IL240743A0 - Misleading based answers to security attacks - Google Patents

Misleading based answers to security attacks

Info

Publication number
IL240743A0
IL240743A0 IL240743A IL24074315A IL240743A0 IL 240743 A0 IL240743 A0 IL 240743A0 IL 240743 A IL240743 A IL 240743A IL 24074315 A IL24074315 A IL 24074315A IL 240743 A0 IL240743 A0 IL 240743A0
Authority
IL
Israel
Prior art keywords
deception
security attacks
based responses
responses
attacks
Prior art date
Application number
IL240743A
Other languages
English (en)
Hebrew (he)
Inventor
Alperovitch Dmitri
Krasser Sven
S Meyers Adam
F Diehl David
Robert Kurtz George
Original Assignee
Crowdstrike Inc
Alperovitch Dmitri
Krasser Sven
S Meyers Adam
F Diehl David
Robert Kurtz George
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Crowdstrike Inc, Alperovitch Dmitri, Krasser Sven, S Meyers Adam, F Diehl David, Robert Kurtz George filed Critical Crowdstrike Inc
Publication of IL240743A0 publication Critical patent/IL240743A0/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Virology (AREA)
  • Computer And Data Communications (AREA)
  • User Interface Of Digital Computer (AREA)
  • Information Transfer Between Computers (AREA)
IL240743A 2013-03-04 2015-08-20 Misleading based answers to security attacks IL240743A0 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/784,720 US10713356B2 (en) 2013-03-04 2013-03-04 Deception-based responses to security attacks
PCT/US2014/017950 WO2014137640A1 (en) 2013-03-04 2014-02-24 Deception-based responses to security attacks

Publications (1)

Publication Number Publication Date
IL240743A0 true IL240743A0 (en) 2015-10-29

Family

ID=51421725

Family Applications (1)

Application Number Title Priority Date Filing Date
IL240743A IL240743A0 (en) 2013-03-04 2015-08-20 Misleading based answers to security attacks

Country Status (9)

Country Link
US (4) US10713356B2 (enExample)
EP (4) EP3731125B1 (enExample)
JP (1) JP2016514313A (enExample)
AU (1) AU2014226405A1 (enExample)
BR (1) BR112015021552A2 (enExample)
CA (1) CA2901302A1 (enExample)
IL (1) IL240743A0 (enExample)
SG (1) SG11201506719QA (enExample)
WO (1) WO2014137640A1 (enExample)

