Integrated network intrusion detection

Information security – Prevention of unauthorized use of data including prevention...

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Integrated network intrusion detection Integrated network intrusion detection

: 2007-02-06
: 2007-02-06
: Zand, Kambiz (Department: 2132)
: Information security
: Prevention of unauthorized use of data including prevention...

: C726S022000, C713S152000, C713S188000
: Reexamination Certificate
: active
: 10066140
: ABSTRACT:
Intrusion preludes may be detected (including detection using fabricated responses to blocked network requests), and particular sources of network communications may be singled out for greater scrutiny, by performing intrusion analysis on packets blocked by a firewall. An integrated intrusion detection system uses an end-node firewall that is dynamically controlled using invoked-application information and a network policy. The system may use various alert levels to trigger heightened monitoring states, alerts sent to a security operation center, and/or logging of network activity for later forensic analysis. The system may monitor network traffic to block traffic that violates the network policy, monitor blocked traffic to detect an intrusion prelude, and monitor traffic from a potential intruder when an intrusion prelude is detected. The system also may track behavior of applications using the network policy to identify abnormal application behavior, and monitor traffic from an abnormally behaving application to identify an intrusion.

REFERENCES:
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5802275 (1998-09-01), Blonder
patent: 5919257 (1999-07-01), Trostle
patent: 5948104 (1999-09-01), Gluck et al.
patent: 5970143 (1999-10-01), Schneier et al.
patent: 5978936 (1999-11-01), Chandra et al.
patent: 5983348 (1999-11-01), Ji
patent: 6219706 (2001-04-01), Fan et al.
patent: 6266811 (2001-07-01), Nabahi
patent: 6272641 (2001-08-01), Ji
patent: 6279113 (2001-08-01), Vaidya
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6370584 (2002-04-01), Bestavros et al.
patent: 6463470 (2002-10-01), Mohaban et al.
patent: 6466984 (2002-10-01), Naveh et al.
patent: 6496483 (2002-12-01), Kung et al.
patent: 6501752 (2002-12-01), Kung et al.
patent: 6553377 (2003-04-01), Eschelbeck et al.
patent: 6694436 (2004-02-01), Audebert
patent: 6742015 (2004-05-01), Bowman-Amuah
patent: 6751659 (2004-06-01), Fenger et al.
patent: 6816903 (2004-11-01), Rakoshitz et al.
patent: 6816973 (2004-11-01), Gleichauf et al.
patent: 6842861 (2005-01-01), Cox et al.
patent: 6851057 (2005-02-01), Nachenberg
patent: 6892303 (2005-05-01), Le Pennec et al.
patent: 6996843 (2006-02-01), Moran
patent: 6996845 (2006-02-01), Hurst et al.
patent: 2001/0052012 (2001-12-01), Rinne et al.
patent: 2002/0010771 (2002-01-01), Mandato
patent: 2002/0120853 (2002-08-01), Tyree
patent: 2002/0129278 (2002-09-01), Elgressy et al.
patent: 2002/0143911 (2002-10-01), Vicente et al.
patent: 2002/0143914 (2002-10-01), Cihula
patent: 2002/0194317 (2002-12-01), Kanada et al.
patent: 2003/0126468 (2003-07-01), Markham
patent: 2003/0149887 (2003-08-01), Yadav
patent: 2003/0204596 (2003-10-01), Yadav
patent: 00/34867 (2000-06-01), None
patent: 01/17161 (2001-03-01), None
patent: 01/37511 (2001-05-01), None
patent: 01/84270 (2001-11-01), None
Stallings, William. “Intruders.” Cryptography and Network Security-Principles and Practices. Upper Saddle River, NJ:Prentice Hall, 2003.580-581.
Sean Boran, “Personal Firewalls Tests” Sygate, Internet Publication , ‘Online!, Apr. 23, 2001, XP-002248365; http://www.boran.com/security/sp/pf/p.
Sygate: “Sygate Personal Firewall Pro User Guide”, Sygate User Manual, ‘Online! 2001, XP002248366; http.//smb/sygate.com/support/userguides/pspf/pspf42—userguide.pdf, pp. 1-77.
Nokia, “Combining Network Intrusion Detection with Firewalls for Maximum Perimeter Protection”, Nokia White Paper, ‘Online!, Apr. 2001, XP002248367; http://www.nwfusionpartners.com
okia/preffered/media/Nokia%20WP%20IDS%20and%20Firewall.pdf.
Jerry T. Oney, “Intrusion Detection Systems, IDS”, Lecture Materials, ‘Online!, Aug. 10, 2001, XP002248368; http://www.nvcc.edu/home/joney/Intrusion%20Detection.ppt, pp. 34-62.
Secure Hash Standard (available at http://csrc.nist.gov/encryption/tkhash.html); Federal Information Processing Standards Publication 108-1; Apr. 17, 1995.
Windows 2000 Network Architecture, NDIS Driver Types; http://www.microsoftcom/windows2000/techinfo/reskit/en-us/cnet/cnad—arc—zjmj.asp?fra; Jan. 8, 2002.
Windows 2000 Network Architecture, Overview of Windows 2000 Network Architecture; http://www.microsoftcom/windows2000/techinfo/reskit/en-us/cnet/cnad—arc—jypf.asp?fra; Jan. 8, 2002.
http://www.ietf.org/rfc.html; Network Working Group; RFC #2828; May 2000.
http://www.ietf.org/rfc.html; Network Working Group; RFC #2979; Oct. 2000.
A. Ghanwani et al, “A Framework for Integrated Services Over Shared and Switched IEEE 802 LAN Technologies,” Network Working Group, Request for Comments: 2816, May 2000.
G. Huston, “Next Steps for the IP Qos Architecture,” Network Working Group, Request for Comments: 2990, Nov. 2000.
K, Nichols et al, “A Two-Bit Differentiated Services Architecture for the Internet,” Network Working Group, Request for Comments: 2638, Jul. 1999.
K. Nichols et al, “Definition of the Differentiated Services Field (DS Field) in the Ipv4 and Ipv6 Headers,” Network Working Group, Request for Comments: 2474, Dec. 1998.
M. Seaman et al, “Integrated Service Mappings on IEEE 802 Networks,” Network Working Group, Request for Comments: 2815, May 2000.
R. Yavatkar et al, “A Framework for Policy-Based Admission Control,” Network Working Group, Request for Comments: 2753, Jan. 2000.
R. Yavatkar et al, “SBM (Subnet Bandwidth Manager): A Protocol for RSVP-based Admission Control over IEEE 802-style Networks,” Network Working Group, Request for Comments: 2814, May 2000.
S. Blake et al, “An Architecture for Differentiated Services,” Network Working Group, Request for Comments: 2475, Dec. 1998.
S. Herzog, “Signaled Preemption Priority Policy Element,” Network Working Group, Request for Comments: 2751, Jan. 2000.
Smith, James E., “A Study of Branch Prediction Strategies”, IEEE, pp. 135-148 (1981).
Y. Bernet, “A Framework for Integrated Services Operation over Diffserv Networks,” Network Working Group, Request for Comments: 2998, Nov. 2000.

Affiliated with

Yadav Satyendra

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Fish & Richardson P.C.

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

Intel Corporation

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

Perungavoor Venkat

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Zand Kambiz

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Integrated network intrusion detection does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Integrated network intrusion detection, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Integrated network intrusion detection will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-3820356

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure