Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-02-20
2007-02-20
Sheikh, Ayaz (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S025000, C713S166000
Reexamination Certificate
active
10456837
ABSTRACT:
A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attach signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.
REFERENCES:
patent: 5136523 (1992-08-01), Landers
patent: 5278901 (1994-01-01), Shieh et al.
patent: 5388211 (1995-02-01), Hornbuckle
patent: 5440723 (1995-08-01), Arnold et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5699403 (1997-12-01), Ronnen
patent: 5796942 (1998-08-01), Esbensen
patent: 5798706 (1998-08-01), Kraemer et al.
patent: 5802320 (1998-09-01), Baehr et al.
patent: 5850516 (1998-12-01), Schneier
patent: 5892903 (1999-04-01), Klaus
patent: 5919257 (1999-07-01), Trostle
patent: 5923646 (1999-07-01), Mandhyan
patent: 5925126 (1999-07-01), Hsieh
patent: 5931946 (1999-08-01), Terada et al.
patent: 5958015 (1999-09-01), Dascalu
patent: 5961644 (1999-10-01), Kurtzberg et al.
patent: 5987611 (1999-11-01), Freund
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6006328 (1999-12-01), Drake
patent: 6044402 (2000-03-01), Jacobson et al.
patent: 6088804 (2000-07-01), Hill et al.
patent: 6101606 (2000-08-01), Diersch et al.
patent: 6185689 (2001-02-01), Todd, Sr. et al.
patent: 6199181 (2001-03-01), Rechef et al.
patent: 6263444 (2001-07-01), Fujita
patent: 6269447 (2001-07-01), Maloney et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6282546 (2001-08-01), Gleichauf et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6324656 (2001-11-01), Gleichauf et al.
patent: 6330562 (2001-12-01), Boden et al.
patent: 6343362 (2002-01-01), Ptacek et al.
patent: 6347376 (2002-02-01), Attwood et al.
patent: 6359557 (2002-03-01), Bilder
patent: 6363489 (2002-03-01), Comay et al.
patent: 6370648 (2002-04-01), Diep
patent: 6408391 (2002-06-01), Huff et al.
patent: 6415321 (2002-07-01), Gleichauf et al.
patent: 6470384 (2002-10-01), O'Brien et al.
patent: 6473800 (2002-10-01), Jerger et al.
patent: 6477651 (2002-11-01), Teal
patent: 6484203 (2002-11-01), Porras et al.
patent: 6484315 (2002-11-01), Ziese
patent: 6490626 (2002-12-01), Edwards et al.
patent: 6502135 (2002-12-01), Munger et al.
patent: 6574737 (2003-06-01), Kingsford et al.
patent: 6578147 (2003-06-01), Shanklin et al.
patent: 6584569 (2003-06-01), Reshef et al.
patent: 6609205 (2003-08-01), Bernhard et al.
patent: 6611869 (2003-08-01), Eschelbeck et al.
patent: 6687833 (2004-02-01), Osborne et al.
patent: 6704873 (2004-03-01), Underwood
patent: 6708212 (2004-03-01), Porras et al.
patent: 6711127 (2004-03-01), Gorman et al.
patent: 6718535 (2004-04-01), Underwood
patent: 6735169 (2004-05-01), Albert et al.
patent: 6735702 (2004-05-01), Yavatkar et al.
patent: 6771597 (2004-08-01), Makansi et al.
patent: 6775657 (2004-08-01), Baker
patent: 6778524 (2004-08-01), Augart
patent: 6789216 (2004-09-01), Zagorski et al.
patent: 6816973 (2004-11-01), Gleichauf et al.
patent: 6826172 (2004-11-01), Augart
patent: 6889168 (2005-05-01), Hartley et al.
patent: 6952779 (2005-10-01), Cohen et al.
patent: 6990591 (2006-01-01), Pearson
patent: 2002/0133721 (2002-09-01), Adjaoute
patent: 2004/0015719 (2004-01-01), Lee et al.
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2005/0204404 (2005-09-01), Hrabik et al.
patent: 2006/0010389 (2006-01-01), Rooney et al.
patent: 2006/0021034 (2006-01-01), Cook
patent: 2006/0021045 (2006-01-01), Cook
patent: 2006/0069671 (2006-03-01), Conley et al.
patent: 2006/0143710 (2006-06-01), Desai et al.
patent: 2006/0195905 (2006-08-01), Fudge
patent: 1160646 (2001-12-01), None
patent: WO 01/31420 (2001-05-01), None
patent: WO 01/84270 (2001-11-01), None
patent: WO0184270 (2001-11-01), None
patent: WO 02/19661 (2002-03-01), None
patent: WO0227443 (2002-04-01), None
patent: WO 02/45380 (2002-06-01), None
patent: WO 02/061544 (2002-08-01), None
patent: WO 03/084181 (2003-10-01), None
patent: WO 03/100617 (2003-12-01), None
Anonymous, Microsoft Computer Dictionary, 2002, Microsoft Press, Fifth Edition, p. 291.
