Detecting malicious circumvention of virtual private network

Assignee

• International Business Machines Corporation · US

Inventors

• Suresh N. Chari · Yorktown Heights, US
• Josyula R. Rao · Briarcliff Manor, US
• Willliam J. Rippon · Putnam Valley, US
• Wilfried Teiken · Ossining, US
• Wietse Z. Venema · Yorktown Heights, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0272
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An embodiment directed to a method is associated with a VPN that may be used to access resource servers. Upon determining that the VPN has been accessed by a specified client, resource servers are identified, which each has an address and may receive traffic routed from the client through the VPN. The method further comprises sending a message corresponding to each identified resource server to the client, wherein the message to corresponding to a given one of the identified resources is intended to cause a response to be sent from the client to the address of the given identified resource server. Responses to respective messages sent to the client are used to determine whether a route for traffic from the client to the VPN has been compromised.