Method and apparatus for generating network attack signature

Information security – Monitoring or scanning of software or data including attack...

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Method and apparatus for generating network attack signature Method and apparatus for generating network attack signature

: 2007-11-29
: 2011-11-22
: Pyzocha, Michael (Department: 2437)
: Information security
: Monitoring or scanning of software or data including attack...

: C713S168000, C713S188000, C709S224000
: Reexamination Certificate
: active
: 08065729
: ABSTRACT:
Provided is a method and apparatus for generating a network attack signature capable of generating a signature having a high reliability while minimizing a whitelist used to prevent false positive. An application header and application data are separated from each other to measure byte distributions of the application header and the application data from an input packet. When an attack signature is generated by analyzing the measured byte distributions, a substring of the application data is used to generate the attack signature, and a substring of the application header is used as supporting information on the signature.

REFERENCES:
patent: 5440723 (1995-08-01), Arnold et al.
patent: 7359962 (2008-04-01), Willebeek-LeMair et al.
patent: 7519998 (2009-04-01), Cai et al.
patent: 7587759 (2009-09-01), McArdle et al.
patent: 7624446 (2009-11-01), Wilhelm
patent: 2003/0033435 (2003-02-01), Hanner
patent: 2004/0255162 (2004-12-01), Kim et al.
patent: 2005/0229254 (2005-10-01), Singh et al.
patent: 2005/0281291 (2005-12-01), Stolfo et al.
patent: 2006/0156404 (2006-07-01), Day
patent: 2006/0161986 (2006-07-01), Singh et al.
patent: 2007/0297333 (2007-12-01), Zuk et al.
patent: 2008/0120721 (2008-05-01), Moon et al.
patent: 2005045649 (2005-02-01), None
patent: 1020040099864 (2004-12-01), None
patent: 2006-0034581 (2006-04-01), None
patent: 1020060079712 (2006-07-01), None
patent: 100620313 (2006-08-01), None
patent: 2006-0099050 (2006-09-01), None
patent: 1020060112622 (2006-11-01), None
patent: WO 2004/107707 (2004-12-01), None
James Newsome et al., “Polygraph: Automatically Generating Signatures for Polymorphic Worms”, Security and Privacy, 2005 IEEE Symposium, p. 226-241, May 2005.

Affiliated with

Moon Hwa Shin

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Oh Jin Tae

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Shin Young Chan

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Yi Sung Won

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Electronics and Telecommunications Research Institute

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

Pyzocha Michael

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Method and apparatus for generating network attack signature does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for generating network attack signature, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for generating network attack signature will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-4284923

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure