Information security – Access control or authentication – Network
Reexamination Certificate
2005-11-17
2008-12-09
Moise, Emmanuel L (Department: 2137)
Information security
Access control or authentication
Network
C726S023000, C726S024000, C726S025000, C709S224000, C709S226000, C709S229000
Reexamination Certificate
active
07464404
ABSTRACT:
A method of progressive response for invoking and suspending blocking measures that defend against network anomalies such as malicious network traffic so that false positives and false negatives are minimized. When a truncated secure session attack is detected, the detector notifies protective equipment such as a firewall or a router to invoke a blocking measure. The blocking measure is maintained for an initial duration, after which it is suspended while another test for the anomaly is made. If the attack is no longer evident, the method returns to the state of readiness. Otherwise, a loop is executed to re-applying the blocking measure for a specified duration, then suspend the blocking measure and test again for the attack. If the attack is detected, the blocking measure is re-applied, and its duration is adapted. If the attack is no longer detected, the method returns to the state of readiness.
REFERENCES:
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5621889 (1997-04-01), Lermuzeaux et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6405318 (2002-06-01), Rowland
patent: 6477651 (2002-11-01), Teal
patent: 6487666 (2002-11-01), Shanklin et al.
patent: 6530024 (2003-03-01), Proctor
patent: 6907473 (2005-06-01), Schmidt et al.
patent: 7017185 (2006-03-01), Wiley et al.
patent: 7099320 (2006-08-01), Salerno
patent: 7159237 (2007-01-01), Schneier et al.
patent: 7293290 (2007-11-01), Szor
patent: 2002/0032871 (2002-03-01), Malan et al.
patent: 2002/0087882 (2002-07-01), Schneier et al.
patent: 2002/0101819 (2002-08-01), Goldstone
patent: 2003/0043853 (2003-03-01), Doyle et al.
patent: 2004/0083385 (2004-04-01), Ahmed et al.
patent: 2004/0123142 (2004-06-01), Dubal et al.
patent: 2004/0199791 (2004-10-01), Poletto et al.
patent: 2004/0250124 (2004-12-01), Chesla et al.
patent: 2005/0210533 (2005-09-01), Copeland et al.
patent: 2006/0041667 (2006-02-01), Ahn et al.
patent: 2006/0117386 (2006-06-01), Gupta et al.
patent: 2001057554 (2001-02-01), None
patent: 2002252654 (2002-09-01), None
patent: WO0225402 (2002-03-01), None
Raeth, P. et al. “Finding Events Automatically in Continuously Sampled Data Streams via Anomaly Detection”, IEEE National Aerospace and Electronics Conference (NAECON) Oct. 2000, pp. 580-587.
Carpenter Brian Edward
Himberger Kevin David
Jeffries Clark Debs
Peyravian Mohammad
Gergiso Techane J
International Business Machines - Corporation
Moise Emmanuel L
Pivichny John R.
LandOfFree
Method of responding to a truncated secure session attack does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of responding to a truncated secure session attack, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of responding to a truncated secure session attack will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4031521