公开(公告)号：US20080271151A1

公开(公告)日：2008-10-30

申请号：US12164020

申请日：2008-06-28

申请人： Kenneth W. Blake ,  Vikki Kim Converse ,  Ronald O' Neal Edmark ,  John Michael Garrison

发明人： Kenneth W. Blake ,  Vikki Kim Converse ,  Ronald O' Neal Edmark ,  John Michael Garrison

IPC分类号： G06F11/00 ,  G06F15/173

CPC分类号： H04L63/1408 ,  H04L63/0227 ,  H04L63/1433 ,  H04L63/1491

摘要： A method, system, apparatus, or computer program product is presented for morphing a honeypot system on a dynamic and configurable basis. The morphing honeypot emulates a variety of services while falsely presenting information about potential vulnerabilities within the system that supports the honeypot. The morphing honeypot has the ability to dynamically change its personality or displayed characteristics using a variety of algorithms and a database of known operating system and service vulnerabilities. The morphing honeypot's personality can be changed on a timed or scheduled basis, on the basis of activity that is generated by the presented honeypot personality, or on some other basis. The morphing honeypot can also be integrated with intrusion detection systems and other types of computer security incident recognition systems to correlate its personality with detected nefarious activities.

摘要翻译： 提出了一种方法，系统，装置或计算机程序产品，用于在动态和可配置的基础上变形蜜罐系统。 变形蜜罐模拟各种服务，同时虚假呈现系统中支持蜜罐的潜在漏洞信息。 变形蜜罐能够使用各种算法和已知操作系统和服务漏洞的数据库来动态地改变其个性或显示特征。 变形蜜罐的个性可以根据所提供的蜜罐人格或其他基础产生的活动，定时或定期更改。 变形蜜罐还可以与入侵检测系统和其他类型的计算机安全事件识别系统相结合，将其个性与检测到的恶意活动相关联。