Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2005-01-27
2010-10-05
Flynn, Nathan (Department: 2454)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C726S023000
Reexamination Certificate
active
07809826
ABSTRACT:
A plurality of network devices monitor network traffic and generate profiling data that describes packet flows within the network traffic. The network devices output communications that include the profiling data. An aggregation device receives the communications and builds a correlation database to aggregate the profiling data generated by the plurality of network devices. The profiling data may relate low-level network elements associated with the packet flows and application-layer elements extracted from application-layer communications reassembled from the packet flows.
REFERENCES:
patent: 5787253 (1998-07-01), McCreery et al.
patent: 6219786 (2001-04-01), Cunningham et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6499107 (2002-12-01), Gleichauf et al.
patent: 6507834 (2003-01-01), Kabra et al.
patent: 6751728 (2004-06-01), Gunter et al.
patent: 6772345 (2004-08-01), Shetty
patent: 6789116 (2004-09-01), Sarkissian et al.
patent: 6918034 (2005-07-01), Sengodan et al.
patent: 7007301 (2006-02-01), Crosbie et al.
patent: 7017186 (2006-03-01), Day
patent: 7065657 (2006-06-01), Moran
patent: 7076803 (2006-07-01), Bruton, III et al.
patent: 7089428 (2006-08-01), Farley et al.
patent: 7100201 (2006-08-01), Izatt
patent: 7174566 (2007-02-01), Yadav
patent: 7222366 (2007-05-01), Bruton, III et al.
patent: 7234168 (2007-06-01), Gupta et al.
patent: 7240368 (2007-07-01), Roesch et al.
patent: 7277404 (2007-10-01), Tanzella et al.
patent: 7308715 (2007-12-01), Gupta et al.
patent: 7322044 (2008-01-01), Hrastar
patent: 7324447 (2008-01-01), Morford
patent: 7324804 (2008-01-01), Hrastar et al.
patent: 7331061 (2008-02-01), Ramsey et al.
patent: 7383577 (2008-06-01), Hrastar et al.
patent: 7441267 (2008-10-01), Elliott
patent: 7509380 (2009-03-01), Motoyama
patent: 7526541 (2009-04-01), Roese et al.
patent: 2002/0055998 (2002-05-01), Riddle et al.
patent: 2002/0078370 (2002-06-01), Tahan
patent: 2002/0124187 (2002-09-01), Lyle et al.
patent: 2002/0143939 (2002-10-01), Riddle et al.
patent: 2002/0144156 (2002-10-01), Copeland, III
patent: 2002/0198981 (2002-12-01), Corl, Jr. et al.
patent: 2003/0065953 (2003-04-01), Lehmann et al.
patent: 2003/0105976 (2003-06-01), Copeland, III
patent: 2003/0131263 (2003-07-01), Keane et al.
patent: 2003/0149887 (2003-08-01), Yadav
patent: 2003/0154399 (2003-08-01), Zuk et al.
patent: 2003/0182580 (2003-09-01), Lee
patent: 2003/0204632 (2003-10-01), Willebeek-LeMair et al.
patent: 2003/0212903 (2003-11-01), Porras et al.
patent: 2003/0217289 (2003-11-01), Ammon et al.
patent: 2003/0236990 (2003-12-01), Hrastar et al.
patent: 2004/0015579 (2004-01-01), Cooper et al.
patent: 2004/0025044 (2004-02-01), Day
patent: 2004/0034800 (2004-02-01), Singhal et al.
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2004/0083299 (2004-04-01), Dietz et al.
patent: 2004/0098623 (2004-05-01), Scheidell
patent: 2004/0151382 (2004-08-01), Stellenberg et al.
patent: 2004/0181690 (2004-09-01), Rothermel et al.
patent: 2004/0255167 (2004-12-01), Knight
patent: 2004/0268150 (2004-12-01), Aaron
patent: 2005/0018618 (2005-01-01), Mualem et al.
patent: 2005/0044406 (2005-02-01), Stute
patent: 2006/0117386 (2006-06-01), Gupta et al.
patent: 2009/0064333 (2009-03-01), Saurabh et al.
Bitpipe, Reflex Interceptor Management Console Product Description, May 25, 2004.
Reflex Security, Reflex Interceptor Management Console Whitepaper, Jan. 29, 2004.
Wikipedia, Cisco PIX, Apr. 9, 2009.
Reflex Security, Reflex Interceptor 500, Jan. 29, 2004 http://web.archive.org/web/20040605205639/http://reflexsecurity.com/documents/ReflexInterceptor-500V32004-01-29.pdf.
Reflex Security, Reflex Intrusion Prevention System, May 7, 2004.
Brugger, Data Mining Methods for Network Intrusion Detection, Jun. 9, 2004.
Campos et al., Creation and Deployment of Data Mining-Based Intrusion Detection Systems in Oracle Database 10g, Sep. 2005.
Warshaw et al., Monitoring Network Logs for Anomalous Activity, Oct. 9, 1998.
Warshaw et al., VenusIDS: An Active Database Component for Intrusion Detection, Jun. 11, 1999.
Jain et al., A Wakeup Call for Internet Monitoring Systems: The Case for Distributed Triggers, 2004.
“Norton Internet Security™ 2003 User's Guide,” 2002, Symantec Corporation.
“Ethereal 0.10.0 has been released”, Dec. 12, 2003, www.ethereal.com, retrieved from the Internet Archive WayBackMachine, indexed Jan. 1, 2004.
U.S. Patent Application entitled “Application-Layer Monitoring and Profiling Network Traffic”, U.S. Appl. No. 11/044,619, filed Jan. 27, 2005.
U.S. Patent Application entitled “Compound Attack Detection in a Computer Network”, U.S. Appl. No. 11/045,572, filed Jan. 27, 2005.
U.S. Patent Application entitled “Detection and Prevention of Encapsulated Network Attacks Using an Intermediate Device”, U.S. Appl. No. 11/049,620, filed Feb. 2, 2005.
U.S. Patent Application entitled “Identification of Network Policy Violations”, U.S. Appl. No. 11/044,332, filed Jan. 27, 2005.
U.S. Patent Application entitled “Automated Change Detection Within a Network Environment”, U.S. Appl. No. 11/044,240, filed Jan. 27, 2005.
Yannakakis, Perspectives on Database Theory, IEEE, Proceedings of 36thAnnual Symposium on Foundations of Computer Science, Milwaukee, Wisconsin, Oct. 23-25, 1995, 25 pgs.
Roelker, (Snort User Manual, HTTP inspect readme), Aug. 11, 2004, see §§ 2.1.7, 2.1.8, 2.1.10, 7 pgs.
“Intrusion Detection and Prevention,” OneSecure, Inc., 2001 p. 1-6.
Office Action from U.S. Appl. No. 11/044,240, dated Jan. 27, 2010, 17 pp.
Response to Office Action from U.S. Appl. No. 11/044,240, filed Apr. 27, 2010, 12 pp.
Notice of Allowance in U.S. Appl. No. 11/044,619, mailed Dec. 15, 2009, 8 pp.
Office Action from U.S. Appl. No. 11/045,572, dated Nov. 12, 2009, 25 pp.
Response to Office Action dated Nov. 12, 2009, from U.S. Appl. No. 11/045,572, filed Feb. 12, 2010, 15 pp.
Conaway James E
Flynn Nathan
Juniper Networks, Inc.
Shumaker & Sieffert P.A.
LandOfFree
Remote aggregation of network traffic profiling data does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Remote aggregation of network traffic profiling data, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Remote aggregation of network traffic profiling data will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4214918