| CPC H04L 63/1491 (2013.01) [H04L 63/083 (2013.01); H04L 63/10 (2013.01); H04L 63/20 (2013.01); H04L 2463/144 (2013.01)] | 20 Claims |
|
1. A method comprising:
providing a network environment including a network and a plurality of servers in data communication with the network, each server implementing at least one service of a plurality of services;
implementing a mapping between each service and name data for each service, the name data including a name for a server implementing each service, the server being one of the plurality of servers;
analyzing the name data in the mapping to determine one or more naming conventions for the plurality of servers;
instantiating one or more decoy services, each decoy service being an instance of executable code;
associating, with each decoy service, a decoy name according to the one or more naming conventions;
providing an authentication directory, the authentication directory further including authentication records for accessing the plurality of services; and
modifying the authentication directory to include an authentication record referencing each decoy name in association with the decoy service of the one or more decoy services associated with the respective decoy name and authentication data for accessing the decoy service associated with the respective decoy name;
wherein the authentication directory defines a plurality of domains such that each server belongs to at least one domain of the plurality of domains; and
wherein analyzing the name data for the plurality of services in the mapping to determine the one or more naming conventions for the plurality of servers comprises determining a domain-specific naming convention of the one or more naming conventions for each domain of the plurality of domains.
|