| 发明名称 |
SOCIAL NETWORK HONEYPOT |
| 摘要 |
The invention is a method and system for detecting attackers that are interested in attacking an organization's infrastructure during the reconnaissance phase of an Advanced Persistent Threat (APT). APTs are very sophisticated attacks and incorporate advanced methods for evading current security mechanisms. Therefore, the present invention uses an innovative social network honeypot. |
| 申请公布号 |
US2015326608(A1) |
申请公布日期 |
2015.11.12 |
| 申请号 |
US201514700551 |
申请日期 |
2015.04.30 |
| 申请人 |
DEUTSCHE TELEKOM AG |
发明人 |
SHABTAI Asaf;PUZIS Rami;ELOVICI Yuval |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for detecting attackers that are interested in attacking an organization's infrastructure during the reconnaissance phase of an Advanced Persistent Threat (APT), said method comprising:
a. extracting actual user profiles from social networks; b. generating artificial profiles for artificial users from said extracted actual user profiles; c. creating artificial user accounts for said artificial users; d. adding said artificial user accounts to social networks and to employee contact lists; e. creating email accounts for each of said artificial users; f. monitoring the activity of said artificial user accounts in the social networks; g. monitoring the activity of said email accounts; and h. reporting as suspicious all attempts of third parties to contact said artificial user accounts and said email accounts of said artificial users. |
| 地址 |
Bonn DE |
