Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2004-07-22
2010-02-23
Kim, Jung (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
C726S013000, C726S024000
Reexamination Certificate
active
07669240
ABSTRACT:
A detection and response system including a set of algorithms for detection within a stream of normal computer traffic a subset of TCP packets with one IP Source Address (SA), one Destination Port (DP), and a number exceeding a threshold of distinct Destination Addresses (DA). There is efficient use of a lookup mechanism such as a Direct Table and Patricia search tree to record sets of packets with one SA and one DP as well as the set of DA values observed for the given SA, DP combination. The existence of such a subset and the header values including SA, DP, and multiple DAs of the subset are reported to a network administrator. In addition, various administrative responses to reports are provided.
REFERENCES:
patent: 5550984 (1996-08-01), Gelb
patent: 5946679 (1999-08-01), Ahuja et al.
patent: 5987611 (1999-11-01), Freund
patent: 6128296 (2000-10-01), Daruwalla et al.
patent: 6141749 (2000-10-01), Coss et al.
patent: 6272640 (2001-08-01), Sokol
patent: 6510154 (2003-01-01), Mayes et al.
patent: 2002/0016826 (2002-02-01), Johansson et al.
patent: 2002/0035698 (2002-03-01), Malan et al.
patent: 2002/0038339 (2002-03-01), Xu
patent: 2002/0083344 (2002-06-01), Vairavan
patent: 2002/0133586 (2002-09-01), Shanklin et al.
patent: 2002/0162026 (2002-10-01), Neuman et al.
patent: 2002/0184362 (2002-12-01), Banerjee et al.
patent: 2003/0061510 (2003-03-01), Hartmann et al.
patent: 2004/0199535 (2004-10-01), Zuk
patent: 2005/0213570 (2005-09-01), Stacy et al.
J. Pikoulas, et al., “An Intelligent Agent Security Intrusion System”, Proceedings Ninth Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems, p. 94-9, 2002, INSPEC Abstract.
H. Saito, et al, “Development of Real-Time Simulator Using Traffic Monitoring”, 2000 IEEE International Conference on communications, ICC 2000. Global convergence through Communications; Conference Record, Part vol. 1, p. 195-9, Jun. 18-22, 2000 INSPEC Abstract.
Boulanger Alan David
Danford Robert William
Himberger Kevin David
Jeffries Clark Debs
Dillon & Yudell LLP
International Business Machines - Corporation
Kim Jung
Perungavoor Venkat
LandOfFree
Apparatus, method and program to detect and control... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus, method and program to detect and control..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus, method and program to detect and control... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4226789