Yurcik, William, Controlling Intrusion Detection Systems by Generating False Positives: Squealing Proof-of-Concept, 2002, IEEE, pp. 134-135.
Skaggs et al, Network Vulnerability Analysis, 2002, IEEE, pp. 493-495.
Phipatanasuphorn et al, Vulnerability of Sensor Networks to Unauthorized Traversal and Monitoring, 2004, IEEE, pp. 364-369.
Bace, Rebecca, An Introduction To Intrusion Detection & Assessment, ICSA, Inc., 1999, pp. 1-38.
Fyodor, Remote OS Detection Via TCP/IP Stack FingerPrinting, Oct. 18, 1998, pp. 1-10.
Ristenbatt, Martin P., Methodology For Network Communication Vulnerability Analysis, IEEE, 1988, pp. 493-499.
Skaggs, B., et al., Network Vulnerability Analysis, IEEE, 2002, pp. 493-495.
Thatcher, Michelle, Keeping Your Technology Secure, Technology & Learning, Apr. 2002, pp. 38, 40, 42 and 44.
Abstract, W. Erhard, et al., “Network Traffic Analysis and Security Monitoring with UniMon”, Proceeding of the IEEE Conference on High Performance Switching and Routing, 2000, ATM 2000, pp. 439-446 (Jun. 2000).
Abstract, Dept. of Comput. Sci., California Univ., Davis, CA, USA, “A Methodology For Testing Intrusion Detection Systems”, IEEE Transactions on Software Engineering, vol. 22, Issue 10, pp. 719-729 (Oct. 1996).
Abstract, Mounji A. Le Charlier, et al., “Distributed Audit Trail Analysis”, Proceeding of the Symposium on Network and Distributed System Security, 1995, pp. 102-112 (Feb. 16-17, 1995).
Abstract, L.T. Heberlein, et al., “A Network Security Monitor” Proceeding of the 990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 296-304, (May 7-9, 1990).
Abstract, Xinzhou Quin et al., “Integrating Intrusion Detection and Network Management”, Network Operation and Management Symposium, 2002. NAOMS 2002. 2002 IEEE/IFIP, pp. 329-344 (Apr. 15-19, 2002).
Abstract, D.G. Schwartz et al., “A Case-Based Approach To Network Intrusion Detection”, Proceeding of the 5th International Conference on Information Fusion, 2002. vol. 2 pp. 1084-1089 (Jul. 8-11, 2002).
Abstract, “Open Source Security: Opportunity or Oxymoron?” Computer, vol. 35, Issue 3, pp. 18-21 (Mar. 2002).
Abstract, Liu Dihua, et al. “Data Mining For Intrusion Detection”, Proceedings ICII 2001—Beijing 2001 International Conference on Info-Tech and Info-Net, 2001, vol. 5, pp. 7-12, (Oct. 29-Nov. 2001).
Abstract, Kai Hwang & M. Gangadharan, “Micro-Firewalls for Dynamic Network Security With Distributed Intrusion Detection”, NCA 2001 IEEE International Symposium on Network Computing and Applications, 2001. pp. 68-79, (Oct. 8-10, 2001).
Abstract, Wenke Lee Stolfo, et al., “Real Time Data Mining-Based Intrusion Detection”, Proceedings DARPA Information Survivability Conference & Expositon II, 2001, DISCEX '01. vol. 1, pp. 89-100 (Jun. 12-14, 2001).
Abstract, J. Burns, et al., Automatic Management Of Network Security Policy, Proceedings DARPA Information Survivability Conference & Exposition II 2001, DISCEX '01. vol. 2, pp. 12-26, (Jun. 12-14, 2001).
Abstract, Heberlein, et al. “A Network Security Monitor”, 1990, Proceedings Research in Security & Privacy 1990 IEEE Computer Society Symposium on, pp. 296-304, (May 7-9, 1990).
“Microsoft
Buchanan Brian W.
Flowers John S.
Keanini Timothy D.
Quiroga Martin A.
Moorthy Aravind K
nCircle Network Security, Inc.
Sheikh Ayaz
LandOfFree
Network security system having a device profiler... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network security system having a device profiler..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network security system having a device profiler... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3856798