Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2004-12-16
2010-10-05
Korzuch, William R (Department: 2431)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S024000, C726S025000, C713S150000, C713S166000, C713S188000, C709S223000, C709S224000
Reexamination Certificate
active
07810157
ABSTRACT:
A method of managing alerts issued by intrusion detection sensors (11a,11b,11c) of an information security system (1) including an alert management system (13), each alert being defined by an alert identifier and an alert content. Each of the alerts issued by the intrusion detection sensors (11a,11b,11c) is associated with a description including a conjunction of valued attributes belonging to attribute domains. The valued attributes belonging to each attribute domain are organized into a taxonomic structure defining generalization relationships between said valued attributes, the plurality of attribute domains thus forming a plurality of taxonomic structures. The description of each of said alerts is completed with sets of values induced by the taxonomic structures on the basis of the valued attributes of said alerts to form complete alerts. The complete alerts are stored in a logic file system (21) to enable them to be consulted.
REFERENCES:
patent: 6393386 (2002-05-01), Zager et al.
patent: 6445774 (2002-09-01), Kidder et al.
patent: 6647400 (2003-11-01), Moran
patent: 6707795 (2004-03-01), Noorhosseini et al.
patent: 6732153 (2004-05-01), Jakobson et al.
patent: 6801940 (2004-10-01), Moran et al.
patent: 7026926 (2006-04-01), Walker, III
patent: 7203962 (2007-04-01), Moran
patent: 7437762 (2008-10-01), Dacier et al.
patent: 2002/0059078 (2002-05-01), Valdes et al.
patent: 2002/0087882 (2002-07-01), Schneier et al.
patent: 2003/0093514 (2003-05-01), Valdes et al.
patent: 2003/0101260 (2003-05-01), Dacier et al.
patent: 2003/0108042 (2003-06-01), Skillicorn et al.
patent: 2003/0110398 (2003-06-01), Dacier et al.
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2004/0088583 (2004-05-01), Yoon et al.
patent: 2004/0103021 (2004-05-01), Scarfe et al.
patent: 2004/0117478 (2004-06-01), Triulzi et al.
patent: 2004/0260945 (2004-12-01), Raikar et al.
patent: 2005/0086529 (2005-04-01), Buchsbaum
patent: 0 735 477 (1996-10-01), None
patent: 1 146 689 (2001-01-01), None
Julisch, Klaus, “Clustering Intrusion Detection Alarms to Support Root Cause Analysis,” Nov. 2003, ACM Transacdtions on Information and System Security, vol. 6, No. 4, pp. 443-471.
Yoann Padioleau et al., “A Logic File System”, Proceedings of the 2003 Usenix Annual Technical Conference, Online! URL:http://www.usenix.org/events/usenix03/tech/full-papers/padioleau/padioleau.pdf, Jun. 9, 2003-Jun. 14, 2003.
Debar et al., “A Revised Taxonomy for Intrusion-Detection Systems”, Annals of Telecommunications, Presses Polytechniques et Universitaires Romandes, Lausanne, CH, vol. 55, No. 7/8, Jul. 2000, pp. 361-378.
Ulf Lindquist et al., “How to Systematically Classify Computer Security Intrusions”, Proceedings of the 21stNational Information Systems Security Conference, Online! URL: http://www.ce.chalmers.se/old/staff/ulfl/pubs/sp97ul.pdf, May 4, 1997, pp. 154-163.
Debar Herve
Morin Benjamin
Cohen Pontani Lieberman & Pavane LLP
Doan Trang
France Telecom
Korzuch William R
LandOfFree
Method of managing alerts issued by intrusion detection... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of managing alerts issued by intrusion detection..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of managing alerts issued by intrusion detection... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4210194