Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-06-21
2005-06-21
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C709S202000, C709S223000, C709S224000
Reexamination Certificate
active
06910135
ABSTRACT:
A method and apparatus is disclosed for improving the security of computer networks by providing a means operating passively on the network for detecting, reporting and responding to intruders. The system is comprised of a plurality of intruder sensor client computers and associated event correlation engines. Resident in the memory of the client computer and operating in the background is a Tactical Internet Device Protection (TIDP) component consisting of a passive intruder detector and a security Management Information Base (MIB). The passive intruder detector component of the TIDP passively monitors operations performed on the client computer and emits a Simple Network Management Protocol (SNMP) trap to an event correlation engine when it identifies a suspected intruder. The event correlation engine, through the use of a behavior model loaded in its memory, determines whether the user's activities are innocent or those of a perspective intruder. When the event correlation engine is unable to classify a user based on a single trap message, it can request historical information from the security MIB, a database of the operating history of the client computer including a chronology of the illegal operations performed on the client. Once the event correlation engine determines that an intruder is located at an associated client workstation, it generates a status message and transmits the message to all of its subscribers, informing them of the presence and location of a suspected intruder.
REFERENCES:
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5561769 (1996-10-01), Kumar et al.
patent: 5621889 (1997-04-01), Lermuzeaux et al.
patent: 5905859 (1999-05-01), Holloway et al.
patent: 6088804 (2000-07-01), Hill et al.
patent: 6125390 (2000-09-01), Touboul
patent: 6249755 (2001-06-01), Yemini et al.
patent: 6347374 (2002-02-01), Drake et al.
patent: 6408391 (2002-06-01), Huff et al.
patent: 6530024 (2003-03-01), Proctor
patent: 6553403 (2003-04-01), Jarriel et al.
Y. Frank You, Fengmin Gong, Chandru Sargor, Architecture Design of a Scalable Intrusion Detection System for the Emerging Network Infrastructure, DARPA E296, Rom Lab, Apr. 1997.
Arani Taghi T.
BBNT Solutions LLC
Finnegan Henderson et al
Genuity Inc.
Sheikh Ayaz
LandOfFree
Method and apparatus for an intruder detection reporting and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for an intruder detection reporting and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for an intruder detection reporting and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3484607