Protecting network-based services using deception in a segmented network environment
US11356483B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 13, 2019 |
| Grant date | Jun 7, 2022 |
| Priority date | — |
| Expiry date | Dec 16, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0281
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A policy management server manages a segmentation policy for segmenting a network and a deception policy for implementing deception services. The policy management server distributes segmentation rules and deception rules to distributed enforcement modules that configure respective traffic filters to enforce the policies. The deception rule may be enforced directly by the traffic filter acting as a deception service, or the traffic filter may act as a proxy to an external deception service. The deception service can behave similarly to a real service to obtain information about the malicious actor that is reported to the policy management server to enable the policy management server to take a remedial action. Furthermore, the policy management server may automatically generate the deception policy based on the segmentation policy such that connection requests that are not allowed by the segmentation policy are automatically sent to a deception service.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.