Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020068959 - INTRUSION DETECTION WITH HONEYPOT KEYS

Publication Number WO/2020/068959
Publication Date 02.04.2020
International Application No. PCT/US2019/052925
International Filing Date 25.09.2019
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04W 12/12 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
12Fraud detection
CPC
G06F 21/554
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
554involving event detection and direct action
H04L 63/0428
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
04for providing a confidential data exchange among entities communicating through data packet networks
0428wherein the data content is protected, e.g. by encrypting or encapsulating the payload
H04L 63/06
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
06for supporting key management in a packet data network
H04L 63/101
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
101Access control lists [ACL]
H04L 63/1441
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
H04L 63/145
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
145the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Applicants
  • SOPHOS LIMITED [GB]/[GB]
  • SCHUTZ, Harald [AT]/[AT] (US)
  • BERGER, Andreas [AT]/[AT] (US)
  • HUMPHRIES, Russell [GB]/[GB] (US)
  • HARRIS, Mark, D. [GB]/[GB] (US)
  • RAY, Kenneth, D. [US]/[US] (US)
Inventors
  • SCHUTZ, Harald
  • BERGER, Andreas
  • HUMPHRIES, Russell
  • HARRIS, Mark, D.
  • RAY, Kenneth, D.
Agents
  • MELLO, John, Paul
  • BASSOLINO, Thomas, J.
  • HEFFAN, Ira
Priority Data
16/146,26128.09.2018US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) INTRUSION DETECTION WITH HONEYPOT KEYS
(FR) DÉTECTION D'INTRUSION À L'AIDE DE CLÉS DE LEURRE
Abstract
(EN)
A honeypot file is cryptographically secured with a cryptographic key. The key, or related key material, is then placed on a central key store and the file is placed on a data store within the enterprise network. Unauthorized access to the honeypot file can then be detecting by monitoring use of the associated key material, which usefully facilitates detection of file access at any time when, and from any location where, cryptographic access to the file is initiated.
(FR)
La présente invention concerne un fichier de leurre qui est sécurisé de manière cryptographique à l'aide d'une clé cryptographique. La clé, ou le matériel de chiffrement associé, est ensuite placée sur une mémoire de clés centrale et le fichier est placé sur une mémoire de données à l'intérieur du réseau d'entreprise. Un accès non autorisé au fichier de leurre peut ensuite être détecté par surveillance de l'utilisation du matériel de chiffrement associé, ce qui facilite de manière utile la détection de l'accès au fichier peu importe le moment et l’emplacement où un accès cryptographique au fichier est initié.
Also published as
Latest bibliographic data on file with the International Bureau