Multiplex communications – Data flow congestion prevention or control
Reexamination Certificate
2008-09-25
2011-10-18
Yao, Kwang B (Department: 2473)
Multiplex communications
Data flow congestion prevention or control
C370S252000
Reexamination Certificate
active
08040798
ABSTRACT:
The claimed subject matter provides a system and/or a method that facilitates managing a network by mining a communication rule. An analysis engine can employ a packet trace within a network in order to provide timing information, wherein the network includes at least one of a host, a protocol, or an application. A traffic evaluator can extract a communication rule for the network based upon an activity matrix generated from the timing information in which the activity matrix includes at least one of a row of a time window for the packet trace and a column for a flow in the packet trace.
REFERENCES:
patent: 7269647 (2007-09-01), Chang et al.
patent: 7385924 (2008-06-01), Riddle
patent: 2002/0023080 (2002-02-01), Uga et al.
patent: 2004/0123155 (2004-06-01), Etoh et al.
patent: 2005/0111460 (2005-05-01), Sahita
patent: 2005/0147047 (2005-07-01), Monk
patent: 2005/0216496 (2005-09-01), Chickering
patent: 2005/0257267 (2005-11-01), Williams et al.
patent: 2005/0265253 (2005-12-01), Swift et al.
patent: 2005/0289219 (2005-12-01), Nazzal
patent: 2006/0026681 (2006-02-01), Zakas
patent: 2006/0164988 (2006-07-01), Mishra et al.
patent: 2007/0064617 (2007-03-01), Reves
patent: 2007/0226802 (2007-09-01), Gopalan et al.
patent: 2007/0265713 (2007-11-01), Veillette et al.
patent: 2009/0086651 (2009-04-01), Luft et al.
Lee, et al. Data Mining Approaches for Intrusion Detection http://www1.cs.columbia.edu/˜sal/hpapers/USENIX/usenix.html. Last accessed Jul. 4, 2008, 22 pages.
Pang, et al. The Devil and Packet Trace Anonymization. In: Computer Communication Review, Jan. 2006. http://www.icir.org/mallman/papers/devil-ccr-jan06.pdf. Last accessed Jul. 4, 2008, 10 pages.
Meng, et al. Automatic Profiling of Network Event Sequences: Algorithm and Applications http://www.cs.ucla.edu/˜xqmeng/paper/infocom08.pdf. Last accessed Jul. 4, 2008, 9 pages.
Wright, et al. Defending Anonymous Communications against Passive Logging Attacks. In: Proceedings of the Symposium on Security and Privacy (SP'03), 1081-6011/03 IEEE. http://ieeexplore.ieee.org/iel5/8543/27002/01199325.pdf?tp=&amumber=1199325&isnumber=27002. Last accessed Jul. 4, 2008, 14 pages.
Pang, et al. A High-Level Programming Environment for Packet Trace Anonymization and Transformation. In: SIGCOMM'03, Aug. 25-29, 2003, Karlsruhe, Germany. ACM 1-58113-735-4/03/0008. http://www.sigcomm.org/sigcomm2003/papers/p339-pang.pdf. Last accessed Jul. 4, 2008, 13 pages.
Analysis of the Sapphire Worm. Modified Feb. 12, 2007 http://www.caida.org/research/security/sapphire/. Last accessed Jul. 4, 2008, 2 pages.
Estan, et al. Automatically Inferring Patterns of Resource Consumption in Network Traffic. In: SIGCOMM'03, Aug. 25-29, 2003, Karlsruhe, Germany. ACM 1-58113-735-4/03/0008. http://www.cs.ucsd.edu/˜cestan/papers/p0403-estan.pdf. Last accessed Jul. 4, 2008, 12 pages.
Karagiannis, et al. BLINC: Multilevel Traffic Classification in the Dark. SIGCOMM'05, Aug. 21-26, 2005, Philadelphia, Pennsylvania, USA. ACM 1595930094/05/0008 http://research.microsoft.com/˜thomkar/papers/BLINC.pdf. Last accessed Jul. 4, 2008, 12 pages.
Paxon, et al. Bro: A System for Detecting Network Intruders in Real-Time. Revised Jan. 14, 1998. In: Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, Jan. 1998. http://www.ece.cmu.edu/˜adrian/731-sp04/readings/paxson99-bro.pdf. Last accessed Jul. 4, 2008, 18 pages.
