Microcheckpointing as security breach detection measure

Assignee

• LENOVO ENTERPRISE SOLUTIONS (SINGAPORE) PTE. LTD. · SG

Inventors

• Gary D. Cudak · Creedmoor, US
• Ajay Dholakia · Thalwil, CH
• Scott Kelso · Cary, US
• Fred Allison Bower, III · Durham, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1458
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method includes: deploying at least one shadow system in association with each of one or more components of a network environment; periodically recording a state map of each active component of the network environment and a corresponding state map of the shadow system(s) associated therewith; periodically comparing the recorded state map of each active component with the corresponding recorded state map of the shadow system(s) associated therewith; determining whether a deviation exists with respect to the recorded state map of each active component and the corresponding recorded state map of the shadow system(s) associated therewith; determining whether the deviation is greater than a predetermined deviation threshold; and declaring a security breach regarding the active component(s) for which the deviation was determined to be greater than the predetermined deviation threshold. Corresponding systems and computer program products are also disclosed.