Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2011-03-15
2011-03-15
Jaroenchonwanit, Bunjob (Department: 2466)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C709S223000
Reexamination Certificate
active
07908357
ABSTRACT:
Aspects of the present invention encompass methods and systems for detecting abnormal digital traffic by assigning characterizations of network behaviors according to knowledge nodes and calculating a confidence value based on the characterizations from at least one knowledge node and on weighting factors associated with the knowledge nodes. The knowledge nodes include a characterization model based on prior network information. At least one of the knowledge nodes should not be based on fixed thresholds or signatures. The confidence value includes a quantification of the degree of confidence that the network behaviors constitute abnormal network traffic.
REFERENCES:
patent: 5465321 (1995-11-01), Smyth
patent: 6041350 (2000-03-01), Takimoto
patent: 6363421 (2002-03-01), Barker et al.
patent: 6405318 (2002-06-01), Rowland
patent: 6415276 (2002-07-01), Heger et al.
patent: 6601054 (2003-07-01), Lo et al.
patent: 6711615 (2004-03-01), Porras et al.
patent: 6772349 (2004-08-01), Martin et al.
patent: 7127743 (2006-10-01), Khanolkar et al.
patent: 2002/0035698 (2002-03-01), Malan et al.
patent: 2002/0059078 (2002-05-01), Valdes et al.
patent: 2002/0188864 (2002-12-01), Jackson
patent: 2003/0009698 (2003-01-01), Lindeman et al.
patent: 2003/0110396 (2003-06-01), Lewis et al.
patent: 2003/0139905 (2003-07-01), Helsper et al.
patent: 2003/0212646 (2003-11-01), Horvitz
patent: 2003/0212903 (2003-11-01), Porras et al.
patent: 2004/0002776 (2004-01-01), Bickford
patent: 2005/0108377 (2005-05-01), Lee et al.
patent: 2005/0267754 (2005-12-01), Schultz et al.
patent: 2006/0067216 (2006-03-01), Lalonde et al.
patent: 2006/0067240 (2006-03-01), Kim et al.
patent: 2006/0101402 (2006-05-01), Miller et al.
patent: 2006/0149848 (2006-07-01), Shay
patent: 2006/0212584 (2006-09-01), Yu et al.
patent: 2006/0271564 (2006-11-01), Meng Muntz et al.
patent: 2006/0293777 (2006-12-01), Breitgand et al.
patent: 2007/0043656 (2007-02-01), Lancaster
patent: 2007/0180526 (2007-08-01), Copeland, III
patent: 2007/0192863 (2007-08-01), Kapoor et al.
patent: WO 03/067810 (2003-08-01), None
Lee, Priors for Neural Networks, Classification, Clustering, and Data Mining Applications, 2004, pp. 141-150.
The Security Benefits of a Behavior-Based Intrusion Detection System, Lancope Technical White Paper, 2002.
Peakflow X product by Arbor Networks, Inc. (http://www.arbornetworks.com/products—x.php).
Sorenson, Competitive Overview of Statistical Anomaly Detection, Juniper Networks Solution Brief, 2004.
Fratto, Anomaly-Detection Services: Know thy enemy, Feb. 18, 2004, (http:/
wc.securitypipeline.com/howto/17602432).
Winning the battle against false positives, Stonesoft Corporation white paper, Oct. 2003.
Intrusion Detection and Prevention: Protecting your network from attacks, NetScreen Technologies, Inc whitepaper, 2003.
Know your enemy: Statistics, The Honeypot Project, Jul. 22, 2001 (http://www.honeynet.org/papers/stats).
Know your enemy: Honeynets, The Honeypot Project, Nov. 12, 2003 (http://www.honeynet.org/papers/honeynet/index.html).
Burnette John R.
Goranson Craig A.
Battelle (Memorial Institute)
Jaroenchonwanit Bunjob
Tuan Allan C.
LandOfFree
Methods and systems for detecting abnormal digital traffic does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and systems for detecting abnormal digital traffic, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and systems for detecting abnormal digital traffic will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2619256