首页>
外国专利>
Decoy network technology with automatic signature generation for intrusion detection and intrusion prevention systems
Decoy network technology with automatic signature generation for intrusion detection and intrusion prevention systems
展开▼
机译:具有自动签名生成功能的诱饵网络技术,用于入侵检测和入侵防御系统
展开▼
页面导航
摘要
著录项
相似文献
摘要
Improved methods and systems for decoy networks with automatic signature generation for intrusion detection and intrusion prevention systems. A modular decoy network with front-end monitor/intercept module(s) with a processing back-end that is separate from the protected network. The front-end presents a standard fully functional operating system that is a decoy so that the instigator of an attack is lead to believe a connection has been made to the protected network. The front-end includes a hidden sentinel kernal driver that monitors connections to the system and captures attack-identifying information. The captured information is sent to the processing module for report generation, data analysis and generation of an attack signature. The generated attack signature can then be applied to the library of signatures of the intrusion detection system or intrusion prevention system of the protected network to defend against network based attacks including zero-day attacks.
展开▼