Monitoring access of network darkspace
US10476891B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 21, 2015 |
| Grant date | Nov 12, 2019 |
| Priority date | — |
| Expiry date | Aug 15, 2035 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/144
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system includes one or more “BotMagnet” modules that are exposed to infection by malicious code. The BotMagnets may include one or more virtual machines hosing operating systems in which malicious code may be installed and executed without exposing sensitive data or other parts of a network. In particular, outbound traffic may be transmitted to a Sinkhole module that implements a service requested by the outbound traffic and transmits responses to the malicious code executing within the BotMagnet. Dark space in a network (unused IP addresses, unused ports and absent applications, and invalid usernames and passwords) is consumed by a BotSink such that attempts to access Darkspace resources will be directed to the BotSink, which will engage the source host of such attempts.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.