Patent attributes
Disclosed herein are systems, methods, and storage media for thwarting cyber-attacks and data theft. A computing system receives packets and compares with a configuration resource. The computing system determines that the packet does not match the configuration resource and transmits a packet to a decoy environment via an SDN switch. The decoy environment is configured to generate time-out, service unavailable, or restricted access messages. In some embodiments, the computing system determines the packet does match the configuration and transmits the packet to a production network via an SDN switch. The SDN switch is communicatively connected to the decoy environment through a first channel and communicatively connected to a production environment through a separate second channel. The computing system is further configured to create and transmit to the SDN switch, rules to manage transmitting the packet to either the decoy environment or the production environment.