Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2008-07-29
2008-07-29
Zand, Kambiz (Department: 2134)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000
Reexamination Certificate
active
10632857
ABSTRACT:
Methods, apparati, and computer-readable media for protecting computer code (1) from malicious retrievers (3). A method embodiment of the present invention comprises the steps of generating (22) retrieval information characteristic of data sent to a retriever (3) by the computer code (1) in response to a retrieval command (5) issued by the retriever (3); accessing at least one rule (6) using at least some of said retrieval information as an input to said at least one rule (6); and, when said at least one rule (6) informs that the retrieval is not acceptable, flagging (28) the retrieval command (5) as suspicious.
REFERENCES:
patent: 4959849 (1990-09-01), Bhusri
patent: 5355474 (1994-10-01), Thuraisngham et al.
patent: 5584024 (1996-12-01), Shwartz
patent: 5664172 (1997-09-01), Antoshenkov
patent: 5694595 (1997-12-01), Jacobs et al.
patent: 5742806 (1998-04-01), Reiner et al.
patent: 5826076 (1998-10-01), Bradley et al.
patent: 5961582 (1999-10-01), Gaines
patent: 6088803 (2000-07-01), Tso et al.
patent: 6128740 (2000-10-01), Curry et al.
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6311278 (2001-10-01), Raanan et al.
patent: 6314409 (2001-11-01), Schneck et al.
patent: 6321337 (2001-11-01), Reshef et al.
patent: 6356887 (2002-03-01), Berenson et al.
patent: 6584569 (2003-06-01), Reshef et al.
patent: 6598038 (2003-07-01), Guay et al.
patent: 6775657 (2004-08-01), Baker
patent: 6775827 (2004-08-01), Harkins
patent: 6839850 (2005-01-01), Campbell et al.
patent: 6851113 (2005-02-01), Hemsath
patent: 6928553 (2005-08-01), Xiong et al.
patent: 7047369 (2006-05-01), Gruper et al.
patent: 7085780 (2006-08-01), Sakamoto et al.
patent: 7085928 (2006-08-01), Schmid et al.
patent: 7120645 (2006-10-01), Manikutty et al.
patent: 7120933 (2006-10-01), Mattsson
patent: 7185232 (2007-02-01), Leavy et al.
patent: 7237265 (2007-06-01), Reshef et al.
patent: 7240201 (2007-07-01), Neufeld et al.
patent: 7296274 (2007-11-01), Cohen et al.
patent: 2002/0065896 (2002-05-01), Burakoff et al.
patent: 2002/0083343 (2002-06-01), Crosbie et al.
patent: 2002/0087882 (2002-07-01), Schneider et al.
patent: 2002/0157020 (2002-10-01), Royer
patent: 2003/0037251 (2003-02-01), Frieder et al.
patent: 2003/0051026 (2003-03-01), Carter et al.
patent: 2003/0069880 (2003-04-01), Harrison et al.
patent: 2003/0101355 (2003-05-01), Mattsson
patent: 2003/0133554 (2003-07-01), Nykanen et al.
patent: 2003/0145226 (2003-07-01), Bruton et al.
patent: 2003/0154402 (2003-08-01), Pandit et al.
patent: 2003/0167229 (2003-09-01), Ludwig et al.
patent: 2003/0188189 (2003-10-01), Desai et al.
patent: 2003/0204719 (2003-10-01), Ben-Itzhak
patent: 2003/0221123 (2003-11-01), Beavers
patent: 2003/0233583 (2003-12-01), Carley
patent: 2004/0098617 (2004-05-01), Sekar
patent: 2004/0098623 (2004-05-01), Scheidell
patent: 2004/0193656 (2004-09-01), Pizzo et al.
patent: 2004/0199535 (2004-10-01), Zuk
patent: 2004/0199647 (2004-10-01), Ramarao et al.
patent: 2004/0205360 (2004-10-01), Norton et al.
patent: 2004/0220915 (2004-11-01), Kline et al.
patent: 2004/0250127 (2004-12-01), Scoredos et al.
patent: 2004/0250134 (2004-12-01), Kohler et al.
patent: 2004/0260945 (2004-12-01), Raikar et al.
patent: 2005/0086529 (2005-04-01), Buchsbaum
patent: 2005/0097149 (2005-05-01), Vaitzblit et al.
patent: 2005/0138006 (2005-06-01), Bennett et al.
patent: 2005/0138426 (2005-06-01), Styslinger
patent: 2005/0154733 (2005-07-01), Meltzer et al.
patent: 2005/0203886 (2005-09-01), Wong
patent: 2005/0203921 (2005-09-01), Newman et al.
patent: 2005/0273859 (2005-12-01), Chess et al.
patent: 2005/0289187 (2005-12-01), Wong et al.
patent: 2006/0070128 (2006-03-01), Heimerdinger et al.
patent: 2006/0117386 (2006-06-01), Gupta et al.
patent: 2006/0212438 (2006-09-01), Ng
patent: 2006/0212941 (2006-09-01), Bronnikov et al.
patent: 2006/0242136 (2006-10-01), Hammond et al.
patent: 2007/0074188 (2007-03-01), Huang et al.
patent: 2007/0094728 (2007-04-01), Julisch et al.
patent: 2007/0169194 (2007-07-01), Church et al.
patent: WO 01/71499 (2001-09-01), None
Oracle, Understanding Query Expressions (“Oracle 8 ConText Cartridge Ap[plication Developer's Guide. Release 2.3”), 1997, http://download-east.oracle.com/docs/cd/A58617—01/cartridg.804/a58164/ch03.htm.
