Threat engagement and deception escalation

Assignee

• Acalvio Technologies, Inc. · US

Inventors

• Johnson Wu · Santa Clara, US
• Rajendra A. Gopalakrishna · Fremont, US
• Sreenivas Gukal · Santa Clara, US
• Rammohan Varadarajan · Cupertino, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1408
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Provided are methods, network devices, and computer-program products for a network deception system. The network deception system can engage a network threat with a deception mechanism, and dynamically escalating the deception to maintain the engagement. The system can include super-low, low, and high-interaction deceptions. The super-low deceptions can respond to requests for address information, and requires few computing resources. When network traffic directed to the super-low deception requires a more complex response, the system can initiate a low-interaction deception. The low-interaction deception can emulate multiple devices, which can give the low-interaction deception away as a deception. Hence, when the network traffic includes an attempted connection, the system can initiate a high-interaction deception. The high-interaction more closely emulates a network device, and can be more difficult to identify as a deception. The high-interaction deception can fully engage a network threat, and can be initiated only as needed.