Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2004-01-02
2010-02-02
Dinh, Minh (Department: 2432)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
07657937
ABSTRACT:
A method for customizing the response for network based intrusion prevention comprising of: 1) virtual proxying the application data to enable custom response 2) enhancing transport layer (TCP/IP) to enable selective processing and selective modification of the stream for intrusion prevention. The invention also discloses a method for customizing the processing for both network or host based intrusion prevention comprising of: 1) loading externally defined processing procedures for the detection and prevention of intrusions 2) combining multiple of these processing procedures to form a unified processing engine that can be used for intrusion detection and prevention 3) unloading processing procedures that are not needed any more 4) loading new processing procedures that improve the intrusion detection and prevention.
REFERENCES:
patent: 5278901 (1994-01-01), Shieh et al.
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5623600 (1997-04-01), Ji et al.
patent: 5720033 (1998-02-01), Deo
patent: 5727146 (1998-03-01), Savoldi et al.
patent: 5826013 (1998-10-01), Nachenberg
patent: 5948104 (1999-09-01), Gluck et al.
patent: 5983348 (1999-11-01), Ji
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6035423 (2000-03-01), Hodges et al.
patent: 6272641 (2001-08-01), Ji
patent: 6279113 (2001-08-01), Vaidya
patent: 6321338 (2001-11-01), Porras et al.
patent: 6477651 (2002-11-01), Teal
patent: 7007299 (2006-02-01), Ioele et al.
patent: 7240368 (2007-07-01), Roesch et al.
patent: 2002/0042875 (2002-04-01), Shukla
patent: 2004/0049596 (2004-03-01), Schuehler et al.
Anderson, James P. “Computer Security Threat Monitoring and Surveillance”, Apr. 15, 1980.
Newmann, Peter http://www.csl.sri.com/users
eumann
eumann.html.
Denning et al., “Prototype IDES: A Real-Time Intrusion-Detection Expert System,” SRI Project ECU 7508; SRI International, MenloPark.
Ilgun et al., State Transition Analysis: A Rule-Based Intrusion Detection Approach, IEEE Transactions on Software Engineering, vol. 21, No. 3, Mar. 1995.
Liepins et al., “Anomaly Detection: Purpose and Framework,” US DOE Office of Safeguards and Security.
Shieh et al., A Pattern-Oriented Intrusion-Detection Model and Its Applications .Copyrgt. 1991 IEEE.
Common Vulnerabilities and Exposures (CVE), http://www.cve.mitre.org.
Vulnerability Statistics, http://icat.nist.gov/icat.cfm?function=statistics .
Debar, et al., “Towards a Taxonomy of Intrusion-Detection Systems,” Computers Networks 31 (1999), 805-822.
Lunt, “A Survey of Intrusion Detection Techniques,” Computers & Security, 12 (1993) 405-418.
Koral Ilgun et al. “State Transition Analysis: A Rule-Based Instrusion Detection Approach”, IEEE Trans. Software Eng. vol. 21, No. 3, Mar. 1995, pp. 181-199.
Teresa F. Lunt “A survey of intrusion detection techniques” Computers & Security, 12 (1993) pp. 404-418 (Elsevier Science Publishers Ltd.).
Teresa F. Lunt et al. “A Real-Time Instrusion-Detection Expert System (IDES)”, Final Technical Report, Feb. 28, 1992 (SRI International) pp. 1-156.
Herve Debar et al. “Towards a Taxonomy of Intrusion-Detection Systems” (Elsevier Preprint), Oct. 28, 1998 pp. 1-31.
Shiuh-Pyng Shieh et al. “On a Pattern-Oriented Model for Intrusion Detection” IEEE Trans. Knowledge and Data Eng. vol. 9, No. 4 (1997) pp. 661-667.
Helen J. Wang et al. “Shield: Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits” SIGCOMM '04, Aug./Sep. 2004.
“Computer Security Threat Monitoring and Surveillance” James P. Anderson Co., Feb. 26, 1980, pp. 1-54.
Kenneth J. MacLeod “Patch Management and the Need for Metrics” SANS Institute (c) 2004 pp. 1-20.
Dinh Minh
Madnawat Rajeev
VMware, Inc.
LandOfFree
Method for customizing processing and response for intrusion... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for customizing processing and response for intrusion..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for customizing processing and response for intrusion... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4195893