An intrusion detection system (IDS), method of protecting computers against intrusions and program product therefor. The IDS determines which applications are to run in native environment (NE) and places the remaining applications in a sandbox. Some of the applications in sandboxes may be placed in a personalized virtual environment (PVE) in the sandbox. Upon detecting an attempted attack, a dynamic honeypot may be started for an application in a sandbox and not in a PVE. A virtualized copy of system resources may be created for each application in a sandbox and provided to the corresponding application in the respective sandbox.
申请公布号
WO2006078446(A4)
申请公布日期
2009.06.11
申请号
WO2006US00081
申请日期
2006.01.06
申请人
INTERNATIONAL BUSINESS MACHINES CORPORATION;CHARI, SURESH, N.;CHENG, PAU-CHEN;RAO, JOSYULA. R.;ROHATGI, PANKAJ;STEINER, MICHAEL
发明人
CHARI, SURESH, N.;CHENG, PAU-CHEN;RAO, JOSYULA. R.;ROHATGI, PANKAJ;STEINER, MICHAEL