Information security – Access control or authentication – Network
Reexamination Certificate
2006-05-02
2006-05-02
Barron, Jr., Gilberto (Department: 2132)
Information security
Access control or authentication
Network
C726S023000, C726S025000, C709S203000, C709S223000, C709S224000, C709S227000, C709S229000, C705S001100, C705S007380, C705S014270
Reexamination Certificate
active
07039953
ABSTRACT:
A method, computer program product, and apparatus for presenting data about security-related events that puts the data into a concise form is disclosed. Events are abstracted into a set data-type. Sets with common elements are grouped together, and summaries of the groups—“situations” are established from groups whose severity exceeds a threshold value. These groups and situations are then propagated up a hierarchical arrangement of systems and further aggregated so as to provide summary information over a larger group of systems. This hierarchical scheme allows for scalability of the event correlation process across larger networks of systems.
REFERENCES:
patent: 5448722 (1995-09-01), Lynne et al.
patent: 5471194 (1995-11-01), Guscott
patent: 5568471 (1996-10-01), Hershey et al.
patent: 5621889 (1997-04-01), Lermuzeaux et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6353385 (2002-03-01), Molini et al.
patent: 6553378 (2003-04-01), Eschelbeck
patent: 6779031 (2004-08-01), Picher-Dempsey
patent: 2002/0019945 (2002-02-01), Houston et al.
patent: 2002/0138571 (2002-09-01), Trinon et al.
patent: 0985995 (2000-03-01), None
patent: 11212831 (1999-08-01), None
patent: WO 94/0739 (1994-03-01), None
IBM Technical Disclosure Bulletin, “Dynamic Intrusion Detection for Secure Access Enclosure”, vol. 36, No. 06B, Jun. 1993, pp. 233-235.
Hass, KJ et al., “On a Microcomputer Implementation of an Intrusion-Detection, Algorithm”, IEEE Transactions on Acoustics, Speech and Signal Processing, vol. ASSP-27, No. 6, pt. 2, pp. 782-789, Dec. 1979, abstract.
Ming Yuh Huang et al., “A Large Scale Distributed Intrusion Detection Framework Based on Attack Strategy Analysis”,Computer Networks,vol. 31, No. 23-24, pp. 2465-2475, Dec. 14, 1999, Abstract.
Kato, N et al., “A Real-Time Intrusion Detection System (IDS) for Large-Scale Networks and its Evaluations”, IEICE Transactions on Communications, vol. E82-B, No. 11, pp. 1817-1825, Nov. 1999, Abstract.
Sekar, R et al., “On Preventing Intrustions by Process Behaviour Monitoring”, Proceedings of the Workshop on Intrusion Detection and Network Monitoring (ID'99), pp. 29-40, Published: Berkeley, CA, USA, 1999, 140 pp., Abstract.
Girardin, L., “An Eye on Network Intruder-Administrator Shootouts”, Proceedings of the Workshop on Intrusion Detection and Network Monitoring (ID'99), pp. 19-28, Published: Berkeley, CA, USA, 1999, 140 pp., Abstract.
Vigna, G et al., “NetSTAT: A Network-Based Intrusion Detection System”,Journal of Computer Security,vol. 7, No. 1, pp. 37-71, 1999, Abstract.
Vigna, G et al., “NetSTAT: A Network-Based Intrusion Detection Approach”, Proceedings 14th Annual Computer Security Applications Conference (Cat. No. 98EX217), pp. 25-34, Published: Los Alamitos, CA, USA, 1998, xiii+365 pp., Abstract.
White, GB et al., “A Peer-Based Hardware Protocol for Intrusion Detection Systems”, MILCOM 96. Conference Proceedings (Cat. No. 96CH36008), Pt. vol. 2, pp. 468-472 Published: New York, NY, USA, 1996, 3 vol. xxiv+1083 pp., Abstract.
Winkler, JR et al., “Intrusion and Anomaly Detection in Trusted Systems”, Fifth Annual Computer Security Applications Conference (Cat. No. 89TH0287-3), pp. 39-45, Published: Los Alamitos, CA, USA, 1990, xv+357 pp., Abstract.
Black Steven
Debar Herve
Garrison John Michael
Wespi Andreas
Barron Jr. Gilberto
Formby Betty
LaBaw Jeffrey S.
Nobahar Abdulhakim
Yee Duke W.
LandOfFree
Hierarchical correlation of intrusion detection events does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Hierarchical correlation of intrusion detection events, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Hierarchical correlation of intrusion detection events will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3550646