TRACKING A POTENTIAL ATTACKER ON AN EXTERNAL COMPUTER SYSTEM

Organization Name

INTERNATIONAL BUSINESS MACHINES CORPORATION

Inventor(s)

Michal Paluch of Krakow (PL)

Szymon Kowalczyk of Krakow (PL)

Jiri Grunseisen of Brno (CZ)

Marcel Butucea Panait of Brno (CZ)

TRACKING A POTENTIAL ATTACKER ON AN EXTERNAL COMPUTER SYSTEM - A simplified explanation of the abstract

This abstract first appeared for US patent application 17457467 titled 'TRACKING A POTENTIAL ATTACKER ON AN EXTERNAL COMPUTER SYSTEM

Simplified Explanation

The patent application describes a method for obtaining information about an external computer system that is connected to a computer system.

• The method involves receiving a request from the external computer system.
• If the external computer system is categorized as a potential threat based on the request, a computer file is generated.
• This computer file contains instructions that can be executed on the processor of the external computer system to obtain information about it.
• In addition to the computer file, data is also provided in response to the request.
• The data and computer file are sent to the external computer system.
• The computer system receiving the request preserves the information obtained from the external computer system for future use in developing measures to protect itself.

Potential applications of this technology:

• Cybersecurity: This method can be used to gather information about potential threats from external computer systems, helping in the development of measures to protect computer systems from cyber attacks.
• Network monitoring: By categorizing external computer systems as potential threats and obtaining information about them, network administrators can monitor and analyze network traffic for any suspicious activity.
• Intrusion detection: The information obtained from external computer systems can be used to detect and prevent unauthorized access or intrusion attempts into computer systems.

Problems solved by this technology:

• Lack of information about potential threats: This method provides a way to gather information about external computer systems that may pose a threat to a computer system, helping in the development of effective security measures.
• Difficulty in identifying potential threats: By categorizing external computer systems based on their requests, this method helps in identifying potential threats and taking appropriate actions to protect the computer system.

Benefits of this technology:

• Enhanced cybersecurity: By obtaining information about potential threats, computer systems can develop better measures to protect themselves from cyber attacks.
• Proactive threat detection: The method allows for proactive monitoring and analysis of network traffic, enabling the detection of potential threats before they can cause harm.
• Improved network security: By identifying and categorizing potential threats, network administrators can take necessary actions to prevent unauthorized access and protect the integrity of the network.

Original Abstract Submitted

A computer-implemented method obtains information about an external computer system having a connection to a computer system. The method may comprise receiving a request from the external computer system. In response to categorizing the external computer system as a potential threat responsive to the request, a computer file is generated responsive to the request. The computer file comprises instructions which are designed for obtaining the information about the external computer system if the instructions are executed on a processor of the external computer system. Furthermore, data is provided responsive to the request. The data is sent together with the computer file to the external computer system. The information about the external computer system, which is generated responsive to the instructions of the computer file, is received by the computer system for preserving it for a later use for developing measures for protecting the computer system.