首页> 外国专利> Decoy network technology with automatic signature generation for intrusion detection and intrusion prevention systems

Decoy network technology with automatic signature generation for intrusion detection and intrusion prevention systems

机译：具有自动签名生成功能的诱饵网络技术，用于入侵检测和入侵防御系统

页面导航

摘要
著录项
相似文献

摘要

Improved methods and systems for decoy networks with automatic signature generation for intrusion detection and intrusion prevention systems. A modular decoy network with front-end monitor/intercept module(s) with a processing back-end that is separate from the protected network. The front-end presents a standard fully functional operating system that is a decoy so that the instigator of an attack is lead to believe a connection has been made to the protected network. The front-end includes a hidden sentinel kernal driver that monitors connections to the system and captures attack-identifying information. The captured information is sent to the processing module for report generation, data analysis and generation of an attack signature. The generated attack signature can then be applied to the library of signatures of the intrusion detection system or intrusion prevention system of the protected network to defend against network based attacks including zero-day attacks.

机译：具有自动签名生成功能的诱饵网络的改进方法和系统，用于入侵检测和入侵防御系统。带有前端监视/拦截模块的模块化诱饵网络，该模块的处理后端与受保护网络分开。前端提供了一个标准的功能齐全的操作系统，该操作系统是一个诱饵，因此，攻击的诱因使人们相信已与受保护的网络建立了连接。前端包括一个隐藏的哨兵内核驱动程序，该驱动程序监视与系统的连接并捕获攻击识别信息。捕获的信息被发送到处理模块，以进行报告生成，数据分析和攻击签名的生成。然后可以将生成的攻击签名应用于受保护网络的入侵检测系统或入侵防御系统的签名库，以防御包括零日攻击在内的基于网络的攻击。

著录项

公开/公告号US8656493B2

专利类型
公开/公告日2014-02-18

原文格式PDF
申请/专利权人 ALEN CAPALIK;
展开▼

申请/专利号US201313759335
发明设计人 ALEN CAPALIK;
展开▼

申请日2013-02-05
分类号G06F21/00;
国家 US
入库时间 2022-08-21 16:00:33

相似文献

专利
外文文献
中文文献