Families Citing this family (48)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10713356B2 (en) * 2013-03-04 2020-07-14 Crowdstrike, Inc. Deception-based responses to security attacks
US9158914B2 (en) * 2013-04-19 2015-10-13 Crowdstrike, Inc. Executable component injection utilizing hotpatch mechanisms
US10432658B2 (en) * 2014-01-17 2019-10-01 Watchguard Technologies, Inc. Systems and methods for identifying and performing an action in response to identified malicious network traffic
US10264025B2 (en) 2016-06-24 2019-04-16 Varmour Networks, Inc. Security policy generation for virtualization, bare-metal server, and cloud computing environments
US10091238B2 (en) 2014-02-11 2018-10-02 Varmour Networks, Inc. Deception using distributed threat detection
US8997226B1 (en) * 2014-04-17 2015-03-31 Shape Security, Inc. Detection of client-side malware activity
US9769204B2 (en) * 2014-05-07 2017-09-19 Attivo Networks Inc. Distributed system for Bot detection
US9609019B2 (en) * 2014-05-07 2017-03-28 Attivo Networks Inc. System and method for directing malicous activity to a monitoring system
US11507663B2 (en) 2014-08-11 2022-11-22 Sentinel Labs Israel Ltd. Method of remediating operations performed by a program and system thereof
US9710648B2 (en) 2014-08-11 2017-07-18 Sentinel Labs Israel Ltd. Method of malware detection and system thereof
US10193929B2 (en) 2015-03-13 2019-01-29 Varmour Networks, Inc. Methods and systems for improving analytics in distributed networks
US9380027B1 (en) 2015-03-30 2016-06-28 Varmour Networks, Inc. Conditional declarative policies
US10191758B2 (en) 2015-12-09 2019-01-29 Varmour Networks, Inc. Directing data traffic between intra-server virtual machines
US9680852B1 (en) 2016-01-29 2017-06-13 Varmour Networks, Inc. Recursive multi-layer examination for computer network security remediation
JP2019511055A (ja) 2016-03-24 2019-04-18 カーボン ブラック, インコーポレイテッド サイバーセキュリティインシデントに対する応答を誘導するためのシステムおよび技術
US9853999B2 (en) * 2016-04-27 2017-12-26 Acalvio Technologies, Inc. Context-aware knowledge system and methods for deploying deception mechanisms
US10681059B2 (en) 2016-05-25 2020-06-09 CyberOwl Limited Relating to the monitoring of network security
US10755334B2 (en) 2016-06-30 2020-08-25 Varmour Networks, Inc. Systems and methods for continually scoring and segmenting open opportunities using client data and product predictors
US11616812B2 (en) 2016-12-19 2023-03-28 Attivo Networks Inc. Deceiving attackers accessing active directory data
US11695800B2 (en) 2016-12-19 2023-07-04 SentinelOne, Inc. Deceiving attackers accessing network data
JP2020530922A (ja) 2017-08-08 2020-10-29 センチネル ラボ, インコーポレイテッドSentinel Labs, Inc. エッジネットワーキングのエンドポイントを動的にモデリングおよびグループ化する方法、システム、およびデバイス
US10785258B2 (en) 2017-12-01 2020-09-22 At&T Intellectual Property I, L.P. Counter intelligence bot
RU2697950C2 (ru) * 2018-02-06 2019-08-21 Акционерное общество "Лаборатория Касперского" Система и способ выявления скрытого поведения расширения браузера
US11470115B2 (en) 2018-02-09 2022-10-11 Attivo Networks, Inc. Implementing decoys in a network environment
JP7278423B2 (ja) 2019-05-20 2023-05-19 センチネル ラブス イスラエル リミテッド 実行可能コード検出、自動特徴抽出及び位置独立コード検出のためのシステム及び方法
US11863580B2 (en) 2019-05-31 2024-01-02 Varmour Networks, Inc. Modeling application dependencies to identify operational risk
US11310284B2 (en) 2019-05-31 2022-04-19 Varmour Networks, Inc. Validation of cloud security policies
US11575563B2 (en) 2019-05-31 2023-02-07 Varmour Networks, Inc. Cloud security management
US11711374B2 (en) 2019-05-31 2023-07-25 Varmour Networks, Inc. Systems and methods for understanding identity and organizational access to applications within an enterprise environment
US11290494B2 (en) 2019-05-31 2022-03-29 Varmour Networks, Inc. Reliability prediction for cloud security policies
US11290493B2 (en) 2019-05-31 2022-03-29 Varmour Networks, Inc. Template-driven intent-based security
CN111786964B (zh) * 2020-06-12 2022-09-30 深信服科技股份有限公司 网络安全检测方法、终端及网络安全设备
US12375527B2 (en) * 2020-06-24 2025-07-29 Fortinet, Inc. Leveraging network security scanning to obtain enhanced information regarding an attack chain involving a decoy file
US11546368B2 (en) * 2020-09-28 2023-01-03 T-Mobile Usa, Inc. Network security system including a multi-dimensional domain name system to protect against cybersecurity threats
US11496522B2 (en) 2020-09-28 2022-11-08 T-Mobile Usa, Inc. Digital on-demand coupons for security service of communications system
US11558352B2 (en) * 2020-10-19 2023-01-17 Cycraft Singapore Pte. Ltd. Cyber security protection system and related proactive suspicious domain alert system
US11579857B2 (en) 2020-12-16 2023-02-14 Sentinel Labs Israel Ltd. Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach
US11818152B2 (en) 2020-12-23 2023-11-14 Varmour Networks, Inc. Modeling topic-based message-oriented middleware within a security system
US11876817B2 (en) 2020-12-23 2024-01-16 Varmour Networks, Inc. Modeling queue-based message-oriented middleware relationships in a security system
US11777978B2 (en) 2021-01-29 2023-10-03 Varmour Networks, Inc. Methods and systems for accurately assessing application access risk
US12050693B2 (en) 2021-01-29 2024-07-30 Varmour Networks, Inc. System and method for attributing user behavior from multiple technical telemetry sources
US11734316B2 (en) 2021-07-08 2023-08-22 Varmour Networks, Inc. Relationship-based search in a computing environment
US11899782B1 (en) 2021-07-13 2024-02-13 SentinelOne, Inc. Preserving DLL hooks
US12072405B2 (en) * 2021-11-08 2024-08-27 Nightwing Group, Llc Context-aware, intelligent beaconing
US12423414B2 (en) * 2022-02-14 2025-09-23 The George Washington University MAYA: a hardware-based cyber-deception framework to combat malware
US12452273B2 (en) 2022-03-30 2025-10-21 SentinelOne, Inc Systems, methods, and devices for preventing credential passing attacks
US12355792B2 (en) * 2022-11-30 2025-07-08 Palo Alto Networks, Inc. Strategically aged domain detection
WO2024152041A1 (en) 2023-01-13 2024-07-18 SentinelOne, Inc. Classifying cybersecurity threats using machine learning on non-euclidean data

