The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Apr. 20, 2021
Filed:
Jun. 10, 2019
Rapid7, Inc., Boston, MA (US);
Thomas Eugene Sellers, Georgetown, TX (US);
Derek Abdine, Rancho Palos Verdes, CA (US);
Rapid7, Inc., Boston, MA (US);
Abstract
Disclosed herein are methods, systems, and processes for recovering opaque credentials in deception systems. A plaintext credential is received at a honeypot and a plaintext lookup table is accessed. It is determined that the plaintext credential does not exist in the plaintext lookup table and the plaintext credential is added to the plaintext lookup table and a protocol specific plaintext lookup table. An opaque credential is generated for the plaintext credential and the opaque credential is added to a protocol specific opaque lookup table. Attack context metadata associated with the original attack event is generated and stored in the protocol specific opaque lookup table in association with the plaintext credential and the opaque credential. If the honeypot receives the opaque credential from a subsequent attacker who initiates a subsequent attack event, the protocol specific opaque lookup table is accessed and the plaintext credential associated with the opaque credential is recovered. The plaintext credential, the opaque credential, and the attack context metadata are then exchanged with a credential exchange manager.