Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2004-08-31
2008-11-11
Kincaid, Kristine (Department: 2139)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C726S004000, C726S013000, C726S026000, C709S224000, C709S225000
Reexamination Certificate
active
07451489
ABSTRACT:
An active network defense system is provided that is operable to monitor and block traffic in an automated fashion. This active network defense system is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure. In this configuration, inspection and manipulation of every passing packet is possible. An algorithmic filtering operation applies statistical threshold filtering to the data flow in order to identify threats existing across multiple sessions. A trigger filtering operation applies header and content match filtering to the data flow in order to identify threats existing within individual sessions. Threatening packet traffic is blocked and threatening sessions are terminated. Suspicious traffic is extracted from the data flow for further examination with more comprehensive content matching as well as asset risk analysis. A flow control mechanism is provided to control passage rate for packets passing through the data flow.
REFERENCES:
patent: 5813001 (1998-09-01), Bennett
patent: 5835726 (1998-11-01), Shwed et al.
patent: 5878231 (1999-03-01), Baehr et al.
patent: 6134591 (2000-10-01), Nickles
patent: 6219706 (2001-04-01), Fan et al.
patent: 6269447 (2001-07-01), Maloney et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6453345 (2002-09-01), Trcka et al.
patent: 6477651 (2002-11-01), Teal
patent: 6499107 (2002-12-01), Gleichauf et al.
patent: 6513122 (2003-01-01), Magdych et al.
patent: 6519703 (2003-02-01), Joyce
patent: 6550012 (2003-04-01), Villa et al.
patent: 6553377 (2003-04-01), Eschelbeck et al.
patent: 6611875 (2003-08-01), Chopra et al.
patent: 6651099 (2003-11-01), Dietz et al.
patent: 6654882 (2003-11-01), Froutan et al.
patent: 6711615 (2004-03-01), Porras et al.
patent: 6725378 (2004-04-01), Schuba et al.
patent: 6735702 (2004-05-01), Yavatkar et al.
patent: 6738814 (2004-05-01), Cox et al.
patent: 6816455 (2004-11-01), Goldberg et al.
patent: 6901517 (2005-05-01), Redmore
patent: 6963912 (2005-11-01), Schweitzer et al.
patent: 7031316 (2006-04-01), Maher, III et al.
patent: 7099940 (2006-08-01), Givoly
patent: 2001/0052014 (2001-12-01), Sheymov et al.
patent: 2002/0023227 (2002-02-01), Sheymov et al.
patent: 2002/0116639 (2002-08-01), Chefalas et al.
patent: 2003/0135749 (2003-07-01), Gales et al.
patent: 2003/0149888 (2003-08-01), Yadav
patent: 2003/0154399 (2003-08-01), Zuk et al.
patent: 2003/0159060 (2003-08-01), Gales et al.
Shafique, F., et al, ‘Correlating Multi-Session Attacks via Replay’, Nov. 2006, Univ. of Toronto, entire document, http://www.usenix.org/event/hotdep06/tech/prelim—papers/shafique/shafique.pdf.
Zeltser, et al., “Inside Network Perimeter Security: Stateful Firewals,” Que Publishing, on-line article at quepublishing.com, Apr. 29, 2005.
“What is firewall security,” SecureWorks™ , Technical Resource Center, Firewall-Security, on-line newsletter at www.secureworks.com, Jul. 19, 2005.
“Addressing the Limitations of Deep Packet Inspection with Complete Content Protection,” Fortinet, Inc., White Paper, dated Jan. 2004, www.fortinet.com.
Ido Dubrawski, “Firewall Evolution—Deep Packet Inspection,” on-line article at www.securityfocus.com, Julu 29, 2003.
Thomas Porter, “The Perils of Deep Packet Inspection,” on-line article at www.securityfocus.com, Jan. 11, 2005.
Cantrell Craig
Cox Dennis
Kolbly Donovan
McHale John
Smith Brian
Baum Ronald
Gardere Wynne & Sewell LLP
Kincaid Kristine
TippingPoint Technologies, Inc.
LandOfFree
Active network defense system and method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Active network defense system and method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Active network defense system and method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4040631