Pfleeger (Charles P. Pfleeger, “Security in computing”, 2nd edition 1996, ISBN: 0133374866), 426-433.
Weisstein, “The CRC concise encyclopedia of mathematics”, ISBN: 0849396409, 1998, p. 17-26.
Low, Wai Lup, et al., “DIDAFIT: Detecting Intrusions In Databases Through Fingerprinting Transactions,” ICEIS 2002, Fourth International Conference On Enterprise Information Systems, vol. 1, Apr. 3-6, 2002, pp. 121-128, Ciudad Real, Spain.
AirCert web page, last updated Sep. 18, 2000 [online]. Cert.org [retrieved Apr. 18, 2003]. Retrieved from the Internet<URL:http://www.cert.org/kb/aircert/>.
Analysis Console for Intrusion Detection (ACID) web page [online]. Andrew.cmu.edu [retrieved Apr. 18, 2003]. Retrieved from the Internet<URL:http://www.andrew.cmu.edu/˜rdanyliw/snort/snortacid.html>.
“Caltarian Security Technology Platform,” Riptech web pages [online]. Symanec.com [retrieved Apr. 18, 2003]. Retrieved from the Internet<URL:http://wnterprisesecurity.symantec.com/Content/displayPDF.cfm?SSSPDFID=35&EID=O>.
Change log for Analysis Console for intrusion Detection (Acid), indicating release date of Sep. 8, 2000 [online]. Andrew.cmu.edu [retrieved Apr. 18, 2003]. Retrieved from the Internet:<URL:http://www.andrew.cmu.edu/˜rdanyliw/snort/CHANGELOG>.
CyberGuard Corporation, “CyberGuard and Webwasher: The Value Proposition,” A CyberGuard Corporation White Paper, May 2004, 6 pages.
e=Security, Inc., Correlation Technology for Security Event Management, Oct. 7, 2002 [online]. eSecurityins.com [retrieved Apr. 18, 2003]. Retrieved from the Internet:<URL:http://www.esecurityinc.com/downloads/Correlation—WP.pdf>.
Marketing, “Digital Certificates—Best Practices—A Microdasys Whitepaper,” bestpractice.doc, Revision 1.1 (Jul. 31, 2003), 6 pages, Czech Republic.
Microdasys, “S C I P Secured Content Inspection: Protecting the Enterprise from CryptoHacks,” 2003 by Microdasys Inc., 2 pages, Czech Republic.
MyNetWatchman.com web pages indicating 9/00 beta release [online]. MyNetWatchman.com [retrieved Apr. 18, 2003]. Retrieved from the Internet<URL:http://www.mynetwatchman.com/mynetwatchman>.
Network Computing Solutions—“Microdasys SCIP” [online]. Retrieved on Mar. 18, 2005. Retrieved from the Internet<URL:http://www.ncs/cz/index.php?language=en&menuitem-4&subitem=13>, 2 pages, Czech Republic.
Network Computing Solutions—NSC Homepage—News [online]. Retrieved on Mar. 18, 2005. Retrieved from the Internet<URL:http:
sc.cz/index/php?language=en&menuitem=0&subitem=4&subitem=13>, 3 pages, Czech Republic.
Parkhouse, Jayne, “Pelican Save TNet 2.0,” [online] Jun. 2000, SC Magazine Product Review, [retrieved Dec. 1, 2003] Retrieved from the Internet<URL:http://www.scmagazine.com/standalone/pelican/sc—pelican.html>.
“PostgreSQL Interactive Documentation,” May 2001, [online] [Archived by http://archive.org on Jun. 6, 2001; Retrieved on Dec. 19, 2006] Retrieved from the Internet<URL:http://web.archive.org/web/20010606011227/www.postgresql.org/idocs/index.php?overv...>.
2000 Review of eSecurity product on Network Security web page [online]. SCMagazine.com [retrieved Apr. 18, 2003]. Retrieved from the Internet<URL:http://www.scmagazine.com/scmagazine/2000—12/testc
etwork.htm#Open>.
Schneier, Bruce, Managed Security Monitoring: Network Security for the 21stCentury, 2001 [online]. Conterpane.com [retrieved Apr. 18, 2003]. Retrieved from the Internet:<URL:http://www.counterpane.com/msm.pdf>.
SCIP Product, Microdays—“The need to control, inspect and manage encrypted w
Fenwick & West LLP
Poltorak Peter
Symantec Corporation
Zand Kambiz
LandOfFree
Computer code intrusion detection system based on acceptable... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computer code intrusion detection system based on acceptable..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer code intrusion detection system based on acceptable... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3938069