Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-03-29
2011-03-29
Chai, Longbit (Department: 2431)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S025000, C726S026000, C726S027000, C726S028000, C726S029000, C713S168000, C713S169000, C713S170000, C713S171000, C713S172000
Reexamination Certificate
active
07917957
ABSTRACT:
Packets of a certain type from a certain source are directed to a system that estimates the set of destinations and the number of new destinations for which that source has sent packets during a time window Ti. Instead of maintaining tables with the complete destination addresses for each source, the destination addresses are hashed and stored in a small bit array. The sets of destinations for a number of successive time windows are OR'ed for building cumulative tables Ci, where Ciincludes all destinations that have been seen between T0and Ti. The new destinations are determined by counting the destinations set in Tibut not in Ci-1. Any change from the typical patterns can be suspected as being a slow scan.
REFERENCES:
patent: 2004/0054925 (2004-03-01), Etheridge
patent: 2006/0294588 (2006-12-01), Lahann et al.
patent: 2009/0044276 (2009-02-01), Abdel-Aziz
Estan, Cristian et, al., Bitmap Algorithms for Counting Active Flows on High Speed Links, Oct. 27-29, 2003, Miami Beach, Florida.
Cliff C. Zou, et al., “The Monitoring and Early Detection of Internet Worms”, pp. 1-14.
Sekar, Vyas et, al., A Multi-Resolution Approach for Worm Detection and Containment, International Conference on Dependable Systems and Networks, 2006.
Estan, Cristian et, al., Bitmap Algorithms for Counting Active Flows on High Speed Links, XP-002523818 Oct. 27-29, 2003, Miami Beach, Florida.
Yang, Xiong et, al., Simulation and Evaluation of a New Algorithm of Worm Detection and Containment, 2006.
Pele, Li et, al., A Survey of Internet Worm Detection and Containment, IEEE Communications Surveys & Tutorials, 2008, vol. 10, No. 1.
Abdel-Aziz Bassem
Chow Stanley Taihai
Rabinovitch Peter
Alcatel Lucent
Chai Longbit
Kramer & Amado PC
LandOfFree
Method and system for counting new destination addresses does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for counting new destination addresses, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for counting new destination addresses will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2686296