Zhang, et al. Detecting Stepping Stones. In: Proceedings of the 9th USENIX Security Symposium, Denver, Colorado, Aug. 2000. http://www.cs.utah.edu/classes/cs6935/papers/stepping.pdf. Last accessed Jul. 4, 2008, 11 pages.
Yoda, et al. Finding a Connection Chain for Tracing Intruders. http://www.trl.ibm.com/projects/security/chaintrace/ye00.pdf. Last accessed Jul. 4, 2008, 15 pages.
Plonka. FlowScan: A Network Traffic Flow Reporting and Visualization Tool. pp. 305-317 of the Proceedings. http://www.usenix.org/events/lisa00/full—papers/plonka/plonka—html/index.html. Last accessed Jul. 4, 2008, 19 pages.
GAIM/Pidgin. http://www.pidgin.im/. Last accessed Jul. 4, 2008, 1 page.
GrIDS: A Graph-Based Intrusion Detection System for Large Networks, Jan. 26, 1999 http://209.85.175.104/search?q=cache:fDosk3SHaGYJ:seclab.cs.ucdavis.edu/projects/arpa/grids/grids.pdf+Grids:+A+graph-based+intrusion+detection+system+for+large+networks&hl=en&ct=clnk&cd=3&gl=us. Last accessed Jul. 4, 2008, 28 pages.
Staniford-Chen, et al. Holding Intruders Accountable on the Internet. 1081-6011/95 IEEE http://ieeexplore.ieee.org/iel2/3181/9013/00398921.pdf?tp=&arnumber=398921&isnumber=9013. Last accessed Jul. 4, 2008, 11 pages.
Gibson. IDENT ShieldsUp, Port Authority Edition—Internet Vulnerability Profiling http://www.grc.com/port—20113.htm. Last accessed Jul. 4, 2008 1 page.
IPMON. Academic Research Group, Jul. 2, 2008, Proceedings of IEEE ICC 2008. http://ipmon.sprintlabs.com. Last accessed Jul. 4, 2008, 1 page.
Posey. An Overview of Link-Level Multicast Name Resolution. Published: Nov. 29, 2006. http://www.windowsnetworking.com/articles—tutorials/Overview-Link-Local-Multicast-Name-Resolution. Last accessed Jul. 4, 2008, 3 pages.
Oetiker. Multi Router Traffic Grapher. Last Update: Jan 23, 2008. http://people.ee.ethz.ch/oetiker/webtools/mrtg/. Last accessed Jul. 4, 2008, 3 pages.
Mills. Network Time Protocol. RFC 1305, Version 3. Mar. 1992. http://www.faqs.org/rfcs/rfc1305.html. Last accessed Jul. 4, 2008, 108 pages.
Venkataraman, et al. New Streaming Algorithms for Fast Detection of Superspreaders. http://www.cs.berkeley.edu/˜dawnsong/papers/superspreader.pdf. Last accessed Jul. 4, 2008, 18 pages.
Port 1081. http://isc.incidents.org/port.html?port=1081. Last accessed Jul. 4, 2008, 18 pages.
PortPeeker Capture of mySQL Bot Attack. http://www.linklogger.com/mySQLAttack.htm. Last accessed Jul. 4, 2008, 10 pages.
Kannan, et al. Semi-Automated Discovery of Application Session Structure. IMC'06, Oct. 25-27, 2006, Rio de Janeiro, Brazil. ACM 1595935614/06/0010. http://www.imconf.net/imc-2006/papers/p12-kannan.pdf. Last accessed Jul. 4, 2008, 13 pages.
Dingledine, et al. Tor: The second-Generation Onion Router. http://www.torproject.org/tor-design.pdf. Last accessed Jul. 4, 2008, 17 pages.
Bahl, et al. Towards Highly Reliable Enterprise Network Services via Inference of Multi-Level Dependencies. SIGCOMM'07, Aug. 27-31, 2007, Kyoto, Japan. ACM 978-1-59593-713-1/07/0008. http://research.microsoft.com/˜mzh/sherlock.pdf. Last accessed Jul. 4, 2008, 12 pages.
Chandra Ranveer
Kandula Srikanth
Huq Obaidul
Lee & Hayes PLLC
Microsoft Corporation
Yao Kwang B
LandOfFree
Discovering communication rules in a network trace does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Discovering communication rules in a network trace, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Discovering communication rules in a network trace will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4261747