Dynamic system defense for information warfare
US6408391B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | May 6, 1998 |
| Grant date | Jun 18, 2002 |
| Priority date | — |
| Expiry date | May 6, 2018 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2151
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Disclosed is a method and apparatus which includes a security computer system capable of deploying and monitoring software agents on one or more nodes of a network of computers. The agents on each node include a framework agent and either a misdirection mission or a defensive mission. Upon an intrusion detection mission sending information to the security computer system indicative of an actual or suspected misuse or intrusion, the security computer system can automatically take countermeasures against the suspected or actual intrusion or misuse. Automatic countermeasures include using a defensive countermeasure to increase an auditing level conducted by the intrusion detection mission. A misdirection countermeasure mission is used to misdirect requests of the suspected or actual intruder or misuser. An offensive countermeasure is used to send a chase mission to the suspected or actual intruder. The offensive chase mission can either be automatically dispatched or dispatched with human intervention. The computer system includes a monitor for monitoring by a human system administrator.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.