NETWORK INTRUSION DIVERSION USING A SOFTWARE DEFINED NETWORK
Methods, devices, and systems are described for diverting a computer hacker from a physical or other targeted production computer to a decoy software-based host emulator that emulates the physical computer. The decoy has the exact same IP address as the physical computer. In order to avoid packet co...
Gespeichert in:
Hauptverfasser: | , , , |
---|---|
Format: | Patent |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | |
---|---|
container_issue | |
container_start_page | |
container_title | |
container_volume | |
creator | HART CATHERINE V WINSBORROW ERIC WU JOHNSON L VERSOLA LEO R |
description | Methods, devices, and systems are described for diverting a computer hacker from a physical or other targeted production computer to a decoy software-based host emulator that emulates the physical computer. The decoy has the exact same IP address as the physical computer. In order to avoid packet collisions, a programmable physical switch and a virtual networking switch are employed, both of which can use software-defined networking (SDN). The virtual switch prevents packets from the decoy from flowing out of its virtual network until commanded. Upon a command, the physical switch redirects specific flows to the virtual switch, and the virtual switch opens specific flows from the decoy. The specific flows are those with packets containing the hacker's computer IP address, production computer IP address, and production computer port. The packets are associated with TCP connections or UDP sessions. The decoy host emulator can be a virtual machine (VM) running alongside many other VMs in a single computer. If the hacker performs a horizontal scan of the network, additional flows are diverted to other decoy host emulators. |
format | Patent |
fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2016080415A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2016080415A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2016080415A13</originalsourceid><addsrcrecordid>eNrjZLDxcw0J9w_yVvD0CwkKDfb091Nw8QxzDQKzgHw_dwVHhWB_t5BwxyBXBRdXN08_VxcFqCYeBta0xJziVF4ozc2g7OYa4uyhm1qQH59aXJCYnJqXWhIfGmxkYGhmYGFgYmjqaGhMnCoA5IAq4A</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>NETWORK INTRUSION DIVERSION USING A SOFTWARE DEFINED NETWORK</title><source>esp@cenet</source><creator>HART CATHERINE V ; WINSBORROW ERIC ; WU JOHNSON L ; VERSOLA LEO R</creator><creatorcontrib>HART CATHERINE V ; WINSBORROW ERIC ; WU JOHNSON L ; VERSOLA LEO R</creatorcontrib><description>Methods, devices, and systems are described for diverting a computer hacker from a physical or other targeted production computer to a decoy software-based host emulator that emulates the physical computer. The decoy has the exact same IP address as the physical computer. In order to avoid packet collisions, a programmable physical switch and a virtual networking switch are employed, both of which can use software-defined networking (SDN). The virtual switch prevents packets from the decoy from flowing out of its virtual network until commanded. Upon a command, the physical switch redirects specific flows to the virtual switch, and the virtual switch opens specific flows from the decoy. The specific flows are those with packets containing the hacker's computer IP address, production computer IP address, and production computer port. The packets are associated with TCP connections or UDP sessions. The decoy host emulator can be a virtual machine (VM) running alongside many other VMs in a single computer. If the hacker performs a horizontal scan of the network, additional flows are diverted to other decoy host emulators.</description><language>eng</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2016</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20160317&DB=EPODOC&CC=US&NR=2016080415A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20160317&DB=EPODOC&CC=US&NR=2016080415A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>HART CATHERINE V</creatorcontrib><creatorcontrib>WINSBORROW ERIC</creatorcontrib><creatorcontrib>WU JOHNSON L</creatorcontrib><creatorcontrib>VERSOLA LEO R</creatorcontrib><title>NETWORK INTRUSION DIVERSION USING A SOFTWARE DEFINED NETWORK</title><description>Methods, devices, and systems are described for diverting a computer hacker from a physical or other targeted production computer to a decoy software-based host emulator that emulates the physical computer. The decoy has the exact same IP address as the physical computer. In order to avoid packet collisions, a programmable physical switch and a virtual networking switch are employed, both of which can use software-defined networking (SDN). The virtual switch prevents packets from the decoy from flowing out of its virtual network until commanded. Upon a command, the physical switch redirects specific flows to the virtual switch, and the virtual switch opens specific flows from the decoy. The specific flows are those with packets containing the hacker's computer IP address, production computer IP address, and production computer port. The packets are associated with TCP connections or UDP sessions. The decoy host emulator can be a virtual machine (VM) running alongside many other VMs in a single computer. If the hacker performs a horizontal scan of the network, additional flows are diverted to other decoy host emulators.</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2016</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZLDxcw0J9w_yVvD0CwkKDfb091Nw8QxzDQKzgHw_dwVHhWB_t5BwxyBXBRdXN08_VxcFqCYeBta0xJziVF4ozc2g7OYa4uyhm1qQH59aXJCYnJqXWhIfGmxkYGhmYGFgYmjqaGhMnCoA5IAq4A</recordid><startdate>20160317</startdate><enddate>20160317</enddate><creator>HART CATHERINE V</creator><creator>WINSBORROW ERIC</creator><creator>WU JOHNSON L</creator><creator>VERSOLA LEO R</creator><scope>EVB</scope></search><sort><creationdate>20160317</creationdate><title>NETWORK INTRUSION DIVERSION USING A SOFTWARE DEFINED NETWORK</title><author>HART CATHERINE V ; WINSBORROW ERIC ; WU JOHNSON L ; VERSOLA LEO R</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2016080415A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2016</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>HART CATHERINE V</creatorcontrib><creatorcontrib>WINSBORROW ERIC</creatorcontrib><creatorcontrib>WU JOHNSON L</creatorcontrib><creatorcontrib>VERSOLA LEO R</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>HART CATHERINE V</au><au>WINSBORROW ERIC</au><au>WU JOHNSON L</au><au>VERSOLA LEO R</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>NETWORK INTRUSION DIVERSION USING A SOFTWARE DEFINED NETWORK</title><date>2016-03-17</date><risdate>2016</risdate><abstract>Methods, devices, and systems are described for diverting a computer hacker from a physical or other targeted production computer to a decoy software-based host emulator that emulates the physical computer. The decoy has the exact same IP address as the physical computer. In order to avoid packet collisions, a programmable physical switch and a virtual networking switch are employed, both of which can use software-defined networking (SDN). The virtual switch prevents packets from the decoy from flowing out of its virtual network until commanded. Upon a command, the physical switch redirects specific flows to the virtual switch, and the virtual switch opens specific flows from the decoy. The specific flows are those with packets containing the hacker's computer IP address, production computer IP address, and production computer port. The packets are associated with TCP connections or UDP sessions. The decoy host emulator can be a virtual machine (VM) running alongside many other VMs in a single computer. If the hacker performs a horizontal scan of the network, additional flows are diverted to other decoy host emulators.</abstract><oa>free_for_read</oa></addata></record> |
fulltext | fulltext_linktorsrc |
identifier | |
ispartof | |
issn | |
language | eng |
recordid | cdi_epo_espacenet_US2016080415A1 |
source | esp@cenet |
subjects | ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
title | NETWORK INTRUSION DIVERSION USING A SOFTWARE DEFINED NETWORK |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-24T06%3A16%3A12IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=HART%20CATHERINE%20V&rft.date=2016-03-17&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2016080415A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |