Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2006-09-18
2011-11-22
Zand, Kambiz (Department: 2434)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
08065733
ABSTRACT:
A system, apparatus, and method are directed to evolving detectors in an Artificial Immune System for use in detecting unauthorized computing activities. In one embodiment, a population of detectors is generated with a matching value and expectation value of zero. The detectors are then compared to logged fragments of system calls within a computing device to modify the matching value. When the matching value for a given detector is equal to or greater than an expectation value, the detector's expectation value may be set to the matching value. The detectors may then evolve and/or generate other detectors using mutation, and/or recombination, or the like. Detectors continue to generate and/or to evolve until a detector's matching value reaches a determined value, in which case, the detector may be evaluated to determine if an unauthorized activity is detected. If an unauthorized activity is detected, a detection response may be performed.
REFERENCES:
patent: 4535355 (1985-08-01), Arn et al.
patent: 4694489 (1987-09-01), Frederiksen
patent: 5067035 (1991-11-01), Kudelski et al.
patent: 5134656 (1992-07-01), Kudelski
patent: 5144663 (1992-09-01), Kudelski et al.
patent: 5319638 (1994-06-01), Lin
patent: 5375168 (1994-12-01), Kudelski
patent: 5539450 (1996-07-01), Kudelski et al.
patent: 5590200 (1996-12-01), Nachman et al.
patent: 5592212 (1997-01-01), Handelman
patent: 5621799 (1997-04-01), Katta et al.
patent: 5640456 (1997-06-01), Adams et al.
patent: 5640546 (1997-06-01), Gopinath et al.
patent: 5666412 (1997-09-01), Handelman et al.
patent: 5684876 (1997-11-01), Pinder et al.
patent: 5758257 (1998-05-01), Herz et al.
patent: 5774527 (1998-06-01), Handelman et al.
patent: 5774546 (1998-06-01), Handelman et al.
patent: 5799089 (1998-08-01), Kuhn et al.
patent: 5805705 (1998-09-01), Gray et al.
patent: 5825879 (1998-10-01), Davis
patent: 5825890 (1998-10-01), Elgamal et al.
patent: 5870474 (1999-02-01), Wasilewski et al.
patent: 5878134 (1999-03-01), Handelman et al.
patent: 5883957 (1999-03-01), Moline et al.
patent: 5892900 (1999-04-01), Ginter et al.
patent: 5910987 (1999-06-01), Ginter et al.
patent: 5915019 (1999-06-01), Ginter et al.
patent: 5917912 (1999-06-01), Ginter et al.
patent: 5920625 (1999-07-01), Davies
patent: 5920861 (1999-07-01), Hall et al.
patent: 5922208 (1999-07-01), Demmers
patent: 5923666 (1999-07-01), Gledhill et al.
patent: 5933498 (1999-08-01), Schneck et al.
patent: 5937159 (1999-08-01), Meyers et al.
patent: 5939975 (1999-08-01), Tsuria et al.
patent: 5943422 (1999-08-01), Van Wie et al.
patent: 5949876 (1999-09-01), Ginter et al.
patent: 5953005 (1999-09-01), Liu
patent: 5982891 (1999-11-01), Ginter et al.
patent: 5991399 (1999-11-01), Graunke et al.
patent: 6009116 (1999-12-01), Bednarek et al.
patent: 6009401 (1999-12-01), Horstmann
patent: 6009525 (1999-12-01), Horstmann
patent: 6021197 (2000-02-01), von Willich et al.
patent: 6035037 (2000-03-01), Chaney
patent: 6038433 (2000-03-01), Vegt
patent: 6049671 (2000-04-01), Slivka et al.
patent: 6052785 (2000-04-01), Lin et al.
patent: 6055503 (2000-04-01), Horstmann
patent: 6061454 (2000-05-01), malik et al.
patent: 6073256 (2000-06-01), Sesma
patent: 6112181 (2000-08-01), Shear et al.
patent: 6119165 (2000-09-01), Li et al.
patent: 6138119 (2000-10-01), Hall et al.
patent: 6151643 (2000-11-01), Cheng et al.
patent: 6157721 (2000-12-01), Shear et al.
patent: 6178242 (2001-01-01), Tsuria
patent: 6185683 (2001-02-01), Ginter et al.
patent: 6189097 (2001-02-01), Tycksen, Jr. et al.
patent: 6191782 (2001-02-01), Mori et al.
patent: 6192354 (2001-02-01), Bigus et al.
patent: 6201948 (2001-03-01), Cook et al.
patent: 6223287 (2001-04-01), Douglas et al.
patent: 6226794 (2001-05-01), Anderson, Jr. et al.
patent: 6237786 (2001-05-01), Ginter et al.
patent: 6240185 (2001-05-01), Van Wie et al.
patent: 6247950 (2001-06-01), Hallam et al.
patent: 6253193 (2001-06-01), Ginter et al.
patent: 6256668 (2001-07-01), Slivka et al.
patent: 6272636 (2001-08-01), Neville et al.
patent: 6285985 (2001-09-01), Horstmann
patent: 6292569 (2001-09-01), Shear et al.
patent: 6298441 (2001-10-01), Handelmann et al.
patent: 6314409 (2001-11-01), Schneck et al.
patent: 6314572 (2001-11-01), LaRocca et al.
