摘要 |
A network surveillance system including a deception management server within a network, including a deployment module managing and planting decoy attack vectors in network resources, wherein an attack vector is an object in memory or storage of a first resource that may be used to access a second resource, and decoy servers accessible from resources in the network via decoy attack vectors, each decoy server including a forensic alert module causing a real¬ time forensic application to be transmitted to a destination resource in the network when the decoy server is being accessed by a specific resource in the network via a decoy attack vector, wherein the forensic application, when launched in the destination resource, identifies a process running within the specific resource that is accessing that decoy server, logs the activities performed by the thus-identified process in a forensic report, and transmits the forensic report to the deception management server. |
申请人 |
ILLUSIVE NETWORKS LTD. |
发明人 |
TOUBOUL, Shlomo;LEVIN, Hanan;ROUBACH, Stephane;MISCHARI, Assaf;BEN DAVID, Itai;AVRAHAM, Itay;OZER, Adi;KAZAZ, Chen;ISRAELI, Ofer;VINGURT, Olga;GAREH, Liad;GRIMBERG, Israel;COHEN, Cobby;SULTAN, Sharon;KUBOVSKY, Matan |