridging a virtual clone of a target device in a honey network to a suspicious device in an enterprise network
US9560075B2 (en) * 2014-10-22 2017-01-31 International Business Machines Corporation Cognitive honeypot
US9602536B1 (en) * 2014-12-04 2017-03-21 Amazon Technologies, Inc. Virtualized network honeypots
CN105376210B (zh) * 2014-12-08 2018-09-07 哈尔滨安天科技股份有限公司 一种账户威胁识别和防御方法及系统
US9923908B2 (en) * 2015-04-29 2018-03-20 International Business Machines Corporation Data protection in a networked computing environment
US10382484B2 (en) * 2015-06-08 2019-08-13 Illusive Networks Ltd. Detecting attackers who target containerized clusters
US10205803B1 (en) * 2015-08-27 2019-02-12 Amazon Technologies, Inc. System for determining improper port configurations
US10050999B1 (en) * 2015-09-22 2018-08-14 Amazon Technologies, Inc. Security threat based auto scaling
US10193809B1 (en) * 2015-09-30 2019-01-29 Cisco Technology, Inc. Load balancing methods based on transport layer port numbers for a network switch
US20230370439A1 (en) * 2015-10-28 2023-11-16 Qomplx, Inc. Network action classification and analysis using widely distributed honeypot sensor nodes
WO2017087964A1 (en) * 2015-11-20 2017-05-26 Acalvio Technologies, Inc. Modification of a server to mimic a deception mechanism
US10212175B2 (en) * 2015-11-30 2019-02-19 International Business Machines Corporation Attracting and analyzing spam postings
US10284598B2 (en) 2016-01-29 2019-05-07 Sophos Limited Honeypot network services
CA3013924A1 (en) 2016-02-10 2017-08-17 Level 3 Communications, Llc Automated honeypot provisioning system
US10021131B2 (en) * 2016-02-15 2018-07-10 Verizon Digital Media Services Inc. Origin controlled attack protections in a distributed platform
GB201603118D0 (en) 2016-02-23 2016-04-06 Eitc Holdings Ltd Reactive and pre-emptive security system based on choice theory
US10462181B2 (en) 2016-05-10 2019-10-29 Quadrant Information Security Method, system, and apparatus to identify and study advanced threat tactics, techniques and procedures
CN107819731B (zh) * 2016-09-13 2021-02-12 北京长亭未来科技有限公司 一种网络安全防护系统及相关方法
US10402090B1 (en) * 2016-09-30 2019-09-03 EMC IP Holding Company LLC Data service protection for cloud management platforms
US9912695B1 (en) * 2017-04-06 2018-03-06 Qualcomm Incorporated Techniques for using a honeypot to protect a server
US20180375897A1 (en) * 2017-06-26 2018-12-27 Formaltech, Inc. Automated network device cloner and decoy generator
US10986126B2 (en) 2017-07-25 2021-04-20 Palo Alto Networks, Inc. Intelligent-interaction honeypot for IoT devices
US10637888B2 (en) 2017-08-09 2020-04-28 Sap Se Automated lifecycle system operations for threat mitigation
US11115480B2 (en) * 2017-10-02 2021-09-07 Vmware, Inc. Layer four optimization for a virtual network defined over public cloud
CN107809425A (zh) * 2017-10-20 2018-03-16 杭州默安科技有限公司 一种蜜罐部署系统
US10785258B2 (en) * 2017-12-01 2020-09-22 At&T Intellectual Property I, L.P. Counter intelligence bot
CN107872467A (zh) * 2017-12-26 2018-04-03 中国联合网络通信集团有限公司 基于Serverless架构的蜜罐主动防御方法和蜜罐主动防御系统
US10855722B1 (en) * 2018-03-29 2020-12-01 Ca, Inc. Deception service for email attacks
US11086685B1 (en) * 2018-04-25 2021-08-10 Amazon Technologies, Inc. Deployment of virtual computing resources with repeatable configuration as a resource set
US10972503B1 (en) * 2018-08-08 2021-04-06 Acalvio Technologies, Inc. Deception mechanisms in containerized environments
US10333977B1 (en) * 2018-08-23 2019-06-25 Illusive Networks Ltd. Deceiving an attacker who is harvesting credentials
US10986128B1 (en) * 2019-03-29 2021-04-20 Rapid7, Inc. Honeypot opaque credential recovery
US20200326963A1 (en) * 2019-04-10 2020-10-15 Dell Products L.P. System and Method of Provisioning Virtualization Instances with One or More Hardware Attributes
US11750651B2 (en) 2019-09-04 2023-09-05 Oracle International Corporation Honeypots for infrastructure-as-a-service security
US20210211403A1 (en) * 2019-09-24 2021-07-08 Andrew Robinson Content server for providing application unification for public network applications
US11265346B2 (en) * 2019-12-19 2022-03-01 Palo Alto Networks, Inc. Large scale high-interactive honeypot farm
US20220038447A1 (en) * 2020-07-31 2022-02-03 Citrix Systems, Inc. Systems and methods for autonomous program detection and management
US11824874B2 (en) * 2021-01-20 2023-11-21 Vmware, Inc. Application security enforcement
EP4072102B1 (en) * 2021-04-07 2024-08-21 Tata Consultancy Services Limited System, method and computer readable medium for providing emulation as a service framework for communication networks
US12267361B2 (en) * 2021-12-08 2025-04-01 Sri International Conversation-depth social engineering attack detection using attributes from automated dialog engagement
US12436793B2 (en) * 2022-11-02 2025-10-07 International Business Machines Corporation Virtual machine management
US20240179066A1 (en) * 2022-11-29 2024-05-30 VMware LLC Defining service policies for third-party container clusters

