METHOD OF IMPROVING NETWORK SECURITY BY LEARNING FROM ATTACKERS FOR DETECTING NETWORK SYSTEM'S WEAKNESS

摘要

Being targeted by an attacker is unfortunate and being actually attacked is even worse. When this happens, it indicates there must be a weakness or vulnerability existing in a network that the attacker knows about but a user is unaware of or does not pay attention before. The present invention discloses ideas and methods to find out the weakness, that the attacker has discovered and/or aimed at, from all different traces or evidences or signals left by the attacker at different places during reconnaissance or actually attacking cycle. Furthermore, it decomposes the algorithm used in attack's reconnaissance and performance, and uses the decomposed algorithm to fire-drill-test other systems to see if the same or similar weaknesses exist in other places. Finally, it produces actionable instructions for a user to seal and to fix the identified weakness right away for stopping an attack and protecting the network and connected devices and systems.