Family Cites Families (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002007234A (ja) 2000-06-20 2002-01-11 Mitsubishi Electric Corp 不正メッセージ検出装置、不正メッセージ対策システム、不正メッセージ検出方法、不正メッセージ対策方法、及びコンピュータ読み取り可能な記録媒体
US20020066034A1 (en) * 2000-10-24 2002-05-30 Schlossberg Barry J. Distributed network security deception system
WO2002056132A2 (en) * 2000-11-01 2002-07-18 Snapnames Com Inc Domain name acquisition and management system and method
WO2002098100A1 (en) 2001-05-31 2002-12-05 Preventon Technologies Limited Access control systems
JP3914757B2 (ja) * 2001-11-30 2007-05-16 デュアキシズ株式会社 ウィルス検査のための装置と方法とシステム
US20040148521A1 (en) * 2002-05-13 2004-07-29 Sandia National Laboratories Method and apparatus for invisible network responder
JP2004102772A (ja) 2002-09-11 2004-04-02 Renesas Technology Corp 設計検証装置
US7437766B2 (en) * 2002-10-03 2008-10-14 Sandia National Laboratories Method and apparatus providing deception and/or altered operation in an information system operating system
US7376969B1 (en) * 2002-12-02 2008-05-20 Arcsight, Inc. Real time monitoring and analysis of events from multiple network security devices
US20040139170A1 (en) 2003-01-15 2004-07-15 Ming-Teh Shen Method and apparatus for management of shared wide area network connections
US7100205B2 (en) * 2003-10-22 2006-08-29 The United States Of America As Represented By The Secretary Of The Navy Secure attention instruction central processing unit and system architecture
US7356534B2 (en) 2004-03-15 2008-04-08 Microsoft Corporation Providing notifications for domain registration changes
US7870608B2 (en) * 2004-05-02 2011-01-11 Markmonitor, Inc. Early detection and monitoring of online fraud
US7908653B2 (en) * 2004-06-29 2011-03-15 Intel Corporation Method of improving computer security through sandboxing
US7515715B2 (en) * 2004-07-08 2009-04-07 Honeywell International Inc. Information security for aeronautical surveillance systems
US20060161982A1 (en) * 2005-01-18 2006-07-20 Chari Suresh N Intrusion detection system
EP1718034A1 (en) * 2005-04-25 2006-11-02 Thomson Multimedia Broadband Belgium Process for managing resource address requests and associated gateway device
JP2009512939A (ja) 2005-10-21 2009-03-26 ヴァー2アス インコーポレイテッド 複数のオペレーティングシステムのインスタンスが単一のマシン資源を安全に共有することを可能とする、オペレーティングシステムの仮想化、を有するコンピュータセキュリティ方法
US20120151553A1 (en) 2005-11-16 2012-06-14 Azos Ai, Llc System, method, and apparatus for data cognition incorporating autonomous security protection
US8375120B2 (en) * 2005-11-23 2013-02-12 Trend Micro Incorporated Domain name system security network
US20070226799A1 (en) * 2006-03-21 2007-09-27 Prem Gopalan Email-based worm propagation properties
US20080016339A1 (en) * 2006-06-29 2008-01-17 Jayant Shukla Application Sandbox to Detect, Remove, and Prevent Malware
JP4780413B2 (ja) 2007-01-12 2011-09-28 横河電機株式会社 不正アクセス情報収集システム
US20080270203A1 (en) * 2007-04-27 2008-10-30 Corporation Service Company Assessment of Risk to Domain Names, Brand Names and the Like
US9009829B2 (en) * 2007-06-12 2015-04-14 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for baiting inside attackers
US20120084866A1 (en) * 2007-06-12 2012-04-05 Stolfo Salvatore J Methods, systems, and media for measuring computer security
WO2009032379A1 (en) * 2007-06-12 2009-03-12 The Trustees Of Columbia University In The City Of New York Methods and systems for providing trap-based defenses
CA2697632C (en) 2007-08-06 2015-05-12 Bernard De Monseignat System and method for authentication, data transfer, and protection against phishing
US8387040B2 (en) * 2008-01-24 2013-02-26 International Business Machines Corporation Dynamic creation of client-side environment for problem analysis
KR100985049B1 (ko) 2008-05-19 2010-10-04 주식회사 안철수연구소 파밍감지 시스템 및 이를 제어하는 방법
JP5328283B2 (ja) 2008-10-07 2013-10-30 Kddi株式会社 情報処理装置、プログラム、および記録媒体
US8769684B2 (en) * 2008-12-02 2014-07-01 The Trustees Of Columbia University In The City Of New York Methods, systems, and media for masquerade attack detection by monitoring computer user behavior
US8347394B1 (en) * 2009-07-15 2013-01-01 Trend Micro, Inc. Detection of downloaded malware using DNS information
US8321551B2 (en) 2010-02-02 2012-11-27 Symantec Corporation Using aggregated DNS information originating from multiple sources to detect anomalous DNS name resolutions
US8549643B1 (en) * 2010-04-02 2013-10-01 Symantec Corporation Using decoys by a data loss prevention system to protect against unscripted activity
US8650215B2 (en) * 2010-05-04 2014-02-11 Red Hat, Inc. Decoy application servers
US8260914B1 (en) 2010-06-22 2012-09-04 Narus, Inc. Detecting DNS fast-flux anomalies
US8661544B2 (en) * 2010-08-31 2014-02-25 Cisco Technology, Inc. Detecting botnets
US8312517B2 (en) 2010-08-31 2012-11-13 Intel Corporation User-entered credentials for a mobile station in a wireless network
US8453258B2 (en) 2010-09-15 2013-05-28 Bank Of America Corporation Protecting an electronic document by embedding an executable script
US8516585B2 (en) 2010-10-01 2013-08-20 Alcatel Lucent System and method for detection of domain-flux botnets and the like
JP5697206B2 (ja) 2011-03-31 2015-04-08 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation 不正アクセスに対する防御をするシステム、方法およびプログラム
US9467421B2 (en) 2011-05-24 2016-10-11 Palo Alto Networks, Inc. Using DNS communications to filter domain names
KR101115250B1 (ko) 2011-08-11 2012-02-15 주식회사 반딧불소프트웨어 Qr코드의 안전도 검사 장치 및 방법
US20130139259A1 (en) * 2011-11-30 2013-05-30 Elwha Llc Deceptive indicia profile generation from communications interactions
US8739281B2 (en) * 2011-12-06 2014-05-27 At&T Intellectual Property I, L.P. Multilayered deception for intrusion detection and prevention
US8925080B2 (en) * 2011-12-20 2014-12-30 Sap Se Deception-based network security using false positive responses to unauthorized access requests
US8949982B2 (en) * 2011-12-30 2015-02-03 Verisign, Inc. Method for administering a top-level domain
US9497212B2 (en) 2012-05-21 2016-11-15 Fortinet, Inc. Detecting malicious resources in a network based upon active client reputation monitoring
US8813228B2 (en) * 2012-06-29 2014-08-19 Deloitte Development Llc Collective threat intelligence gathering system
US9749336B1 (en) * 2013-02-26 2017-08-29 Palo Alto Networks, Inc. Malware domain detection using passive DNS
US10713356B2 (en) * 2013-03-04 2020-07-14 Crowdstrike, Inc. Deception-based responses to security attacks
US10298598B1 (en) * 2013-12-16 2019-05-21 Amazon Technologies, Inc. Countering service enumeration through imposter-driven response
US10178121B2 (en) 2015-10-01 2019-01-08 Michael Klatt Domain reputation evaluation process and method