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"HONEYPROXY: Design and Implementation of Next-Generation Honeynet via SDN";Sukwha Kyung 等;《2017 IEEE Conference on Communications and Network Security (CNS)》;第1-9页 *

Also Published As

Publication number Publication date
EP4026297A1 (en) 2022-07-13
EP4026297B1 (en) 2024-01-17
JP7759453B2 (ja) 2025-10-23
US20210067553A1 (en) 2021-03-04
EP4026297A4 (en) 2023-01-25
JP7538217B2 (ja) 2024-08-21
CN114342319A (zh) 2022-04-12
US11750651B2 (en) 2023-09-05
JP2022547485A (ja) 2022-11-14
JP2024164054A (ja) 2024-11-26
US20230379362A1 (en) 2023-11-23
WO2021046094A1 (en) 2021-03-11
JP2025176031A (ja) 2025-12-03
US12495074B2 (en) 2025-12-09

Similar Documents

Publication Publication Date Title
CN114342319B (zh) 用于计算机安全的方法、介质和系统
US11457047B2 (en) Managing computer security services for cloud computing platforms
JP7418611B2 (ja) IoTデバイスの検出および識別
US9985989B2 (en) Managing dynamic deceptive environments
US9294442B1 (en) System and method for threat-driven security policy controls
US9225730B1 (en) Graph based detection of anomalous activity
CN106716404B (zh) 计算机子网内的代理服务器
US10812462B2 (en) Session management for mobile devices
US20160294875A1 (en) System and method for threat-driven security policy controls
JP7652400B2 (ja) IoTデバイスのアプリケーションワークロードキャプチャ
US10129289B1 (en) Mitigating attacks on server computers by enforcing platform policies on client computers
US20130347085A1 (en) Data exfiltration attack simulation technology
US11803635B2 (en) Passing local credentials to a secure browser session
Bock Measuring adoption of phishing-resistant authentication methods on the web
Hawasli azureLang: a probabilistic modeling and simulation language for cyber attacks in Microsoft Azure cloud infrastructure
Olurin Intrusions Detection in a Cloud Environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant