发明名称 |
Adapting decoy data present in a network |
摘要 |
Disclosed are various embodiments for obtaining policy data specifying decoy data eligible to be inserted within a response to an access of a data store. The decoy data is detected in the response among a plurality of non-decoy data based at least upon the policy data. An action associated with the decoy data is initiated in response to the access of the data store meeting a configurable threshold. |
申请公布号 |
US9152808(B1) |
申请公布日期 |
2015.10.06 |
申请号 |
US201313849772 |
申请日期 |
2013.03.25 |
申请人 |
Amazon Technologies, Inc. |
发明人 |
Ramalingam Harsha;Johansson Jesper Mikael;Petts James Connelly;Brezinski Dominique Imjya |
分类号 |
G06F7/04;G06F21/62;H04L29/06 |
主分类号 |
G06F7/04 |
代理机构 |
Thomas | Horstemeyer, LLP |
代理人 |
Thomas | Horstemeyer, LLP |
主权项 |
1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, the program comprising:
code that obtains policy data specifying decoy data eligible to be retrieved from a data store and further specifying at least one threshold associated with accessing the data store; code that obtains, via a network, a response to an access of the data store, the response comprising the decoy data among a plurality of non-decoy data, the access being made by a user of a client application; code that detects the decoy data in the response based at least upon the policy data, the decoy data being inserted in the response to the access of the data store; code that determines authorization for the user based at least in part upon the access of the data store meeting the at least one threshold; code that modifies the decoy data when the access by the user is authorized, wherein the modified decoy data is used to trace the response traversing the network without generating an alarm; code that interrupts delivery of the response to the client application when the access by the user is unauthorized; and code that generates a log of the access and the decoy data detected. |
地址 |
Seattle WA US |