Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-10-02
2007-10-02
Sheikh, Ayaz (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S004000, C726S005000, C726S006000, C726S007000, C726S013000, C726S014000, C726S027000, C713S151000, C713S152000, C713S153000, C713S154000, C713S188000, C713S182000, C709S223000, C709S224000, C709S225000, C709S226000
Reexamination Certificate
active
09931301
ABSTRACT:
A method, computer program product, and apparatus for presenting data about security-related events that puts the data into a concise form is disclosed. Events are abstracted into a set data-type. Sets with common elements are grouped together, and summaries of the groups—“situations”—are presented to a user or administrator.
REFERENCES:
patent: 3617640 (1971-11-01), Cichanowicz
patent: 5239459 (1993-08-01), Hunt et al.
patent: 5568471 (1996-10-01), Hershey et al.
patent: 5621889 (1997-04-01), Lermuzeaux et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6163257 (2000-12-01), Tracy
patent: 6347374 (2002-02-01), Drake et al.
patent: 6353385 (2002-03-01), Molini et al.
patent: 2002/0073338 (2002-06-01), Burrows et al.
patent: 2002/0078381 (2002-06-01), Farley et al.
patent: 0985995 (2000-03-01), None
patent: 11212831 (1999-08-01), None
patent: WO94/07339 (1994-03-01), None
patent: WO99/59321 (1999-11-01), None
Burrows (U.S. Appl. No. 60/252,821: Method and system for limiting the impact of undesirable behavior of computers and a shared data network, Nov. 22, 2000).
IBM Technical Disclosure Bulletin, “Dynamic Intrusion Detection for Secure Access Enclosure”, vol. 36, No. 06B, Jun. 1993, pp. 233-235.
Ning, P et al., “Modeling Requests among Cooperating Intrusion Detection Systems”,Computer Communications, vol. 23, No. 17, pp. 1702-1715, Nov. 1, 2000, Abstract.
Perrochon, L et al., “Enlisting Event Patterns for Cyber Battlefield Awareness”, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX' 00, Pt. vol. 2, pp. 411-422 vol. 2, Published: Las Alamitos, CA, USA, 1999, 2 vol. (xvi+423+425) pp., Abstract.
Bowen, T et al., “Building Survivable Systems: An Integrated Approach Based on Intrusion Detection and Damage Containment”, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX' 00, Pt. vol. 2, pp. 84-99 vol. 2, Published: Las Alamitos, CA, USA, 1999, 2 vol. (xvi+423+425) pp., Abstract.
Ming Yuh Huang et al., “A Large Sclae Distributed Intrusion Detection Framework Based on Attack Strategy Analysis”,Computer Networks, vol. 31, No. 23-24, pp. 2465-2475, Dec. 14, 1999, Abstract.
Kato, N et al., “A Real-Time Intrusion Detection System (IDS) for Large-Scale Networks and its Evaluations”, IEICE Transactions on Communications, vol. E82-B, No. 11, pp. 1817-1825, Nov. 1999, Abstract.
Sekar, R et al., “On Preventing Intrusions by Process Behaviour Monitoring”, Proceedings of the Workshop on Intrusion Detection and Network Monitoring (ID'99), pp. 29-40, Published: Berkeley, CA, USA, 1999, 140 pp., Abstract.
Girardin, L., “An Eye on Network Intruder-Administrator Shootouts”, Proceedings of the Workshop on Intrusion Detection and Network Montoring (ID'99), pp. 19-28, Published: Berkeley, CA, USA, 1999, 140 pp., Abstract.
Vigna, G et al., “NetSTAT: A Network-Based Intrusion Detection System”,Journal of Computer Security, vol. 7, No. 1, pp. 37-71, 1999, Abstract.
Endler, D, “Intrusion Detection. Applying Machine Learning to Solaris Audit Data”, Proceedings 14th Annual Computer Security Applications Conference (Cat. No. 98EX217), pp. 268-279, Published: Los Alamitos, CA, USA, 1998, xiii+365 pp., Abstract.
Vigna, G et al., “NetSTAT: A Network-Based Intrusion Detection Approach”, Proceedings 14th Annual Computer Security Applications Conference (Cat. No. 98EX217), pp. 25-34, Published: Los Alamitos, CA, USA, 1998, xiii+365 pp., Abstract.
Bodek, H et al., “The Data Mining and Analysis of Packet Data for Detecting Network Intrusions: Preliminary Results”, PADD97 Proceedings of the First International Conference on the Practical Application of Knowledge Discovery and Data Mining, pp. 91-95, Published: Blackpool, UK, 1997, 301 pp., Abstract.
White, GB et al., “A Peer-Based Hardware Protocol for Intrusion Detection Systems”, MILCOM 96. Conference Proceedings (Cat. No. 96CH36008), Pt. vol. 2, pp. 468-472 vol. 2, Published: New York, NY, USA, 1996, 3 vol. xxiv+1083 pp., Abstract.
Winkler, Jr, “A UNIX Prototype for Intrusion and Anomaly Detection in Secure Networks”, 13th National Computer Security Conference. Proceedings. Information Systems Security. Standards—The Key to the Future, pp. 115-124 vol. 1, Published: Gaithersburg, MD, USA, 1990, 2 vol. Xi+839 pp., Abstract.
Winkler, Jr et al., “Intrusion and Anomaly Detection in Trusted Systems”, Fifth Annual Computer Security Applications Conference (Cat. No. 89TH0287-3), pp. 39-45, Published: Los Alamitos, CA, USA, 1990, xv+357 pp., Abstract.
Black Steven
Debar Herve
Garrison John Michael
Chai Longbit
Kinslow Cathrine K.
LaBaw Jeffrey S.
Sheikh Ayaz
Yee Duke W.
LandOfFree
Presentation of correlated events as situation classes does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Presentation of correlated events as situation classes, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Presentation of correlated events as situation classes will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3886149