Method and apparatus for detecting scans in real-time

Information security – Monitoring or scanning of software or data including attack... – Intrusion detection

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Method and apparatus for detecting scans in real-time Method and apparatus for detecting scans in real-time

: 2011-04-19
: 2011-04-19
: Zand, Kambiz (Department: 2434)
: Information security
: Monitoring or scanning of software or data including attack...
: Intrusion detection

: C726S022000, C726S023000, C726S025000, C713S165000, C713S166000, C713S167000
: Reexamination Certificate
: active
: 07930748
: ABSTRACT:
A method and apparatus for detecting scans are described. In one example, a plurality of flows is allocated into a plurality of bins associated with different source internet protocol (SIP) addresses. A set of bin characteristics for at least one bin of the plurality of bins is generated if the at least one bin reaches a predefined flow capacity. Afterwards, the set of bin characteristics is compared to a scan characteristics list to determine if a potential scan exists.

REFERENCES:
patent: 4914650 (1990-04-01), Sriram
patent: 6658565 (2003-12-01), Gupta et al.
patent: 6738814 (2004-05-01), Cox et al.
patent: 6954775 (2005-10-01), Shanklin et al.
patent: 7234168 (2007-06-01), Gupta et al.
patent: 7385924 (2008-06-01), Riddle
patent: 2002/0124104 (2002-09-01), Rappaport et al.
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2006/0083180 (2006-04-01), Baba et al.
patent: 2007/0065003 (2007-03-01), Kellerman et al.
patent: 0776112 (1996-11-01), None
Schuba et al, “Analysis of a Denial of Service Attack on TCP”, 1997, pp. 1-16.
CERT Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks, Sep. 1996.
Heberlein et al., “Attack Class: Address Spoofing”, The 19th National Information Systems Security Conference, 1996.pp. 371-377, http://seclab.cs.ucdavis.edu/papers.html.

Affiliated with

Futamura Kenichi

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

AT&T Intellectual Property II L.P.

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

Tran Tongoc

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Zand Kambiz

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Method and apparatus for detecting scans in real-time does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for detecting scans in real-time, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for detecting scans in real-time will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-2660358

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure