Compromised insider honey pots using reverse honey tokens
US8973142B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 2, 2013 |
| Grant date | Mar 3, 2015 |
| Priority date | — |
| Expiry date | Oct 2, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
According to one embodiment, a method for setting a trap to detect that an intruder has compromised a client end station (CES) in an attempt to gain unauthorized access to enterprise data provided by a server is described. The method includes causing a honey token to be placed on the CES secluded within a configuration repository, wherein the honey token is metadata and/or instructions indicating how applications can seemingly access the enterprise data but that is actually invalid, and the honey token is placed on the CES and not on the server. The method also includes causing attribute values to be installed on a security gateway for a security rule causing the security gateway to monitor network traffic for attempted use of the honey token, and to generate an alert when a set of one or more packets that include the honey token are received.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.