Rapid7 , Inc. (Boston, MA)

Disclosed herein are methods, procedures, and systems that are used for securing compromised credentials with deception systems. In a honeypot, a request is issued to authenticate a credential. It is found that context information is contained in the request, which links the credential with network components. A host that is protected in the network that has the credential is identified , and the credential is authenticated through validating the credential with the host protected. A determination is made that the credential is compromised , and the credential is deactivated.

Field of the Disclosure

This disclosure is related to deception systems used in cybersecurity computing environments. This disclosure is related to the use of deception systems to conceal compromised credentials.

Description of the Related Art

Honeypots are security devices that are implemented in cyber-security computing environments which can be targeted and/or hacked by malicious attackers (e.g., hackers, and the like). Honeypots can be monitored actively and are able to be discovered, interactive and deceiving. Honeypots can be configured to mimic protected hosts, for example, production systems. Most of the time, systems need authentication prior to (external) access is provided and/or gained. In honeypot ecosystems hackers can be fooled into thinking that a honeypot is a target. They’ll try to authenticate to the honeypot using credentials (e.g. an account username or a password) that might or might not be valid to gain access to the system they are trying to attack.

Typically, authentication attempts involving honeypots are logged and no additional action is taken. However, the presentation of legitimate credentials to a honeypot from an attacker with malicious intent to gain access is a high-fidelity indicator ofcompromise. It is important to immediately disable compromised credentials to ensure that attackers are unable to use the compromised credentials elsewhere on the network. The credentials that malicious attackers use to authenticate can be opaque or plaintext. Accounts connected to compromised plaintext credentials are deactivated by validating the plaintext credentials (e.g., using manual logreview), validating opaque credentials (e.g., secured credentials, hashed credentials, and the like) with honeypots is the challenge of technical difficulty.

Methods, systems, and processes are described herein to conceal compromised credentials through deception systems. One of these methods involves receiving an authentication request for a credential at a honeypot, determining that the request includescontext information that identifies the credential with network components that are part of the network, and identifying an authorized host on the network that has the credential, authenticating the credential by validating the host protected by the credential, finding out that the credential is compromised, and removing the credential.

One instance shows that the request was made by an attacker as part of an attack of malicious intent. The context information indicates that the attack is designed by the attacker to target the protected host and deactivatingthe credential blocks the movement of the malicious attack in the network.

The method may include sending an alert to honeypots in a network to notify them that the credential is compromised. In addition, they transmit an instruction to those honeypots to make the credential to be valid in light of the malicious attack that has been launched on the network. In other embodiments the context information comprises domain metadata, which includes a domain identity associated with the domain controller and/or data to determine a credentialstore, an authentication mechanism, an application, a host, or another system the credential was intended to use against or be valid for.

The method could include sending a message to the honeypot management system to inform them that the credential is compromised. A network component is an identity. To authenticate and deactivate the credential, you need to access an application programming interface or custom agent which executes in the honeypot.

This summary contains simplified, generalizations and exclusions. Those who are skilled in the field will recognize that this summary is only illustrative and not meant to be restrictive. The description of the non-limiting details below will reveal other aspects, advantages and features of the disclosure described hereinafter in the manner that they are described in the claims.

Click here to view the patent on USPTO website.


Get Patents with PatentPC

What is a patent?

A patent is granted by the government to protect the invention. It gives the inventor the exclusive rights to create, use and market the idea. Society benefits when new technology is introduced for sale. Benefits can be realized in direct terms, as it allows individuals to achieve previously impossible things. Or indirectly, through the economic opportunities (business expansion and job creation) which the invention provides.

Many drug companies and researchers at universities seek patent protection for their research and developments. Patents are granted to a product, process, or method of making new materials. Patent protection has to be granted to an invention that is beneficial unique, innovative, and not yet known by other people in the same area.

Patents honor inventors who have commercially successful inventions. They act as an incentive for inventors to come up with new ideas. Small-scale businesses and inventors can be certain that they will receive a return on their investment in technology development via patents. This means they will be able to earn a living from their work.

Patents play essential roles in companies, and they can:

Secure your products and services.

Increase the visibility and value of your products ‘ presence on the market

Differentiate yourself and your products from the rest.

Get technical and business information.

Beware of the possibility of using proprietary third-party content, or losing your valuable data, original outputs, or another creative output.

Patents transform inventors’ knowledge into a marketable asset which opens new opportunities for job creation and business growth through licensing or joint ventures.

Investors in the development and commercialization of technology may find small-scale businesses that have patent protection appealing.

Patenting could lead to the development of innovations and new ideas. The information you create may be eligible for patent protection.

Patents are a way to prevent untrustworthy third-party companies from earning from the invention’s efforts.

Revenues from patent-protected technology that are commercially successful can be used to fund technological research and development (R&D) and boost the likelihood of improved technology in the future.

You can use intellectual property ownership to convince investors and lenders that your product has commercial potential. Sometimes, a powerful patent can lead to a variety of financing possibilities. Patents can be used along with other IP assets as collateral or security for financing. Investors can also see your patent assets to boost the value of their company. Forbes and others have pointed out that each patent can add between $500,000 and one million dollars to company valuation.

