Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2004-01-14
2009-02-03
Kincaid, Kristine (Department: 2139)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C713S188000, C382S181000, C382S209000, C710S001000
Reexamination Certificate
active
07487542
ABSTRACT:
An intrusion detection system (IDS) comprises a network processor (NP) coupled to a memory unit for storing programs and data. The NP is also coupled to one or more parallel pattern detection engines (PPDE) which provide high speed parallel detection of patterns in an input data stream. Each PPDE comprises many processing units (PUs) each designed to store intrusion signatures as a sequence of data with selected operation codes. The PUs have configuration registers for selecting modes of pattern recognition. Each PU compares a byte at each clock cycle. If a sequence of bytes from the input pattern match a stored pattern, the identification of the PU detecting the pattern is outputted with any applicable comparison data. By storing intrusion signatures in many parallel PUs, the IDS can process network data at the NP processing speed. PUs may be cascaded to increase intrusion coverage or to detect long intrusion signatures.
REFERENCES:
patent: 4112258 (1978-09-01), Alles
patent: 4541115 (1985-09-01), Werth
patent: 4991087 (1991-02-01), Burkowski et al.
patent: 5392366 (1995-02-01), Nakamura
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5657396 (1997-08-01), Rudolph et al.
patent: 5831997 (1998-11-01), Kodashiro
patent: 5978946 (1999-11-01), Needham
patent: 6064339 (2000-05-01), Wax et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6578147 (2003-06-01), Shanklin et al.
patent: 6785821 (2004-08-01), Teal
patent: 6907436 (2005-06-01), Ye et al.
patent: 7203382 (2007-04-01), Mattausch et al.
patent: 2002/0029266 (2002-03-01), Tse et al.
patent: 2003/0115485 (2003-06-01), Milliken
patent: 2003/0133621 (2003-07-01), Fujii et al.
patent: 2003/0229636 (2003-12-01), Mattausch et al.
patent: 2004/0015728 (2004-01-01), Cole et al.
patent: 2004/0093513 (2004-05-01), Cantrell et al.
patent: 2004/0139313 (2004-07-01), Buer et al.
patent: 2004/0143734 (2004-07-01), Buer et al.
patent: 2004/0199790 (2004-10-01), Lingafelt et al.
patent: 2004/0215593 (2004-10-01), Sharangpani et al.
patent: 2005/0076236 (2005-04-01), Stephenson
patent: 2005/0125551 (2005-06-01), Oh et al.
Kreibich, Christian. Honey-Creating Intrusion Detection Signatures Using Honeypots. Oct. 31, 2003. http://www.sigcomm.org/HotNets-II/papers/honeycomb.pdf.
Sommer, Robin. Enhancing Byte-Level Network Intrusion Detection Signatures with Context. Aug. 18, 2003. http://www.icir.org/vern/papers/sig-ccs03.pdf.
“High Performance REGXP-PCISDK Regular Expression Coprocessor Developer's Kit,” Silicon Solutions for Content-Based Networks, 1 page.
“Raqia and Vitesse Networking Processor Solution,” Silicon Solutions for Content-Based Networks, 1 page.
“Web Switching, IDS Application Briefs,” Silicon Solutions for Content-Based Networks, 1 page.
“ReGXP2G Data Parsing Accelerator,” Silicon Solutions for Content-Based Networks, 1 page.
Boulanger Marc A.
Jeffries Clark D.
Kinard C. Marcel
Kravec Kerry A.
Sabhikhi Ravinder K.
Cockburn Joscelyn G.
International Business Machines - Corporation
Kincaid Kristine
Schmidt Kari L
Winstead P.C.
LandOfFree
Intrusion detection using a network processor and a parallel... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Intrusion detection using a network processor and a parallel..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Intrusion detection using a network processor and a parallel... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4107884