Distributed threat management

Information security – Monitoring or scanning of software or data including attack... – Intrusion detection

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S002000, C726S003000, C726S004000, C726S005000, C726S006000, C726S007000, C726S008000, C726S025000, C726S026000, C726S027000, C713S187000, C713S188000, C709S223000, C709S224000, C709S225000

Reexamination Certificate

active

10185008

ABSTRACT:
A method and system are provided for managing a security threat in a distributed system. A distributed element of the system detects and reports suspicious activity to a threat management agent. The threat management agent determines whether an attack is taking place and deploys a countermeasure to the attack when the attack is determined to be taking place. Another method and system are also provided for managing a security threat in a distributed system. A threat management agent reviews reported suspicious activity including suspicious activity reported from at least one distributed element of the system, determines, based on the reports, whether a pattern characteristic of an attack occurred, and predicts when a next attack is likely to occur. Deployment of a countermeasure to the predicted next attack is directed in a time window based on when the next attack is predicted to occur.

REFERENCES:
patent: 6324656 (2001-11-01), Gleichauf et al.
patent: 6408391 (2002-06-01), Huff et al.
patent: 2002/0073338 (2002-06-01), Burrows et al.
patent: 2002/0119427 (2002-08-01), Brown et al.
patent: 2003/0163706 (2003-08-01), Cocchi et al.
Box, Don. “A Brief History of SOAP” (Apr. 4, 2001) xml.com : http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html.
Barrus et al.; “A Distributed Autonomous-Agent Network-Intrusion Detection and Response System”. (Jun. 1998) NEC Research Index, Proceedings of the 1998 Command and Control Research and Technology Symposium.
P.A. Porras, P.G. Neumann. “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Distrubances” (1997) Proc. 20th NIST-NCSC National Information Systems Security Conference.
E.A. Fisch “Intrusion Damage Control and Assessment: A Taxonomy and Implementation fo Automated Responses to Intrusive Behavior” (May 1996) PhD Thesis, Texas A&M University. Chapters I-III.
The Honeynet Project “Know Your Enemy: Statistics” (Jul. 22, 2001). Avaliable online at http://www.chguy.net
ews/jul01/attack-stats.html.
J. Yuill, S.F. Wu, F. Gong, M. Huang. “Intrusion Detection for an On-Going Attack” (1999) Recent Advances in Intrusion Detection.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Distributed threat management does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Distributed threat management, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Distributed threat management will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3941564

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.