A well-constructed business plan is essential for new businesses. It must be based on IP and demonstrate the way your product or service stands out. Investors are also impressed if your IP rights are secured or are in the process of being secured and if they are supportive of your business plan.

It is essential to keep your invention secret until you submit for patent protection. The public disclosure of an invention before it is filed can often destroy its novelty and make it ineligible for patent protection. Pre-filing disclosures, such as for investors, test-marketing, or other business partners must be done after signing a confidentiality agreement.

There are numerous types of patents. Understanding them is crucial to safeguard your invention. Utility patents are for inventions and processes that are new. Design patents cover ornamental designs. Patents that are utility-based are ideal and protect the owner against copycats and other competitors. In most cases, utility patents are issued for improvements or modifications to existing inventions. Utility patents can also be used to improve or modify existing inventions. For example, a process patent covers acts or methods for performing a specific act, whereas chemical compositions are the combination of components.

How long will a patent last? While utility patents are valid up to 20 years from the initial filing, they may be extended by delay in the Patent Office.

Are you looking to protect your idea? Patents are granted only for applicants who are first to file, you need to start filing quickly. Call an attorney for patents at PatentPC to file your invention now!

When drafting your patent application, you should do an internet search for patents, since the search can provide some insight into other people’s concepts. You’ll be able narrow down the scope of your idea. Additionally, you’ll be able to be aware of the current state of technological advancements in your field of innovation. This will allow you to understand the scope of your invention as well as prepare for the filing of the patent application.

How to Search for Patents

Patent searches are the first step in obtaining your patent. You can do a google patent search or do a USPTO search. Patent-pending is the term for the product covered by the patent application. You can use for the public pair to locate the patent application. When the patent office has endorsed the application, you are able to do a patent number search to find the issued patent and your product will now be patented. Alongside the USPTO search engine, you can use other search engines such as espacenet, which is described below. It is possible to seek help from an attorney for patents. In the US Patents are issued by the US patent and trademark office or by the United States patent and trademark office, which is also responsible for examining trademark applications.

Interested in finding more similar patents? Here are the steps to follow:

1. Create a list of terms for your invention according to its function and composition or usage.

Write down a concise detailed description of the invention. Avoid using generic terms like “device,” “process,” and “system.” Consider synonyms for the terms you initially chose. Also, make note of key technical terms and key words.

To help you find terms and keywords, you can use the following questions.

  • What’s the goal of the invention? Is it a utilitarian device or an ornamental design?
  • Is invention a way to come up with something or to perform a function? Or is it a product or procedure?
  • What is the purpose and composition of the invention? What is the physical structure of the invention?
  • What’s the purpose of the invention?
  • What are the terms in the technical field and keywords used to define the nature of an invention? To help you find the right terms, refer to a technical dictionary.

2. These terms will allow you to search for pertinent Cooperative Patent Classifications on the Classification Search Tool. If you’re unable to locate the appropriate classification to describe your invention, go through the Schemas of classes (class schedules). If you do not get results using the Classification Text Search, you may want to consider replacing the words to describe your invention using synonyms.

3. Check 3. Check the CPC Classification Definition to verify the accuracy of the CPC classification you found. The link to a CPC classification definition is provided if the chosen classification title has a blue box that includes “D” to the left. CPC classification definitions can assist you in determining the classification’s boundaries so that you can select the one that is most appropriate. In addition they can provide some tips for searching and other information which could be helpful for further research.

4. The Patents Full-Text Database and the Image Database allow you to retrieve patent documents that include the CPC classification. By focusing on abstracts and illustrations you can narrow your search to the most relevant patent publications.

5. This collection of patent publications is the most appropriate to examine for similarity with your invention. Pay close attention to the specifications and claims. Contact the applicant as well as the patent examiner to obtain additional patents.

6. It is possible to find patent applications published in the public domain that fit the CPC classification that you chose in Step 3. It is also possible to use the same strategy of searching you employed in step 4 to limit down your search results to just the most relevant patent applications by reviewing the abstracts and drawings on each page. Next, carefully examine the patent applications that have been published with particular attention paid to the claims as well as additional drawings.

7. You can look up additional US patent publications using keywords searching in AppFT or PatFT databases, as well as classification searches for non-U.S. Patents per below. You can also use web search engines to find non-patent documents that describe inventions in the literature. Here are a few examples:

  • Add keywords to your search. Keyword searches may turn up documents that are not well-categorized or have missed classifications during Step 2. For example, US patent examiners often supplement their classification searches with keyword searches. Think about the use of technical engineering terminology rather than everyday words.
  • Search for foreign patents using the CPC classification. Then, re-run the search using international patent office search engines such as Espacenet, the European Patent Office’s worldwide patent publication database of over 130 million patent publications. Other national databases include:
  • Search non-patent literature. Inventions can be made public in many non-patent publications. It is recommended that you search journals, books, websites, technical catalogs, conference proceedings, and other print and electronic publications.

To review your search, you can hire a registered patent attorney to assist. A preliminary search will help one better prepare to talk about their invention and other related inventions with a professional patent attorney. In addition, the attorney will not spend too much time or money on patenting basics.