Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2006-11-21
2006-11-21
Revak, Christopher (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C713S188000, C726S022000, C726S023000
Reexamination Certificate
active
07140041
ABSTRACT:
A method, system and computer program product for detecting the dissemination of malicious programs. The degree of randomness in the Internet Protocol (IP) destination addresses of received IP packets to be forwarded to an external network may be detected by performing a hash function on the IP destination addresses thereby generating one or more different hash values. If a high number of different hash values were generated for a small number of IP packets examined, then random IP destination addresses may be detected. By detecting random destination IP addresses, the dissemination of a malicious program, e.g., virus, worm program, may be detected.
REFERENCES:
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5825750 (1998-10-01), Thompson
patent: 5958053 (1999-09-01), Denker
patent: 6009475 (1999-12-01), Shrader
patent: 6016546 (2000-01-01), Kephart et al.
patent: 6119236 (2000-09-01), Shipley
patent: 6182226 (2001-01-01), Reid et al.
patent: 6185680 (2001-02-01), Shimbo et al.
patent: 6304975 (2001-10-01), Shipley
patent: 6389419 (2002-05-01), Wong et al.
patent: 6487666 (2002-11-01), Shanklin et al.
patent: 6519703 (2003-02-01), Joyce
patent: 7017185 (2006-03-01), Wiley et al.
patent: 2002/0032871 (2002-03-01), Malan et al.
patent: 2002/0035683 (2002-03-01), Kaashoek et al.
patent: 2002/0095492 (2002-07-01), Kaashoek et al.
patent: 2002/0103916 (2002-08-01), Chen et al.
patent: 2002/0157020 (2002-10-01), Royer
patent: 2002/0166063 (2002-11-01), Lachman et al.
patent: 2002/0199109 (2002-12-01), Boom
patent: 2003/0009693 (2003-01-01), Brock et al.
patent: 2003/0061514 (2003-03-01), Bardsley et al.
patent: 2003/0084344 (2003-05-01), Tarquini et al.
patent: 2003/0115485 (2003-06-01), Milliken
patent: 2003/0135758 (2003-07-01), Turner
patent: 2003/0145225 (2003-07-01), Bruton et al.
patent: 2003/0212903 (2003-11-01), Porras et al.
patent: 2004/0003116 (2004-01-01), Munger et al.
patent: 2004/0221191 (2004-11-01), Porras et al.
patent: 1122932 (2001-08-01), None
patent: WO9948303 (1999-09-01), None
Loudon, Kyle. “Mastering Algorithms with C”, Aug. 1999, Published by O'Reilly & Associates, Inc., chapters 8 and 12.17-12.20.
Ye et al. Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data. In IEEE Transactions on Systems, Man, and Cybernetics-Part A, vol. 31, No. 4, Jul. 2001.
Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, and D. Zerkle. GrIDS—a graph based intrusion detection system for large networks. In Proceedings of the 19th National Information Systems Security Conf.
“Automated Program Analysis for Computer Virus Detection,”IBM Technical Disclosure Bulletin, vol. 34, No. 2, Jul. 1991, pp. 415-416.
Shiuhpyng Winston Shieh et al. “A Pattern-Oriented Intrusion-Detection Model and Its Applications,”IEEE, 19991, pp. 327-342.
Jeffries Clark Debs
Lingafelt Charles Steven
Strole Norman Clark
International Business Machines - Corporation
McKay Kerry
Revak Christopher
Voigt, Jr. Robert A.
Winstead Sechrest & Minick P.C
LandOfFree
Detecting dissemination of malicious programs does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detecting dissemination of malicious programs, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting dissemination of malicious programs will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3693091