The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 06, 2021
Filed:
Dec. 17, 2019
Rapid7, Inc., Boston, MA (US);
Thomas Eugene Sellers, Georgetown, TX (US);
Rapid7, Inc., Boston, MA (US);
Abstract
Disclosed herein are methods, systems, and processes for tracking honeytokens. A malicious attack from an attacker is received at a honeypot and a determination is made that an attack event associated with the malicious attack has compromised deceptive credential information maintained by the honeypot. A unique credential pair that corresponds to the deceptive credential information sought by the attack event is generated and a honeytoken tracker state table is modified to include the unique credential pair and attack event metadata in association with the attack event. The unique credential pair is then transmitted to the attacker and the honeytoken tracker state table is synchronized with a honeypot management system. Another malicious attack is detected, the honeytoken tracker state table is accessed, and the malicious attacker is correlated to the attacker. A honeypot personality state table maintained by the honeypot management system is accessed and a present personality for the honeypot that is substantially similar to a past personality of the honeypot that existed during the malicious attack based on information in the honeypot personality state table is generated.