Multi-factor deception management and detection for malicious actions in a computer network

A network surveillance method to detect attackers, including planting one or more honeytokens in one or more resources in a network of computers in which users access the resources in the network based on credentials, wherein a honeytoken is an object in memory or storage of a first resource that ma...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Israeli, Ofer, Roubach, Stephane, Levin, Hanan, Vingurt, Olga, Kubovsky, Matan, Kazaz, Chen, Cohen, Cobby, Avraham, Itay, Gareh, Liad, Ben David, Itai, Sultan, Sharon, Grimberg, Israel, Ozer, Adi, Touboul, Shlomo, Mischari, Assaf
Format:	Patent
Sprache:	eng
Schlagworte:	CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	A network surveillance method to detect attackers, including planting one or more honeytokens in one or more resources in a network of computers in which users access the resources in the network based on credentials, wherein a honeytoken is an object in memory or storage of a first resource that may be used by an attacker to access a second resource using decoy credentials, including planting a first honeytoken in a first resource, R1, used to access a second resource, R2, using first decoy credentials, and planting a second honeytoken in R1, used to access a third resource, R3, using second decoy credentials, and alerting that an attacker is intruding the network only in response to both (i) an attempt to access R2 using the first decoy credentials, and (ii) a subsequent attempt to access R3 using the second decoy credentials.