Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2008-04-15
2010-11-30
Moorthy, Aravind K (Department: 2431)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S011000, C726S013000, C726S022000, C726S025000, C713S151000, C713S168000, C709S224000
Reexamination Certificate
active
07845007
ABSTRACT:
An intrusion detection system detects intrusion events in a computer network and assesses the vulnerability of the network components to the detected events. The intrusion detection system includes a scanner, one or more sensors and a security console for operation within a networked computing environment. A sensor of the intrusion detection system monitors the networked computing environment for possible intrusion events representing an unauthorized access or use of the network resources. In response to detecting an intrusion event, the sensor generates a scan request for handling by a scanner. This request initiates a scan of the target computer by the scanner to determine the vulnerability of the target to the attack. Based on this vulnerability analysis, the intrusion detection system evaluates the severity of the detected intrusion event and issues an alert having a priority corresponding to the severity of the intrusion.
REFERENCES:
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6226372 (2001-05-01), Beebe et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6353385 (2002-03-01), Molini et al.
patent: 6408391 (2002-06-01), Huff et al.
patent: 6499107 (2002-12-01), Gleichauf et al.
patent: 6574737 (2003-06-01), Kingsford et al.
patent: 6578147 (2003-06-01), Shanklin et al.
patent: 6681331 (2004-01-01), Munson et al.
patent: 6711127 (2004-03-01), Gorman et al.
patent: 6725377 (2004-04-01), Kouznetsov
patent: 6886102 (2005-04-01), Shanklin et al.
patent: 6954775 (2005-10-01), Shanklin et al.
patent: 6990591 (2006-01-01), Pearson
patent: 7096502 (2006-08-01), Fox et al.
patent: 2005/0252570 (2005-11-01), Heasman et al.
patent: 2006/0272019 (2006-11-01), Addepalli
patent: 2007/0113283 (2007-05-01), Hrabik et al.
patent: 2007/0150574 (2007-06-01), Mallal et al.
patent: 2007/0180526 (2007-08-01), Copeland, III
patent: 2007/0234425 (2007-10-01), Kim et al.
patent: 2007/0294768 (2007-12-01), Maskovitch et al.
patent: 2008/0168560 (2008-07-01), Durie et al.
patent: 2008/0306715 (2008-12-01), Tsai et al.
patent: 2009/0106842 (2009-04-01), Durie
patent: 2009/0138970 (2009-05-01), Tombini et al.
patent: 2009/0178139 (2009-07-01), Stute et al.
patent: 2010/0164721 (2010-07-01), Pantus
patent: WO 00/25527 (2000-05-01), None
patent: WO 00/34867 (2000-06-01), None
patent: WO 00/54458 (2000-09-01), None
patent: WO 2005114354 (2005-12-01), None
Internet Security Systems, SAFEsuite Enterprise, SAFEsuite Decisions, 1998. (Pertinent pp. 47-51, ch. 4, sect. C).
Crosbie et al., Active Defense of a Computer System Using Autonomous Agents, Technical Report No. 95-008, Feb. 15, 1995, Purdue University, West Lafayette, Indiana, pp. 1-14. (Pertinent pp. 8-11, sects. 6-7).
Denning, An Intrusion-Detection Model, Feb. 1987, IEEE Transactions on Software Engineering, vol. SE-13, No. 2, pp. 1-17. (Pertinent pp. 1-2, sects. I-II).
Porras et al., Penetration State Transition Analysis A Rule-Based Intrusion Detection Approach, 1992, pp. 220-229. (Pertinent pp. 221-226, sects. 2-4).
Lindqvist et al., eXpert-BSM: A Host-based Intrusion Detection Solution for Sun Solaris, SRI International, Menlo Park, California, Dec. 10-14, 2001, Proceedings of the 17thAnnual Computer Security Applications Conference, pp. 1-12. (Pertinent pp. 7-9, sects. 4.3-4.4).
Debar et al., Research Report: A Revised Taxonomy for Intrusion-Detection Systems, Oct. 25, 1999, IBM Research, Switzerland, pp. 1-23. (Pertinent pp. 4-8, sects. 4-5).
NetworkICE Corporation, ICEcap Administrator's Guide, Version 1.0 BETA, 1999, pp. 1-142. (Pertinent pp. 15-24, sect. 3).
Cisco Systems, Inc., NetRanger User's Guide Version 2.1.1, 1998. (Pertinent pp. 1-19, ch. 1).
Porras et al., A Mission-Impact Based Approach to INFOSEC Alarm Correlation, SRI International, Menlo Park, California, Oct. 2002, pp. 1-33. (Pertinent pp. 2-15, sects. 2-4).
Bace, An Introduction to Intrusion Detection and Assessment for System and Network Security Management, 1999, pp. 1-38. (Pertinent pp. 11-16).
Hunteman, Automated Information System—(AIS) Alarm System, University of California, Los Alamos National Laboratory, 20thNational Information System Security Conference, Oct. 1997, pp. 1-12. (Pertinent pp. 4-10, sects. 3-6).
Luckham et al., Complex Event Processing in Distributed Systems, Aug. 18, 1988, Stanford University, pp. 1-26. (Pertinent pp. 4-8, sect. 2).
Cuppens, Cooperative Intrusion Detection, pp. 1-10. (Pertinent pp. 2-9, sects. 2-7).
Mukherjee et al., Network Intrusion Detection, IEEE Network, May /Jun. 1994, pp. 26-41. (Pertinent pp. 33-39).
Kumar et al., An Application of Pattern Matching in Intrusion Detection, Technical Report No. CSD-TR-94-013, Jun. 17, 1994, Purdue University, pp. 1-55. (Pertinent pp. 15-26, sect. 4).
Jou et al., Architecture Design of a Scalable Intrusion Detection System for the Emerging Network Infrastructure, Technical Report CDRL A005, Apr. 1997, MCNC, pp. 1-42. (Pertinent pp. 24-28, sect 4.1.3.2).
“Real Secure™, Network Sensor User Guide,” Version 5.0, © 2000 by Internet Security Systems, Inc., pp. 1-42. (Pertinent pp. 5-31, chs. 2-3).
Anita D'Amico, Ph.D., “Assessment of Open e-Security Platform™: Vendor-Independent Central Management of Computer Security Resources,” Applied Visions, Inc., 1999. (Pertinent pp. 6-10).
Herringshaw, C., Detecting Attacks on Networks, 1997, IEEE, pp. 16-17.
Janakiraman et al., Indra: A peer-to-peer approach to network intrusion detection and prevention, 2003, IEEE, pp. 226-231.
Deswarte et al., Internet Security: An Intrusion-Tolerance Approach, 2006, IEEE, pp. 432-441.
International Business Machines - Corporation
King & Spalding LLP
Moorthy Aravind K
LandOfFree
Method and system for intrusion detection in a computer network does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for intrusion detection in a computer network, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for intrusion detection in a computer network will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4229185