Multiplex communications – Diagnostic testing
Reexamination Certificate
2007-04-24
2010-10-26
Juntima, Nittaya (Department: 2462)
Multiplex communications
Diagnostic testing
C370S252000, C709S224000
Reexamination Certificate
active
07821947
ABSTRACT:
An activity model is generated at a computer. The activity model may be generated by monitoring incoming and outgoing channels for packets for a predetermined window of time. To generate an activity model, an input and an output channel are selected. A probability distribution function describing the observed waiting time between packet arrivals on the selected input channel and the selected output channel is generated by mining the data collected during the selected window of time. A probability distribution function describing the observed waiting time between a randomly chosen instant and receiving a packet on the selected input channel is also generated. The distance between the two generated probability distribution functions is computed. If the computed distance is greater than a predefined confidence level, then the two selected channels are deemed to be related. Otherwise, the selected channels are deemed to be unrelated. The activity model is further generated by comparing each input and output channel pair entering or leaving a particular computer.
REFERENCES:
patent: 6118936 (2000-09-01), Lauer et al.
patent: 6157653 (2000-12-01), Kline et al.
patent: 6308282 (2001-10-01), Huang et al.
patent: 6336138 (2002-01-01), Caswell et al.
patent: 6775236 (2004-08-01), Scrandis et al.
patent: 6847970 (2005-01-01), Keller et al.
patent: 6889218 (2005-05-01), Nassehi
patent: 7003779 (2006-02-01), Riosa et al.
patent: 7082554 (2006-07-01), Wilson et al.
patent: 2002/0032793 (2002-03-01), Malan et al.
patent: 2002/0032871 (2002-03-01), Malan et al.
patent: 2003/0110392 (2003-06-01), Aucsmith et al.
patent: 2003/0110396 (2003-06-01), Lewis et al.
patent: 2004/0153533 (2004-08-01), Lewis
patent: 2004/0168100 (2004-08-01), Thottan et al.
patent: 2004/0223461 (2004-11-01), Scrandis et al.
patent: 2005/0091532 (2005-04-01), Moghe
patent: 2005/0207413 (2005-09-01), Lerner
patent: 2005/0249214 (2005-11-01), Peng
patent: 2006/0031473 (2006-02-01), Wood
patent: 2006/0034305 (2006-02-01), Heimerdinger et al.
patent: 2006/0037077 (2006-02-01), Gadde et al.
patent: 2006/0047807 (2006-03-01), Magnaghi et al.
patent: 2006/0075496 (2006-04-01), Carpenter et al.
patent: 2006/0089985 (2006-04-01), Poletto
patent: 2006/0191010 (2006-08-01), Benjamin
patent: 2006/0233313 (2006-10-01), Adams, Jr. et al.
Gruschke, B., “Integrated Event Management: Event Correlation Using Dependency Graphs”, Presented atDSOM, 1998, 1-12, http://www.nm.ifi.lmu.de.
Gruschke, B., “A New Approach for Event Correlation based on Dependency Graphs”, http://hpovua.org, 1-8.
Steinder, M. et al., “End-to-End Service Failure Diagnosis Using Belief Networks”, http://www.cis.udel.edu, 16 pages.
Kiciman, E., “Using Statistical Monitoring to Detect Failures in Internet Services”, A Dissertation Submitted to the Department of Computer Science and the Committee on Graduate Studies of Stanford University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy, Sep. 2005, 168 pages.
Peng, T. et al., “Protection from Distributed Denial of Service Attack using History-Based IP Filtering”, http://www.cs.mu.oz.au/˜tpeng/mudquard/research/icc2003, 2003, 6 pages.
Zhang, M., “Understanding Internet Routing Anomalies and Building Robust Transport Layer Protocols”, A Dissertation Presented to the Faculty of Princeton University in Candidacy for the Degree of Doctor of Philosophy, Sep. 2005, 119 pages.
Jongho Choy and Sung-Bae Cho, Anomaly Detection of Computer Usage Using Artificial Intelligence Techniques, Department of Computer Science, Yonsei University 134 Shinchon-dong, Sudaemoon-ku, Seoul 120-749, Korea, Springer-Verlag Berlin Heidelberg 2001, pp. 31-43, 2001.
Winkler, J.R. and Page, W.J., Intrusion and Anomaly Detection in Trusted Systems, 1990 IEEE, Planning Research Corporation Government Information Systems, R&D 1500 Planning Research Drive, McLean, VA 22102, p. 39-45.
Animesh Patcha, Network Anomaly Detection with incomplete Audit Data, Jul. 6, 2006, p. 1-136.
In the United States Patent and Trademark Office, in re.: U.S. Appl. No. 11/554,980 filed Oct. 31, 2006, Final Office Action dated Jun. 1, 2009, 7 pages.
In the United States Patent and Trademark Office, in re.: U.S. Appl. No. 11/554,980 filed Oct. 31, 2006, Non-Final Office Action dated Dec. 30, 2008, 8 pages.
In the United States Patent and Trademark Office, in re.: U.S. Appl. No. 11/554,980 filed Oct. 31, 2006, Final Office Action dated Jun. 5, 2008, 10 pages.
In the United States Patent and Trademark Office, in re.: U.S. Appl. No. 11/554,980 filed Oct. 31, 2006, Non-Final Office Action dated Jan. 30, 2008, 7 pages.
In the United States Patent and Trademark Office, in re.: U.S. Appl. No. 11/554,980 filed Oct. 31, 2006, Final Office Action dated Aug. 6, 2007, 10 pages.
In the United States Patent and Trademark Office, in re.: U.S. Appl. No. 11/554,980 filed Oct. 31, 2006, Non-Final Office Action dated Apr. 2, 2007, 10 pages.
Batsell, S.G. et al., “Distributed Intrusion Detection and Attack Containment for Organizational Cyber Security”, Cyberspace Sciences and Information Intelligence Research website, http://www.ioc.ornl.gov//projects/containment.shtml, last updated Sep. 3, 2009, accessed on Dec. 1, 2009, 7 pages.
Shou-Chuan Lai, “Defending against Internet Worm-like Infestations”, Proceedings of the 18thInternational Conference on Advanced Information Networking and Application (AINA '04), Fukuoka, Japan, Mar. 29-31, 2004, vol. 1, 6 pages.
Barham Paul
Goldszmidt Moises
MacCormick John
Juntima Nittaya
Microsoft Corporation
Woodcock & Washburn LLP
LandOfFree
Automatic discovery of service/host dependencies in computer... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Automatic discovery of service/host dependencies in computer..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Automatic discovery of service/host dependencies in computer... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4174811