Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-06-28
2011-06-28
Popham, Jeffrey D (Department: 2491)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S025000, C707S999100
Reexamination Certificate
active
07971252
ABSTRACT:
In one aspect, a method to generate an attack graph includes determining if a potential node provides a first precondition equivalent to one of preconditions provided by a group of preexisting nodes on the attack graph. The group of preexisting nodes includes a first state node, a first vulnerability instance node, a first prerequisite node, and a second state node. The method also includes, if the first precondition is equivalent to one of the preconditions provided by the group of preexisting nodes, coupling a current node to a preexisting node providing the precondition equivalent to the first precondition using a first edge and if the first precondition is not equivalent to one of the preconditions provided by the group of preexisting nodes, generating the potential node as a new node on the attack graph and coupling the new node to the current node using a second edge.
REFERENCES:
patent: 207384 (1878-08-01), Beck
patent: 3776365 (1973-12-01), Richards
patent: 4127183 (1978-11-01), McLarty
patent: 4236597 (1980-12-01), Kiss et al.
patent: 4281740 (1981-08-01), Weiss et al.
patent: 4751980 (1988-06-01), DeVane
patent: 5260523 (1993-11-01), Pettersson et al.
patent: 5313616 (1994-05-01), Cline et al.
patent: 5679931 (1997-10-01), Furse et al.
patent: 5850516 (1998-12-01), Schneier
patent: 5859393 (1999-01-01), Cummins, Jr. et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6332511 (2001-12-01), Parlato et al.
patent: 6343672 (2002-02-01), Petela et al.
patent: 6836888 (2004-12-01), Basu et al.
patent: 6952779 (2005-10-01), Cohen et al.
patent: 7013395 (2006-03-01), Swiler et al.
patent: 7194769 (2007-03-01), Lippman
patent: 2002/0123987 (2002-09-01), Cox
patent: 2002/0184504 (2002-12-01), Hughes
patent: 2003/0014669 (2003-01-01), Caceres et al.
patent: 2003/0028803 (2003-02-01), Bunker et al.
patent: 2003/0046128 (2003-03-01), Heinrich
patent: 2003/0110288 (2003-06-01), Ramanujan et al.
patent: 2003/0149777 (2003-08-01), Adler
patent: 2003/0236995 (2003-12-01), Fretwell, Jr.
patent: 2004/0199576 (2004-10-01), Tan
patent: 2005/0138413 (2005-06-01), Lippman
patent: 2005/0149348 (2005-07-01), Baum-Waidner
patent: 2005/0193430 (2005-09-01), Cohen et al.
patent: 2006/0015943 (2006-01-01), Mahieu
patent: 2006/0021046 (2006-01-01), Cook
patent: 2006/0058062 (2006-03-01), Bhagwat et al.
patent: 2006/0085858 (2006-04-01), Noel et al.
patent: 2006/0101516 (2006-05-01), Sudaharan et al.
patent: 2006/0218640 (2006-09-01), Lotem et al.
patent: 2007/0097963 (2007-05-01), Thermos
patent: 2007/0208822 (2007-09-01), Wang et al.
patent: 2009/0271863 (2009-10-01), Govindavajhala et al.
patent: WO 2004/031953 (2004-04-01), None
Tidewell et al., “Modeling Internet Attacks”, Jun. 5-6, 2001, pp. 54-59.
Computer-Attack Graph Generation Tool, Laura P. Swiler et al., Sandia National Laboratories, 2001 IEEE, pp. 307-321.
Scalable, Graph-Based Network Vulnerability Analysis, Paul Ammann et al., ACM Nov. 2002, pp. 217-224.
Steffan, Jab et al. “Collaborative Attack Modeling”, 2002, pp. 1-10.
IT Guru: Intelligent Network Management for Enterprises (website: www.opnet.com/products/itguru/home.html), 2003 OPNET Technologies, Inc.
IT Guru: Intelligent Network Management for Enterprises, OPNET Technologies, Inc. (website: www.opnet.com), as submitted in an IDS on Mar. 29, 2004 in U.S. Appl. No. 10/734,083, now U.S. Patent 7,194,769.
Attack Trees, Dr. Dobb's Journal Dec. 1999—Modeling Security Threats by Bruce Schneier.
Automated Generation and Analysis of Attack Graphs by Oleg Sheyner, Joshua Haines, Somesh Jha, Richard Lippmann and Jeannette M. Wing, Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P'02).
NetSPA: A Network Security Planning Architecture by Michael Lyle Artz, S.B., Computer Science and Engineering, Massachusetts Institute of Technology (2001).
Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration dated Nov. 29, 2004.
Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration dated Feb. 13, 2008.
Notification Concerning Transmittal of International Preliminary Report on Patentability (Chapter 1 of the Patent Cooperation Treaty), PCT/US2007/013598 dated Dec. 24, 2008.
Ingols Kyle W.
Lippmann Richard P.
Piwowarski Keith J.
Daly, Crowley & Mofford & Durkee, LLP
Massachusetts Institute of Technology
Popham Jeffrey D
Reddy Sunita
LandOfFree
Generating a multiple-prerequisite attack graph does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Generating a multiple-prerequisite attack graph, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Generating a multiple-prerequisite attack graph will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2704447