Data processing: software development – installation – and managem – Software program development tool – Testing or debugging
Reexamination Certificate
2011-03-01
2011-03-01
Yigdall, Michael J (Department: 2192)
Data processing: software development, installation, and managem
Software program development tool
Testing or debugging
C726S023000, C726S025000, C726S027000
Reexamination Certificate
active
07900194
ABSTRACT:
Kernel-based intrusion detection using Bloom filters is disclosed. In one of many possible embodiments for detecting an intrusion attack, a Bloom filter is provided and used to generate a Bloom filter data object. The Bloom filter data object contains data representative of expected system-call behavior associated with a computer program. The Bloom filter data object is embedded in an operating system (“OS”) kernel upon an invocation of the computer program. Actual system-call behavior is compared with the data in the Bloom filter data object.
REFERENCES:
patent: 7162741 (2007-01-01), Eskin et al.
patent: 7222366 (2007-05-01), Bruton et al.
patent: 2002/0138755 (2002-09-01), Ko
patent: 2004/0243828 (2004-12-01), Aguilera et al.
patent: 2004/0255032 (2004-12-01), Danieli
patent: 2005/0229254 (2005-10-01), Singh et al.
Michael Mitzenmacher “Bloom Filters: A History and Modern Applications”, pp. 1-45 [online] [retrieved on Dec. 30, 2008]. Retrieved from http://www.eecs.harvard.edu/˜michaelm/TALKS/NewZealandBF.ppt.
Bodden Evral
Raytheon BBN Technologies Corp.
Verizon Corporate Services Group Inc.
Yigdall Michael J
LandOfFree
Kernel-based intrusion detection using bloom filters does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Kernel-based intrusion detection using bloom filters, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Kernel-based intrusion detection using bloom filters will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2778912