Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-10-18
2005-10-18
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S152000, C709S223000, C709S224000, C370S229000, C370S230000, C370S241000, C370S254000, C370S255000
Reexamination Certificate
active
06957348
ABSTRACT:
A system in accordance with an embodiment of the invention includes a vulnerability detection system (VDS) and an intrusion detection system (IDS). The intrusion detection system leverages off of information gathered about a network, such as vulnerabilities, so that it only examines and alerts the user to potential intrusions that could actually affect the particular network. In addition both the VDS and IDS use rules in performing their respective analyses that are query-based and that are easy to construct. In particular these rules are based on a set of templates, which represent various entities or processes on the network.
REFERENCES:
patent: 5136523 (1992-08-01), Landers
patent: 5278901 (1994-01-01), Shieh et al.
patent: 5388211 (1995-02-01), Hornbuckle
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5699403 (1997-12-01), Ronnen
patent: 5796942 (1998-08-01), Esbensen
patent: 5798706 (1998-08-01), Kraemer et al.
patent: 5802320 (1998-09-01), Baehr et al.
patent: 5892903 (1999-04-01), Klaus
patent: 5919257 (1999-07-01), Trostle
patent: 5923646 (1999-07-01), Mandhyan
patent: 5931946 (1999-08-01), Terada et al.
patent: 5958015 (1999-09-01), Dascalu
patent: 5961644 (1999-10-01), Kurtzberg et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6006328 (1999-12-01), Drake
patent: 6088804 (2000-07-01), Hill et al.
patent: 6101606 (2000-08-01), Diersch et al.
patent: 6185689 (2001-02-01), Todd, Sr. et al.
patent: 6199181 (2001-03-01), Rechef et al.
patent: 6263444 (2001-07-01), Fujita
patent: 6269447 (2001-07-01), Maloney et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6324656 (2001-11-01), Gleichauf et al.
patent: 6330562 (2001-12-01), Boden et al.
patent: 6343362 (2002-01-01), Ptacek et al.
patent: 6347376 (2002-02-01), Attwood et al.
patent: 6359557 (2002-03-01), Bilder
patent: 6363489 (2002-03-01), Comay et al.
patent: 6370648 (2002-04-01), Diep
patent: 6408391 (2002-06-01), Huff et al.
patent: 6415321 (2002-07-01), Gleichauf et al.
patent: 6470384 (2002-10-01), O'Brien et al.
patent: 6473800 (2002-10-01), Jerger et al.
patent: 6477651 (2002-11-01), Teal
patent: 6484315 (2002-11-01), Ziese
patent: 6490626 (2002-12-01), Edwards et al.
patent: 6584569 (2003-06-01), Reshef et al.
patent: 6609205 (2003-08-01), Bernhard et al.
patent: 6708212 (2004-03-01), Porras et al.
patent: 6711127 (2004-03-01), Gorman et al.
patent: 6735169 (2004-05-01), Albert et al.
patent: 6771597 (2004-08-01), Makansi et al.
patent: 6775657 (2004-08-01), Baker
patent: 2002/0133721 (2002-09-01), Adjaoute
patent: WO 01/31420 (2001-05-01), None
patent: WO0184270 (2001-08-01), None
patent: WO0219661 (2002-03-01), None
patent: WO 02/45380 (2002-06-01), None
patent: WO0310617 (2003-12-01), None
Johnson, Johna, Simulated Attack for Real Network Security, Nov. 1995, Data Communications, pp. 31-32.
Anderson, Teresa, Hunting for Holes, Apr. 1996, Security Management, pp. 1-2.
Breyfogle, Stacey, Don't Stop at Your Servers, Jan. 1998, Software Magazine, pp. 1-3.
Microsoft Computer Dictionary, 2002, Microsoft Press, Fifth Edition, pp. 31, 256, 378, 405.
Rebecca Bace, Infidel, Inc. “An Introduction to Intrusion Detection and Assessment”, 1999, 38 pages.
Fyodor, “Remote OS detection via TCP/IP Stack FingerPrinting”, Oct. 18, 1998, 10pages.
Abstract, W. Erhard, et al., “Network Traffic Analysis and Security Monitoring With UniMon”, Proceeding of the IEEE Conference on High Performance Switching and Routing, 2000, ATM 2000, pp 439-46 (Jun. 2000).
Abstract, Dept. of Comput. Sci., California Univ., Davis, CA, USA, “A Methodology For Testing Intrusion Detection Systems,” IEEE Transactions on Software Engineering, vol. 22, Issue 10, pp 719-29 (Oct. 1996).
Abstract, Mounji A. Le Charlier, et al., “Distributed Audit Trail Analysis”, Proceeding of the Symposium on Network and Distributed System Security, 1995, pp 102-12 (Feb. 16-17, 1995).
Abstract, L.T. Heberlein, et al., “A Network Security Monitor”, Proceeding of the 990 IEEE Computer Society Symposium on Research in Security and Privacy, pp 296-04, (May 7-9, 1990).
Abstract, Xinzhou Quin et al., “Integrating Intrusion Detection and Network Management”, Network Operation and Management Symposium, 2002, NAOMS 2002. 2002 IEEE/IFIP, pp 329-44 (Apr. 15-19, 2002).
Abstract, D.G. Schwartz et al., “A Case-Based Approach To Network Intrusion Detection”, Proceeding of the 5th International Conference on Information Fusion, 2002. vol. 2 pp 1084-89 (Jul. 8-11, 2002).
Abstract, “Open Source Security: Opportunity or Oxymoron?” Computer, vol. 35, Issue 3, pp. 18-21 (Mar. 2002).
Abstract, Liu Dihua, et al. “Data Mining For Intrusion Detection”, Proceedings ICII 2001—Beijing 2001 International Conference on Info-Tech and Info-Net, 2001, vol. 5, pp 7-12, (Oct. 29-Nov. 2001).
Abstract, Kai Hwang & M. Gangadharan, “Micro-Firewalls for Dynamic Network Security With Distributed Intrusion Detection”, NCA 2001 IEEE International Symposium on Network Computing and Applications, 2001. pp. 68-79, (Oct. 8-10, 2001).
Abstract, Wenke Lee Stolfo, et al., “Real-Time Data Mining-Based Intrusion Detection”, Proceedings DARPA Information Survivability Conference & Exposition II, 2001, DISCEX '01. vol. 1, pp 89-100 (Jun. 12-14, 2001).
Abstract, J. Burns, et al. Automatic Management Of Network Security Policy, Proceedings DARPA Information Survivability Conference & Exposition II, 2001, DISCEX '01. vol. 2, pp 12-26, (Jun. 12-14, 2001).
Abstract, Heberlein, et al. “A Network Security Monitor”, 1990, Proceedings Research in Security & Privacy 1990 IEEE Computer Society Symposium on, pp 296-304, (May 7-9, 1990).
Ristenbatt, Martin P., Methodology For Network Communication Vulnerability Analysis, IEEE, 1988, pp. 493-499.
Skaggs, B., et al., Network Vulnerability Analysis, IEEE, 2002, pp. 493-495.
Thatcher, Michelle, Keeping Your Technology Secure, Technology & Learning, Apr. 2002, pp. 38, 40, 42 and 44.
Flowers John S.
Stracener Thomas C.
Fenwick & West LLP
Moorthy Aravind
nCircle Network Security, Inc.
Sheikh Ayaz
LandOfFree
Interoperability of vulnerability and intrusion detection... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Interoperability of vulnerability and intrusion detection..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Interoperability of vulnerability and intrusion detection... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3491879