Information security – Monitoring or scanning of software or data including attack... – Vulnerability assessment
Reexamination Certificate
2003-01-21
2008-08-05
Zand, Kambiz (Department: 2134)
Information security
Monitoring or scanning of software or data including attack...
Vulnerability assessment
C726S023000, C713S151000, C713S165000, C713S166000, C713S167000, C709S223000, C709S224000
Reexamination Certificate
active
07409721
ABSTRACT:
A system and method are disclosed for analyzing security risks in a computer network. The system constructs asset relationships among a plurality of objects in the computer network and receives an event associated with a selected object, where the event has an event risk level. The system also propagates the event to objects related to the selected object if the event risk level exceeds a propagation threshold.
REFERENCES:
patent: 5278901 (1994-01-01), Shieh et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5574898 (1996-11-01), Leblang et al.
patent: 5621889 (1997-04-01), Lermuzeaux et al.
patent: 5638509 (1997-06-01), Dunphy et al.
patent: 5649194 (1997-07-01), Miller et al.
patent: 5680585 (1997-10-01), Bruell
patent: 5724569 (1998-03-01), Andres
patent: 5757913 (1998-05-01), Bellare et al.
patent: 5778070 (1998-07-01), Mattison
patent: 5844986 (1998-12-01), Davis
patent: 5978791 (1999-11-01), Farber et al.
patent: 6134664 (2000-10-01), Walker
patent: 6269447 (2001-07-01), Maloney et al.
patent: 6393386 (2002-05-01), Zager et al.
patent: 6556989 (2003-04-01), Naimark et al.
patent: 6578025 (2003-06-01), Pollack et al.
patent: 6681331 (2004-01-01), Munson et al.
patent: 6826697 (2004-11-01), Moran
patent: 2002/0083343 (2002-06-01), Crosbie et al.
patent: 2003/0154393 (2003-08-01), Young
patent: 2003/0204632 (2003-10-01), Willebeek-LeMair et al.
Pennington et al., “Storage-bsed Intrusion Detection: Watching storage activity for suspicious behavior”, Proceedings of the 12th USENIX Security Symposium, Washington, DC. Aug. 2003, Entire Document.
Norvill, Trevor, “Auditing and Event Correlation”, Thesis, The University of Queensland, Aug. 2001. Entire Document.
Rebecca Bace, Introduction to Intrusion Detection Assesment, no date, for System and Network Security Management.
Gene H. Kim and Eugene H. Spafford, Writing, Supporting and Evaluating Tripwire: A Publically Available Security Tool, Mar. 12, 1994, Purdue Technical Report; Purdue University.
Douglas B. Moran et al., Derbi: Diagnosis, Explanation and Recovery From Break-Ins, no date, Artificial Intelligence Center SRI International.
Mabry Tyson, Ph.D., Explaining and Recovering From Computer Break-Ins, Jan. 12, 2001, SRI International.
Aleph One, Smashing the Stack for Fun and Profit, no date, vol. Seven, Issue Forty-Nine; File 14 of 16 of BugTraq, r00t, and Underground.Org.
Donald C. Latham, Department of Defense Trusted Computer System Evaluation Criteria, Dec. 1985, Department of Defense Standard.
James P. Anderson Co., Computer Security Threat Monitoring and Surveillance, Feb. 26, 1980, Contract 79F296400.
S. Staniford-Chen, et al, “GrIDS-A Graph Based Intrusion Detection System for Large Networks”, Department of Computer Science, University of California, Davis, Davis, CA 95616, Proceedings of the 19thNational Information Systems Security Conference, vol. 1, pp. 361-370, Oct. 1996, http://citeseer.nj.nec.com/article/staniford-chen96grids.html.
Teresa F. Hunt et al., A Real-Time Intrusion-Detection Expert System (IDES), Feb. 28, 1992, SRI International Project 6784.
Bennett Jeremy
Hernacki Brian
Symantac Corporation
Tran Tongoc
Van Pelt & Yi & James LLP
Zand Kambiz
LandOfFree
Network risk analysis does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network risk analysis, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network risk analysis will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4003975