Computer network defense system
A method and apparatus for protecting virtual machines. A computer system creates a copy of a group of the virtual machines in an operating network in a deception network to form a group of cloned virtual machines in the deception network when the group of the virtual machines is accessed by an adversary. The computer system creates an emulation of components from the operating network in the deception network. The components are accessible by the group of the cloned virtual machines as if the group of the cloned virtual machines was in the operating network. The computer system moves network connections for the group of the virtual machines in the operating network used by the adversary from the group of the virtual machines in the operating network to the group of the cloned virtual machines, enabling protecting the group of the virtual machines from actions performed by the adversary.
- Research Organization:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC04-94AL85000
- Assignee:
- National Technology & Engineering Solutions of Sandia, LLC
- Patent Number(s):
- 9,742,804
- Application Number:
- 14/925,645
- OSTI ID:
- 1375930
- Resource Relation:
- Patent File Date: 2015 Oct 28
- Country of Publication:
- United States
- Language:
- English
Similar Records
Towards A Theory of Autonomous Reconstitution of Compromised Cyber-Systems
Best Paper Award: Gathering Threat Intelligence Through Computer Network Deception