Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2008-03-18
2008-03-18
LaForgia, Christian (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C713S188000, C718S100000
Reexamination Certificate
active
07346929
ABSTRACT:
In an apparatus for auditing security of a computer system, at least one secure application server is in communication with a global computer network. The secure application server is programmed to receive selectively security audit instruction data from a remote computer system via the global computer network. A plurality of scanning machines each are in communication with the global computer network and are programmed to execute selectively a security audit scan of the remote computer system via the global computer network. A central computer, having a memory, is configured as a database server and as a scheduler. The central computer is in communication with the secure application server and the scanning machine. The central computer is programmed to perform the following operations: evaluate a database to determine if a security audit scan is currently scheduled to be run for a user; determine which of the plurality of scanning machines is available to perform a security audit scan; copy scan-related information into a scanning machine determined to be available and instruct the scanning machine to begin scan; and record the results of the scan in the memory.
REFERENCES:
patent: 5032979 (1991-07-01), Hecht et al.
patent: 5812763 (1998-09-01), Teng
patent: 5892903 (1999-04-01), Klaus
patent: 5931946 (1999-08-01), Terada et al.
patent: 5961644 (1999-10-01), Kurtzberg et al.
patent: 6185689 (2001-02-01), Todd, et al.
patent: 6205552 (2001-03-01), Fudge
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6324656 (2001-11-01), Gleichauf et al.
patent: 6347374 (2002-02-01), Drake et al.
patent: 6484203 (2002-11-01), Porras et al.
patent: 6517587 (2003-02-01), Satyavolu et al.
patent: 6530024 (2003-03-01), Proctor
patent: 6535227 (2003-03-01), Fox et al.
patent: 6546493 (2003-04-01), Magdych et al.
patent: 6574737 (2003-06-01), Kingsford et al.
patent: 6578147 (2003-06-01), Shanklin et al.
patent: 2002/0104014 (2002-08-01), Zobel et al.
patent: WO 1998/041919 (1998-09-01), None
Barrus et al. A Distributed Autonomous-Agent Network Intrusion Detection and Response System. Jun.-Jul. 1998. Proceedings of the 1998 Command and Control Research and Technology Symposium. p. 1-12.
Zamboni et al. An Architecture for Intrusion Detection using Autonomous Agents. 1998. p. 1-12.
Internet Security Systems, SAFEsuite Enterprise, SAFEsuite Decisions, 1998. (Pertinent pp. 15-23, ch. 2, sect B).
Ko et al., Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-Based Approach, 1997, Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 175-187. (Pertinent p. 186, para. 6).
Anderson et al., Next-Generation Intrusion Dectection Expert System (NIDES), A Summary, May 1995, SRI International, pp. 1-37. (Pertinent pages 20-26, sects. 2.5.1-2.5.2).
Denning, An Intrusion-Detection Model, Feb. 1987, IEEE Transactions on Software Engineering, vol. SE-13, No. 2, pp. 1-17. (Pertinent pp. 3-5, sect. 1V).
Lindqvist et al., eXpert-BSM: A Host-based Intrusion Dectection Solution for Sun Solaris, SRI International, Menlo Park, California, Dec. 10-14, 2001, Proceedings of the 17thAnnual Computer Security Applications Conference, pp. 1-12. (Pertinent pp. 7-9, sects. 4.2-4.3).
NetworkICE Corporation, ICEcap Administrator's Guide, Version 1.0 BETA, 1999, pp. 1-142. (Pertinent pp. 79-82).
SRI International, A Prototype IDES: A Real-Time Intrusion-Detection Expert System, Aug. 1987, p. 1-63. (Pertinent pp. 25-41, sects. 7.1.1-7.5.3).
Lunt, Teresa, Automated Audit Trail Analysis and Intrusion Detection: A Survey, Proceedings of the 11thNational Computer Security Conference, Oct. 1988, pp. 1-8. (Pertinent pp. 4-5, sect. 3.2).
Bace, An Introduction to Intrusion Detection and Assessment for System and Network Security Management, Apr. 1999, pp. 1-38. (Pertinent pp. 24-27).
RealSecure, Adaptive Network Security Manager Module Programmer's Reference Manual, 1999, pp. 1-74. (Pertinent pp. 5-6, ch. 2).
Perrochon et al., Enlisting Event Patterns for Cyber Battlefield Awareness, DARPA Information Survivability Conference and Exposition, 2000, DISCEX Proceedings, Jan. 2000 Stanford University, pp. 1-12. (Pertinent pp. 6-10, sects. 3.1-3.2).
Cuppens, Cooperative Intrusion Detection, pp. 1-10. (Pertinent pp. 4-9, sects. 4-7).
Mukherjee et al., Network Intrusion Detection, IEEE Network, May/Jun. 1994, pp. 26-41. (Pertinent p. 30, sect. Intrusion Detection Expert System (IDES)).
Bass, Intrusion Detection System and Multisensor Data Fusion, Apr. 2000, Communications of the ACM, vol. 43, No. 4, pp. 99-105. (Pertinent pp. 101-105, sects. 2-3).
Metcalf et al., Intrusion Detection System Requirements, Sep. 2000, Mitre Corporation, pp. 1-33. (Pertinent pp. 3-11).
RealSecure Release 1.2 for UNIX A User Guide and Reference Manual, 1997, Internet Security Systems, Inc., pp. 1-92. (Pertinent pp. 55-78).
Internet Scanner SAFE SAFEsuite 4.0 User Guide and Reference Manual, 1996, Internet Security Systems, Inc., pp. 1-158. (Pertinent pp. 4-2 to 4-9, ch. 4).
Anderson et al., Detecting Unusual Program Behavior Using the Statistical Components of the Next-Generation Intrusion Detection Expert System (NIDES), May 1995, SRI International, pp. 1-89. (Pertinent pp. 15-23, sects. 3.1-3.4.4).
“Internet Scanner™, User Guide,” Version 6.0, Copyright © 1999 by Internet Security Systems, Inc., pp. 1-182. (Pertinent pp. 9-36, ch. 2).
Mounji et al., Distributed Audit Trail Analysis, Proceedings of the Symposium on Network and Distributed System Security, San Diego, CA, Feb. 16-17, 1995, pp. 102-112. (Pertinent pp. 102-112, sects. 5-7).
Fisch et al., “The Design of an Audit Trail Analysis Tool,” Proceedings of the 10thAnnual Computer Security Applications Conference, Dec. 5-9, 1994, Orlando, Florida, pp. 126-132. (Pertinent pp. 126-127, sects. 1-2).
Varadharajan, Vijay, “Design and Management of a Secure Networked Administration System: A Practical Approach,” 18thNational Information Systems Security Conference, Oct. 22-25, 1995, Baltimore, Maryland, pp. 570-580. (Pertinent pp. 570-571, sect. 2).
International Business Machines - Corporation
King & Spalding LLP
LaForgia Christian
LandOfFree
Method and apparatus for auditing network security does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for auditing network security, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for auditing network security will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2804013