International Business Machines Corporation
Network attack tainting and tracking

Abstract:

A technique for network attack tainting and tracking includes monitoring data packets received from a network for a malicious request. Responsive to detecting a malicious request, a forensic token is created having information pertaining to the malicious request that is configured to be stored by a source of the malicious request and discoverable regarding involvement of the source in the malicious request. The forensic token is injected into a response message, and the response message is then transmitted to the source of the request as a response to the request.