Computer network defense system
Abstract
A method and apparatus for protecting virtual machines. A computer system creates a copy of a group of the virtual machines in an operating network in a deception network to form a group of cloned virtual machines in the deception network when the group of the virtual machines is accessed by an adversary. The computer system creates an emulation of components from the operating network in the deception network. The components are accessible by the group of the cloned virtual machines as if the group of the cloned virtual machines was in the operating network. The computer system moves network connections for the group of the virtual machines in the operating network used by the adversary from the group of the virtual machines in the operating network to the group of the cloned virtual machines, enabling protecting the group of the virtual machines from actions performed by the adversary.
- Inventors:
- Issue Date:
- Research Org.:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1375930
- Patent Number(s):
- 9742804
- Application Number:
- 14/925,645
- Assignee:
- National Technology & Engineering Solutions of Sandia, LLC
- Patent Classifications (CPCs):
-
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 2015 Oct 28
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Urias, Vincent, Stout, William M. S., and Loverro, Caleb. Computer network defense system. United States: N. p., 2017.
Web.
Urias, Vincent, Stout, William M. S., & Loverro, Caleb. Computer network defense system. United States.
Urias, Vincent, Stout, William M. S., and Loverro, Caleb. Tue .
"Computer network defense system". United States. https://www.osti.gov/servlets/purl/1375930.
@article{osti_1375930,
title = {Computer network defense system},
author = {Urias, Vincent and Stout, William M. S. and Loverro, Caleb},
abstractNote = {A method and apparatus for protecting virtual machines. A computer system creates a copy of a group of the virtual machines in an operating network in a deception network to form a group of cloned virtual machines in the deception network when the group of the virtual machines is accessed by an adversary. The computer system creates an emulation of components from the operating network in the deception network. The components are accessible by the group of the cloned virtual machines as if the group of the cloned virtual machines was in the operating network. The computer system moves network connections for the group of the virtual machines in the operating network used by the adversary from the group of the virtual machines in the operating network to the group of the cloned virtual machines, enabling protecting the group of the virtual machines from actions performed by the adversary.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2017},
month = {8}
}
Works referenced in this record:
Synchronizing a honey network configuration to reflect a target network environment
patent, November 2016
- Ettema, Taylor; Xie, Huagang
- US Patent Document 9,495,188
System and method for analyzing unauthorized intrusion into a computer network
patent-application, January 2008
- Capalik, Alen
- US Patent Document 11/788795; 20080016570
System and Method for Adaptive Tarpits Using Distributed Virtual Machines
patent-application, September 2008
- Purcell, Stacy; Li, Hong; Kohlenberg, Tobias M.
- US Patent Document 11/689022; 20080235769
Distributed trusted virtualization platform
patent-application, August 2009
- Foley, Peter F.; Gupta, Rajesh; Cherukuri, Rao
- US Patent Document 12/287833; 20090204964
System and Method for Sampling Forensic Data of Unauthorized Activities Using Executability States
patent-application, December 2011
- Capalik, Alen; Andrews, David; Salwasser, Zachery
- US Patent Document 13/163578; 20110321165
System and Method for Identifying Unauthorized Activities on a Computer System Using a Data Structure Model
patent-application, December 2011
- Capalik, Alen; Andrews, David; Becker, Ben
- US Patent Document 13/163590; 20110321166
Network Intrusion Diversion Using a Software Defined Network
patent-application, March 2016
- Wu, Johnson L.; Hart, Catherine V.; Versola, Leo R.
- US Patent Document 14/847470; 20160080415
Dynamic Security Sandboxing Based on Intruder Intent
patent-application, May 2016
- Ashley, Paul A.; Butler, Anthony M.; ELKeissi, Ghada M.
- US Patent Document 14/550321; 20160149950
Improving deception in honeynet: Through data manipulation
conference, December 2014
- Alese, B. K.; Dahunsi, F. M.; Akingbola, R. A.
Changing the game: The art of deceiving sophisticated attackers
conference, June 2014
- Virvilis, Nikos; Vanautgaerden, Bart; Serrano, Oscar Serrano