Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2006-05-09
2006-05-09
Revak, Christopher (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C709S224000
Reexamination Certificate
active
07043756
ABSTRACT:
One embodiment of the present invention provides a system that detects denial-of-service attacks by using an execution profile for a kernel of a server computer system. The system produces a run-time execution profile by gathering statistics related to execution of a protocol stack within the kernel, wherein the protocol stack processes packets received from client computer systems. Next, the system compares the run-time execution profile with a normal execution profile, wherein the normal execution profile is representative of execution when the server is not subject to a denial-of-service attack. If the run-time execution profile deviates from the normal execution profile, the system indicates that a denial-of-service attack is taking place.
REFERENCES:
patent: 6370648 (2002-04-01), Diep
patent: 6487666 (2002-11-01), Shanklin et al.
patent: 6681331 (2004-01-01), Munson et al.
patent: 6708212 (2004-03-01), Porras et al.
patent: 6711615 (2004-03-01), Porras et al.
patent: 6742123 (2004-05-01), Foote
patent: 6792546 (2004-09-01), Shanklin et al.
patent: 6851061 (2005-02-01), Holland et al.
patent: 2006/0031933 (2006-02-01), Costa et al.
Munson et al, “Software Reliability as a Function of User Execution Profiles”, 1999, Proceedings of the 32ndHawaii International Conference on System Sciences, p. 1-12.
Pyo et al, “Run-time Detection of Buffer Overflow Attacks without Explicit Sensor Data Objects”, 2004, IEEE Proceedings of the International Conference on Information Technology: Coding and Computing, p. 1-5.
Hussain et al, “A Framework for Classifying Denial of Service Attacks”, Aug. 2003, SIGCOMM ″03, p. 99-110.
Kargl et al, “Protecting Web Servers from Distributed Denial of Service Attacks”, May 2001, ACM, p. 514-524.
Brutch Paul C.
Ko Cheuk W.
Tsafnat Guy
Hamaty Christopher J.
McAfee, Inc.
Revak Christopher
Zilka-Kotab, PC
LandOfFree
Method and apparatus for detecting denial-of-service attacks... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for detecting denial-of-service attacks..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for detecting denial-of-service attacks... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3595806