Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2006-07-11
2006-07-11
Song, Hosuk (Department: 2135)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S024000, C726S025000, C713S164000, C713S166000, C714S025000, C714S043000, C714S048000
Reexamination Certificate
active
07076803
ABSTRACT:
Improvements in intrusion detection are disclosed by providing integrated intrusion detection services. Preferably, these services are integrated into a system or server that is the potential target of attack. Stack-based security processing is leveraged for access to cleartext data within the layers of the protocol stack. Layer-specific attacks may therefore be processed efficiently. Evaluation of incoming traffic for an intrusion is preferably performed only after an error condition of some type has been detected. This approach reduces the overhead of intrusion detection by reducing the number of packets to be inspected, and at the same time allows more efficient packet inspection through use of context-specific information that may be used to direct the inspection to particular candidate attacks. Generic attack class capability is also disclosed. Intrusion detection policy information may be used to direct the actions to be taken upon detecting an attack.
REFERENCES:
patent: 5796942 (1998-08-01), Esbensen
patent: 5884025 (1999-03-01), Baehr et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6742124 (2004-05-01), Kilpatrick et al.
patent: 6851061 (2005-02-01), Holland et al.
patent: 2001/0044904 (2001-11-01), Berg et al.
patent: 2002/0083343 (2002-06-01), Crosbie et al.
patent: 2002/0116605 (2002-08-01), Berg
patent: 2003/0061513 (2003-03-01), Tsafnat et al.
patent: 2003/0084319 (2003-05-01), Tarquini et al.
patent: 2003/0084344 (2003-05-01), Tarquini et al.
“The 7 Layers of the OSI Model”, http://www.webopedia.com/quick—ref/OSI—Layers.asp, last visited: Sep. 9, 2005.
Robbie Williamson, “Networking improvements in the 2.6 kernel”, http://linuxdevices.com/articles/AT7885999771.html, last visited: Sep. 9, 2005.
IBM Systems Journal, vol. 40, No. 3, 2001 Security on z/OS: Comprehensive, Current, and Flexible, by R. Guski, et al, pp. 696-720.
Share Session 3411, Feb. 27, 2001, “Introduction to Using IBM Communications Server for OS/390 TCP/IP Network Security Features”, by Lin Overby, 37 pages.
Bruton, III David Aro
Jakubik Patricia
LiVecchi Patrick Michael
Overby, Jr. Linwood Hugh
Calogero Stephen A.
Myers Bigel & Sibley & Sajovec
Pich Ponnoreay
Purks David K.
Song Hosuk
LandOfFree
Integrated intrusion detection services does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Integrated intrusion detection services, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Integrated intrusion detection services will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3551635