Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-01-04
2005-01-04
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C709S223000, C709S224000, C709S226000, C709S229000
Reexamination Certificate
active
06839850
ABSTRACT:
Disclosed is a Security Indications and Warning (SI&W) Engine usable in conjunction with an audit agent. The audit agent forwards normalized audits to the SI&W Engine. The SI&W Engine groups the normalized audits into related groupings. Gauges are used to count the number of occurrences of audited events. A statistical engine provides statistical representations of the number of events per user, per session and per node. A predetermined number of criteria are defined a particular gauge or gauge pair. There may be many criteria for a particular network. When a predetermined number of criteria within a criteria set are triggered, an indicator is triggered. More complex indicators can use combinations of lower level indicators to provide further indications of potential security threads. Thus, a hierarchical system of gauges, criteria and indicators is used to measure boundary violations and breaches of different barriers. Advantageously, because there are no predefined scenarios or profiles that must be performed by a potential misuser or intruder, the SI&W Engine of the present invention is capable of indicating that a potential security threat exists in near-real time.
REFERENCES:
patent: 5032979 (1991-07-01), Hecht et al.
patent: 5557742 (1996-09-01), Orchier et al.
patent: 6070244 (2000-05-01), Orchier et al.
Smaha et al., 1994, Computer Security Journal, v. 10, p. 39-49.*
Garson, Apr. 1991, AI Exper, v6, n4, p. 46.*
Yngstrom et al., May 1997, Chapman and Hall, p. 1-13.*
Tsudik, 1990, Computer Security Journal, v. 6, no. 1.*
Phillips, Mar. 9, 1998, PC Week, v15, n10, p. 97, 110.*
Yau, Nov. 1994, Journal of Systems Management, v. 44, n11, p. 26.*
Teng, 1990, IEEE, p. 24-29.*
Kumar, Oct. 1995, Information Security Conference, vol. 1.*
Cloud, Jan. 1990, Journal of Systems Management, v. 41, n1, p. 13.*
Christoph, 1995, Computing Information and Communications Division, p. 1-26.*
D. Denning, “An Intrusion-Detection Model”, IEEE Transxtions on Software, vol. SE-13, No. 2 (Feb. 1987), pp. 222-232.
S. Snap, et al., “DIDS (Distributed Intrusion Detection System)—Motivation, Architecture, and An Early Prototype”, Proc. 14th Nat'l Computer Security Conf., Washington, D.C. (Oct. 1991), pp. 167-176.
Campbell Wayne A.
Walker Jeffrey H.
Jackson Jenise
Lowe Hauptman & Gilman & Berner LLP
PRC Inc.
Sheikh Ayaz
LandOfFree
Method and system for detecting intrusion into and misuse of... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for detecting intrusion into and misuse of..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for detecting intrusion into and misuse of... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3397926