	US 12,353,930 B2
	Application programming interface security
Paulius Duplys, Markgroeningen (DE)
Assigned to ROBERT BOSCH GMBH, Stuttgart (DE)
Filed by Robert Bosch GmbH, Stuttgart (DE)
Filed on Jul. 14, 2022, as Appl. No. 17/812,475.
Claims priority of application No. 10 2021 213 115.8 (DE), filed on Nov. 22, 2021.
Prior Publication US 2023/0161651 A1, May 25, 2023
Int. Cl. G06F 9/54 (2006.01); G06F 21/55 (2013.01)

CPC G06F 9/547 (2013.01) [G06F 21/552 (2013.01); G06F 21/554 (2013.01)]

12 Claims

1. A computer-implemented method for detecting anomalous activity in a computer system by monitoring at least one decoy application programming interface, comprising the following steps:

detecting, in at least one decoy API hosted in a computer system, a function call to the at least one decoy API from an element of the computer system; and

transmitting an intrusion message from the at least one decoy API to an intrusion detection system signifying that a function call to the at least one decoy API has been made;

instantiating a decoy API controller in the computer system, wherein the decoy API controller is configured to spawn and/or delete one or more decoy APIs;

receiving one or more external environment signals at the decoy API controller; and

spawning and/or deleting the one or more decoy APIs in the computer system based on the one or more external environment signals.