Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-06-07
2011-06-07
Lanier, Benjamin E (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S013000, C726S014000, C726S015000, C726S025000
Reexamination Certificate
active
07958556
ABSTRACT:
A method and apparatus is disclosed for increasing the security of computer networks through the use of an Intrusion and Misuse Deterrence System (IMDS) operating on the network. The IMDS is a system that creates a synthetic network complete with synthetic hosts and routers. It is comprised of a network server with associated application software that appears to be a legitimate portion of a real network to a network intruder. The IMDS consequently invites inquiry and entices the intruder away from the real network. Simulated services are configured to appear to be running on virtual clients with globally unique, class “C” IP addresses. Since there are no legitimate users of the virtual network simulated by the IMDS, all such activity must be inappropriate and can be treated as such. Consequently, the entire set of transactions by an intruder can be collected and identified rather than just those transactions that meet a predefined attack profile. Also, new exploits and attacks are handled just as effectively as known attacks, resulting in better identification of attack methodologies as well as the identification and analysis of new attack types. Since the IMDS only has to be concerned with the traffic going to its simulated hosts it additionally eliminates the bandwidth limitation that plagues a traditional intrusion detection system (IDS).
REFERENCES:
patent: 5432932 (1995-07-01), Chen et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5606668 (1997-02-01), Shwed
patent: 5623601 (1997-04-01), Vu
patent: 5793763 (1998-08-01), Mayes et al.
patent: 5828846 (1998-10-01), Kirby et al.
patent: 5884025 (1999-03-01), Baehr et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6331984 (2001-12-01), Luciani
patent: 6408391 (2002-06-01), Huff et al.
patent: 6625145 (2003-09-01), Winell
patent: 7412722 (2008-08-01), Norris
patent: WO/97/040610 (1997-10-01), None
Amoroso E et al: “A selection criteria for intrusion detection systems” Computer Security Applications Conference, 1998, Proceedings. 14TH Annual Phoenix, AZ, USA Dec. 7-11, 1998, Los Alamitos, CA, USA,IEEE Comput. Soc, US, Dec. 7, 1998, pp. 280-288.
Mukherjee B et al: “Network Intrusion Detection Intrusion Detection is a New, Retrofit Approach for Providing a Sense of Security in Existing Computers and Data Networks, While Allowing Them to Operate in Their Current Open Mode” IEEE Network, IEEE Inc. New York, US, May 1994, pp. 26-41.
Lunt T F: “A Survey of Intrusion Detection Techniques” Computers &Security. International Journal Devoted to the Study of Technical and Financial Aspects of Computer Security, Elsevier Science Publishers. Amsterdam, NL, vol. 12, No. 4, Jun. 1, 1993, pp. 405-418.
NetFacade Data Sheet, Marketing Brochure, Nov. 9, 2000.
Verizon Federal Network Systems Unit Upgrades Web Security Software, Media Contact: Mark Marchand, http:// newscenter.verizon.com/proactive
ewsroom/release.vtml?id=56669, Jun. 19, 2001 (3 pages).
Gula Ronald J.
Roesch Martin F.
Lanier Benjamin E
Level 3 Communications LLC
Raytheon BBN Technologies Corp.
Verizon Corporate Services Group Inc.
LandOfFree
Intrusion and misuse deterrence system employing a virtual... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Intrusion and misuse deterrence system employing a virtual..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Intrusion and misuse deterrence system employing a virtual... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2625705