Multiplex communications – Diagnostic testing – Fault detection
Reexamination Certificate
2011-03-08
2011-03-08
Duong, Frank (Department: 2474)
Multiplex communications
Diagnostic testing
Fault detection
Reexamination Certificate
active
07903566
ABSTRACT:
A computer-based method for detecting anomalies in the traffic passing through an internet protocol (IP) network is described. The method includes extracting, from a database, a single instance of each unique packet header associated with a plurality of IP-to-IP packets, the IP-to-IP packets having been transmitted across the IP network over a predefined period of time, analyzing the packet headers to identify anomalous conversations based on at least one of a conversation uniqueness, a time of week uniqueness, and a data quantity uniqueness, and providing alerts corresponding to detected anomalous conversations.
REFERENCES:
patent: 5278901 (1994-01-01), Shieh et al.
patent: 5311593 (1994-05-01), Carmi
patent: 5787253 (1998-07-01), McCreery et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6321338 (2001-11-01), Porras et al.
patent: 6470297 (2002-10-01), Ford
patent: 6499107 (2002-12-01), Gleichauf et al.
patent: 6816973 (2004-11-01), Gleichauf et al.
patent: 6873797 (2005-03-01), Chang et al.
patent: 6910003 (2005-06-01), Arnold et al.
patent: 7053765 (2006-05-01), Clark
patent: 7127739 (2006-10-01), Syvanne
patent: 7165100 (2007-01-01), Cranor et al.
patent: 7174566 (2007-02-01), Yadav
patent: 7180856 (2007-02-01), Breslau et al.
patent: 7185368 (2007-02-01), Copeland, III
patent: 7360246 (2008-04-01), Etoh et al.
patent: 7543052 (2009-06-01), Cesa Klein
patent: 2002/0144156 (2002-10-01), Copeland, III
patent: 2010/0046393 (2010-02-01), Knapp et al.
patent: 2010/0050084 (2010-02-01), Knapp et al.
patent: 2010/0050256 (2010-02-01), Knapp et al.
patent: 2010/0050262 (2010-02-01), Knapp et al.
Song et al, Flow-based Statistical Aggregation Schemes for Network Anomaly Detection, IEEE, 6 pages, 2006.
Technology Profile Fact Sheet: Network Anomaly Detection Algorithm; http://www.nsa.gov/techtrans/techt00029.cfm; 2 pages.
Tanase, M.; One of These Things is not Like the Others: The State of Anomaly Detection; http://www. securityfocus.com/print/infocus/1600; Jul. 1, 2002; 5 pages.
Anomaly Detection for Computer Security; http://www.cs.unm/edu/˜terran/research/anomaly—detection—for—computer—security; 2 pages.
An Efficient Anomaly Detection Algorithm for Vector-Based Intrusion Detection Systems; http://www.springerlink.com/content/bmx1c58ndqp46hd8/; Sep. 6, 2005; 2 pages.
Cisco Learning Blog; http://blog.sazza.de/?cat=21; Apr. 23, 2008; 4 pages.
Packet Sniffer; http://en.wikipedia.org/wiki/Packet—sniffer; Aug. 19, 2008; 3 pages.
Pcap; http://en.wikipedia.org/wiki/Pcap; Aug. 14, 2008; 3 pages
TCP Connection Establishment Process: The “Three-Way Handshake”; http://www.tcpipguide.co/free/t—TCPCpnnectionEstablishmentProcessTheThreeWayHandsh-3.htm; 2005; 6 pages.
IP Protocol Suite; http://www.networksorcery.com/enp/topic/ipsuite.htm (IP, TCP, UDP); 47 pages.
OmniPeek Overview; http://www.wildpackets.com/products/omnipeek/overview/printable; 2008; 3 pages.
Lee, H, et al.; Multicast Routing Debugger (MRD)—A System to Monitor the Status of Multicast Network; http://www.pamconf.org/2002/Multicast—Routing—Debugger.pdf; Mar. 26, 2002; 9 pages.
Multicast; http://en.wikipedia.org/wiki/Multicast; Aug. 18, 2008; 4 pages.
United States Patent and Trademark Office, Office Action for U.S. Appl. No. 12/195,340, filed Apr. 13, 2010, 24 pages, US.
United States Patent and Trademark Office, Office Action for U.S. Appl. No. 12/195,340, filed Aug. 11, 2010, 23 pages, US.
Aldrich Timothy Mark
Knapp Stephen
Armstrong Teasdale LLP
Duong Frank
The Boeing Company
LandOfFree
Methods and systems for anomaly detection using internet... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and systems for anomaly detection using internet..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and systems for anomaly detection using internet... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2736309