Also Published As

Publication number Publication date
EP2965256A4 (en) 2017-03-22
EP2965256A1 (en) 2016-01-13
US20200285739A1 (en) 2020-09-10
EP3731123A1 (en) 2020-10-28
EP3731125A1 (en) 2020-10-28
CA2901302A1 (en) 2014-09-12
US20200285740A1 (en) 2020-09-10
US20240028717A1 (en) 2024-01-25
BR112015021552A2 (pt) 2017-07-18
EP3731125B1 (en) 2022-06-08
US12118086B2 (en) 2024-10-15
JP2016514313A (ja) 2016-05-19
US10713356B2 (en) 2020-07-14
EP3731124A1 (en) 2020-10-28
US11809555B2 (en) 2023-11-07
EP3731123B1 (en) 2024-04-03
US20140250524A1 (en) 2014-09-04
EP3731124B1 (en) 2023-08-02
SG11201506719QA (en) 2015-09-29
WO2014137640A1 (en) 2014-09-12
AU2014226405A1 (en) 2015-09-10

Similar Documents

Publication Publication Date Title
IL240743A0 (en) Misleading based answers to security attacks
GB201309702D0 (en) Security
IL245198B (en) Cyber protection
GB201212046D0 (en) Security devices
PT3077216T (pt) Estrutura de segurança
GB201412504D0 (en) Mobile-device security
GB201218647D0 (en) Security devices
PL3008266T3 (pl) Zabezpieczające urządzenie
GB201516041D0 (en) Lens-foil based security device
GB2511882B (en) Security device
HU4337U (en) Heat-printable security print-carrier
GB2516829B (en) Improvements in security elements
GB2521741B (en) Security document
GB2514390B (en) Security device
GB201302205D0 (en) Security Device
EP2973141A4 (en) CYBER-SECURITY
GB2513899B (en) Security device
GB2516680B (en) Improving data security
GB201322806D0 (en) Security
AU352957S (en) Security plug
GB201312557D0 (en) Mobile-devices security
GB201314348D0 (en) Security Devices
GB201301777D0 (en) Security devices
GB201323117D0 (en) Security device
GB201310509D0 (en) Security Device