Patent · US Active

Methods and apparatus for redirecting attacks on a network

US9407602B2 · kind B2 · utility

58Cited by

7References

12Claims

0Family size

Assignee

Attivo Networks Inc. · US

Inventors

Marc Feghali · San Jose, US
Albert Young · Cupertino, US
Mano Murthy · Fremont, US
John F. Wakerly · Glenview, US
Harihara Mahesh · San Jose, US
Atul Kumar Shrivastava · Noida, IN

Key dates

Filing date	Nov 7, 2013
Grant date	Aug 2, 2016
Priority date	—
Expiry date	Feb 20, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0209
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A system is disclosed for protecting a network against malicious attacks or attempts for unauthorized access. A network is connected to an external network by a number of firewalls. Inspectors detect packets blocked by the firewalls and some or all of the packets are detected to a labyrinth configured to emulated an operational network and response to the packets in order to engage an attacker. Blocked packets may be detected by comparing packets entering and exiting a firewall. Packets for which a corresponding packets are not received within a transit delay may be identified as blocked. Entering and exiting packets may be compared by comparing only header information. A central module may receive information from the inspectors and generate statistical information and generate instructions for the inspectors, such as blacklists of addresses known to be used by attackers.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.