patent: 6330588 (2001-12-01), Freeman
patent: 6334213 (2001-12-01), Li
patent: 6363488 (2002-03-01), Ginter et al.
patent: 6367009 (2002-04-01), Davis et al.
patent: 6389402 (2002-05-01), Ginter et al.
patent: 6405369 (2002-06-01), Tsuria
patent: 6409080 (2002-06-01), Kawagishi
patent: 6409089 (2002-06-01), Eskicioglu
patent: 6415031 (2002-07-01), Colligan et al.
patent: 6427140 (2002-07-01), Ginter et al.
patent: 6449367 (2002-09-01), Van Wie et al.
patent: 6449719 (2002-09-01), Baker
patent: 6459427 (2002-10-01), Mao et al.
patent: 6466670 (2002-10-01), Tsuria et al.
patent: 6505299 (2003-01-01), Zeng et al.
patent: 6584567 (2003-06-01), Bellwood et al.
patent: 6587561 (2003-07-01), Sered et al.
patent: 6618484 (2003-09-01), Van Wie et al.
patent: 6629243 (2003-09-01), Kleinman et al.
patent: 6634028 (2003-10-01), Handelmann
patent: 6640304 (2003-10-01), Ginter et al.
patent: 6643701 (2003-11-01), Aziz et al.
patent: 6651170 (2003-11-01), Rix
patent: 6654420 (2003-11-01), Snook
patent: 6654423 (2003-11-01), Jeong et al.
patent: 6658568 (2003-12-01), Ginter et al.
patent: 6668325 (2003-12-01), Collberg et al.
patent: 6671812 (2003-12-01), Balasubramaniam et al.
patent: 6674717 (2004-01-01), Duong-van et al.
patent: 6681327 (2004-01-01), Jardin
patent: 6718388 (2004-04-01), Yarborough et al.
patent: 7150045 (2006-12-01), Koelle et al.
patent: 2002/0001385 (2002-01-01), Kawada et al.
patent: 2002/0015498 (2002-02-01), Houlberg et al.
patent: 2002/0021805 (2002-02-01), Schumann et al.
patent: 2002/0059078 (2002-05-01), Valdes et al.
patent: 2002/0087883 (2002-07-01), Wohlgemuth et al.
patent: 2002/0089410 (2002-07-01), Janiak et al.
patent: 2002/0104004 (2002-08-01), Couillard
patent: 2002/0141582 (2002-10-01), Kocher et al.
patent: 2002/0164023 (2002-11-01), Koelle et al.
patent: 2003/0007568 (2003-01-01), Hamery et al.
patent: 2005/0038818 (2005-02-01), Hooks
patent: 2005/0063303 (2005-03-01), Samuels et al.
patent: 2005/0074007 (2005-04-01), Samuels et al.
patent: 2005/0108420 (2005-05-01), Brown et al.
patent: 2005/0187979 (2005-08-01), Christensen et al.
patent: 658054 (1995-06-01), None
patent: 714204 (1996-05-01), None
patent: 0886409 (1998-12-01), None
patent: 1041823 (2000-10-01), None
patent: WO-96/06504 (1996-02-01), None
patent: WO-96/32702 (1996-10-01), None
patent: WO-99/30499 (1999-06-01), None
patent: WO-99/54453 (1999-10-01), None
patent: WO-01/35571 (2001-05-01), None
patent: WO-01/93212 (2001-12-01), None
patent: WO-02/21761 (2002-03-01), None
Wu, Tsung-Li et al., Selective Encryption and Watermarking of MPEG Video (Extended Abstract), Feb. 17, 1997, 10 pgs., International Conference on Image Science, Systems, and Technology.
“Establishing Interconnectivity among Various Makers' Products through Standardizatin of VOD Protocol”, NTT Corporation Press Release, Sep. 27, 2002. http://www.ntt.co.jp
ews
ews02e/0209/020927.html.
Balthrop, Justin, et al., “Coverage and Generalization in an Artificial Immune System”, Proceedings of Genetic and Evolutionary Computation Conference (GECCO), pp. 1-8, 2002.
Griwodz, Carsten, “Video Protection by Partial Content Corruption”, Multimedia and Security Workshop at ACM Multimedia, Bristol, UK, pp. 1-5, Sep. 1998.
Eskiciouglu, A. and Delp, E., “An overview of multimedia content protection in consumer electronics devices”, SP:IC, 16(7): pp. 681-699, Apr. 2001.
Spanos, George, et al., “Performance Study of a Selective Encryption Scheme for the Security of Networked, Real-Time Video”, Proceedings of the 4th ICCN, Las Vegas, NV, pp. 2-10, Sep. 1995.
Intelligent Systems for Finance and Business, Goonatilake, Suran, ed. et al., Chapters 2-10, pp. 31-173, 1995.
“Irdeto Access & Optibase create Strategic Alliance”, Press Release, Optibase, pp. 1-4, Dec. 14, 2000. http://www.irdetoaccess.com/press/0
Koelle Katharina Veronika
Midwinter Wendy
Branch John W.
Frommer & Lawrence & Haug LLP
Google Inc.
Hailu Teshome
Zand Kambiz
LandOfFree
Method for evolving detectors to detect malign behavior in... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for evolving detectors to detect malign behavior in..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for evolving detectors to detect malign behavior in... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4253252