发明名称 |
METHODS AND APPARATUS FOR REDIRECTING ATTACKS ON A NETWORK |
摘要 |
A system is disclosed for protecting a network against malicious attacks or attempts for unauthorized access. A network is connected to an external network by a number of firewalls. Inspectors detect packets blocked by the firewalls and some or all of the packets are detected to a labyrinth configured to emulated an operational network and response to the packets in order to engage an attacker. Blocked packets may be detected by comparing packets entering and exiting a firewall. Packets for which a corresponding packets are not received within a transit delay may be identified as blocked. Entering and exiting packets may be compared by comparing only header information. A central module may receive information from the inspectors and generate statistical information and generate instructions for the inspectors, such as blacklists of addresses known to be used by attackers. |
申请公布号 |
US2015128246(A1) |
申请公布日期 |
2015.05.07 |
申请号 |
US201314074532 |
申请日期 |
2013.11.07 |
申请人 |
Attivo Networks Inc. |
发明人 |
Feghali Marc;Young Albert;Murthy Mano;Wakerly John F.;Mahesh Harihara;Shrivastava Atul |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
1. A system comprising:
an internal network including a plurality of computing devices; a firewall module connecting the network to an external network, the firewall configured to block a blocked portion of traffic between the internal and external networks; an inspector module configured to detect the blocked portion and take a predetermined action with respect to the blocked portion. |
地址 |
Fremont CA US |