Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2002-12-31
2008-08-12
Sheikh, Ayaz (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S024000, C726S025000, C709S220000, C709S224000, C709S249000
Reexamination Certificate
active
07412723
ABSTRACT:
A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis. The morphing honeypot can also be integrated with intrusion detection systems and other types of computer security incident recognition systems to correlate its personality with detected nefarious activities.
REFERENCES:
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5842002 (1998-11-01), Schnurer et al.
patent: 6088804 (2000-07-01), Hill et al.
patent: 6415321 (2002-07-01), Gleichauf et al.
patent: 6647400 (2003-11-01), Moran
patent: 6907533 (2005-06-01), Sorkin et al.
patent: 6910135 (2005-06-01), Grainger
patent: 6981155 (2005-12-01), Lyle et al.
patent: 7065657 (2006-06-01), Moran
patent: 7107347 (2006-09-01), Cohen
patent: 2002/0046351 (2002-04-01), Takemori et al.
patent: 2002/0138755 (2002-09-01), Ko
patent: 2003/0117277 (2003-06-01), Marguet et al.
patent: 2003/0233438 (2003-12-01), Hutchinson et al.
patent: 2004/0015718 (2004-01-01), DeClouet
Turolla, “Honey Pot Software Detector”, http://wwwinfo.cern.ch/dis/security/general/tools/honey.html, Apr. 25, 2000.
“Symantec ManTrap”, Symantec Corporation, 2000.
Klug, “HoneyPots and Intrusion Detection”, http://rr.sans.org/intrusion/honeypots.php, Sep. 13, 2000.
Forristal, “Luring Killer Bees with Honey”,Network Computing,Aug. 21, 2000.
Park et al., “A Strategy for Information Survivability”,Proceedings of the 4th IEEE/CMU/SEI Information Survivability Workshop(ISW), Mar. 18-20, 2002.
“Know Your Enemy: Defining Virtual Honeynets”, Honeynet Project, http://www.honeynet.org, Sep. 4, 2002.
“Know Your Enemy: Passive Fingerprinting”, http://www.honeynet.org, Mar. 4, 2002.
Seifried, “Honeypotting with VMware—basics”, http://www.seifried.org/security/ids/20020107-honeypot-vmware-basics.html, Feb. 15, 2002.
Clark, “Virtual Honeynets”, SecurityFocus Online, Nov. 7, 2001.
Spitzner, “Honeypots”, http://www.spitzner.net, May 17, 2002.
Spitzner,Honeypots: Tracking Hackers, Chapter 4, “The Value of HoneyPots”, pp. 49-72, Sep. 10, 2002.
Schwabel et. al., “Lessons learned from deploying a honey pot”,Information Security Bulletin, vol. 5, Issue 10, pp. 23-36, 2000.
Fyodorhi, “Remote OS detection via TCP/IP Stack Fingerprinting”, http://www.insecure.org
map
map-fingerprinting-article.txt, Oct. 18, 1998.
Howard et al., “A Common Language for Computer Security Incidents”, Sandia National Labs, Oct. 1998.
“FAQ: Network Intrusion Detection Systems”, Ver 0.8.3, http://www.ticm.com/kb/faq/idsfaq.html, Mar. 21, 2000.
Barnett, “Monitoring VMware Honeypots”, http://honeypots.sourceforge.net, Sep. 4, 2002.
Garrison, et al., “Managing intrusion detection sensors with Tivoli Secure Way Risk Manager”, IBM,DeveloperToolbox Technical Magazine, Apr. 2001.
“Cisco Secure Intrusion Detection System Technical Overview”, Cisco Inc., Technical Brief, Jul. 3, 2000.
Blake Kenneth W.
Converse Vikki Kim
Edmark Ronald O'Neal
Garrison John Michael
Doan Trang
International Business Machines - Corporation
LaBaw Jeffrey S.
Sheikh Ayaz
LandOfFree
Method and system for morphing honeypot with computer... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for morphing honeypot with computer..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for morphing honeypot with computer... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3994741