Apparatus, method and program to detect and control...

Information security – Monitoring or scanning of software or data including attack...

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S013000, C726S024000

Reexamination Certificate

active

07669240

ABSTRACT:
A detection and response system including a set of algorithms for detection within a stream of normal computer traffic a subset of TCP packets with one IP Source Address (SA), one Destination Port (DP), and a number exceeding a threshold of distinct Destination Addresses (DA). There is efficient use of a lookup mechanism such as a Direct Table and Patricia search tree to record sets of packets with one SA and one DP as well as the set of DA values observed for the given SA, DP combination. The existence of such a subset and the header values including SA, DP, and multiple DAs of the subset are reported to a network administrator. In addition, various administrative responses to reports are provided.

REFERENCES:
patent: 5550984 (1996-08-01), Gelb
patent: 5946679 (1999-08-01), Ahuja et al.
patent: 5987611 (1999-11-01), Freund
patent: 6128296 (2000-10-01), Daruwalla et al.
patent: 6141749 (2000-10-01), Coss et al.
patent: 6272640 (2001-08-01), Sokol
patent: 6510154 (2003-01-01), Mayes et al.
patent: 2002/0016826 (2002-02-01), Johansson et al.
patent: 2002/0035698 (2002-03-01), Malan et al.
patent: 2002/0038339 (2002-03-01), Xu
patent: 2002/0083344 (2002-06-01), Vairavan
patent: 2002/0133586 (2002-09-01), Shanklin et al.
patent: 2002/0162026 (2002-10-01), Neuman et al.
patent: 2002/0184362 (2002-12-01), Banerjee et al.
patent: 2003/0061510 (2003-03-01), Hartmann et al.
patent: 2004/0199535 (2004-10-01), Zuk
patent: 2005/0213570 (2005-09-01), Stacy et al.
J. Pikoulas, et al., “An Intelligent Agent Security Intrusion System”, Proceedings Ninth Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems, p. 94-9, 2002, INSPEC Abstract.
H. Saito, et al, “Development of Real-Time Simulator Using Traffic Monitoring”, 2000 IEEE International Conference on communications, ICC 2000. Global convergence through Communications; Conference Record, Part vol. 1, p. 195-9, Jun. 18-22, 2000 INSPEC Abstract.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Apparatus, method and program to detect and control... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Apparatus, method and program to detect and control..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus, method and program to detect and control... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4226789

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.