Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-07-19
2011-07-19
Chai, Longbit (Department: 2431)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S022000, C726S024000, C726S025000, C726S026000, C726S027000, C713S182000, C713S188000
Reexamination Certificate
active
07984502
ABSTRACT:
Patterns can be discovered in events collected by a network system. In one embodiment, the present invention includes collecting and storing events from a variety of monitor devices. In one embodiment, a subset of the stored events is provided to a manager as an event stream. In one embodiment, the present invention further includes the manager discovering one or more previously unknown event patterns in the event stream.
REFERENCES:
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5717919 (1998-02-01), Kodavalla et al.
patent: 5850516 (1998-12-01), Schneier
patent: 5956404 (1999-09-01), Schneier et al.
patent: 5978475 (1999-11-01), Schneier et al.
patent: 6070244 (2000-05-01), Orchier et al.
patent: 6134664 (2000-10-01), Walker
patent: 6192034 (2001-02-01), Hsieh et al.
patent: 6275942 (2001-08-01), Bernhard et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6408391 (2002-06-01), Huff et al.
patent: 6408404 (2002-06-01), Ladwig
patent: 6453345 (2002-09-01), Trcka et al.
patent: 6484203 (2002-11-01), Porras et al.
patent: 6542075 (2003-04-01), Barker et al.
patent: 6694362 (2004-02-01), Secor et al.
patent: 6704874 (2004-03-01), Porras et al.
patent: 6708212 (2004-03-01), Porras et al.
patent: 6711615 (2004-03-01), Porras et al.
patent: 6839850 (2005-01-01), Campbell et al.
patent: 6928556 (2005-08-01), Black et al.
patent: 6966015 (2005-11-01), Steinberg et al.
patent: 6985920 (2006-01-01), Bhattacharya et al.
patent: 6988208 (2006-01-01), Hrabik et al.
patent: 7039953 (2006-05-01), Black et al.
patent: 7043727 (2006-05-01), Bennett et al.
patent: 7089428 (2006-08-01), Farley et al.
patent: 7127743 (2006-10-01), Khanolkar et al.
patent: 7143444 (2006-11-01), Porras et al.
patent: 7159237 (2007-01-01), Schneier et al.
patent: 7168093 (2007-01-01), Hrabik et al.
patent: 7171689 (2007-01-01), Beavers
patent: 7219239 (2007-05-01), Njemanze et al.
patent: 7260844 (2007-08-01), Tidwell et al.
patent: 7278160 (2007-10-01), Black et al.
patent: 7308689 (2007-12-01), Black et al.
patent: 7318178 (2008-01-01), Steinberg et al.
patent: 7333999 (2008-02-01), Njemanze
patent: 7340776 (2008-03-01), Zobel et al.
patent: 7370359 (2008-05-01), Hrabik et al.
patent: 7376969 (2008-05-01), Njemanze et al.
patent: 7379993 (2008-05-01), Valdes et al.
patent: 7418733 (2008-08-01), Connary et al.
patent: 7424742 (2008-09-01), Dash et al.
patent: 7437359 (2008-10-01), Aguilar-Macias et al.
patent: 7483972 (2009-01-01), Bhattacharya et al.
patent: 7644365 (2010-01-01), Bhattacharya et al.
patent: 2002/0019945 (2002-02-01), Houston et al.
patent: 2002/0091680 (2002-07-01), Hatzis et al.
patent: 2002/0147803 (2002-10-01), Dodd et al.
patent: 2002/0184532 (2002-12-01), Hackenberger et al.
patent: 2003/0084349 (2003-05-01), Friedrichs et al.
patent: 2003/0093692 (2003-05-01), Porras
patent: 2003/0188189 (2003-10-01), Desai et al.
patent: 2003/0221123 (2003-11-01), Beavers
patent: 2004/0010718 (2004-01-01), Porras et al.
patent: 2004/0015719 (2004-01-01), Lee et al.
patent: 2004/0024864 (2004-02-01), Porras et al.
patent: 2004/0221191 (2004-11-01), Porras et al.
patent: 2005/0027845 (2005-02-01), Secor et al.
patent: 2005/0251860 (2005-11-01), Saurabh et al.
patent: 2006/0095587 (2006-05-01), Bhattacharya et al.
patent: 2006/0212932 (2006-09-01), Patrick et al.
patent: 2007/0118905 (2007-05-01), Morin et al.
patent: 2007/0136437 (2007-06-01), Shankar et al.
patent: 2007/0150579 (2007-06-01), Morin et al.
patent: 2007/0162973 (2007-07-01), Schneier et al.
patent: 2007/0169038 (2007-07-01), Shankar et al.
patent: 2007/0234426 (2007-10-01), Khanolkar et al.
patent: 2008/0104046 (2008-05-01), Singla et al.
patent: 2008/0104276 (2008-05-01), Lahoti et al.
patent: 2008/0162592 (2008-07-01), Huang et al.
patent: 2008/0165000 (2008-07-01), Morin et al.
patent: 2010/0058165 (2010-03-01), Bhattacharya et al.
patent: 2391650 (2004-02-01), None
patent: 2002 043994 (2002-06-01), None
patent: WO 02/45315 (2002-06-01), None
patent: WO 02/060117 (2002-08-01), None
patent: WO 02/078262 (2002-10-01), None
patent: WO 02/101988 (2002-12-01), None
patent: WO 03/009531 (2003-01-01), None
patent: WO 2004/019186 (2004-03-01), None
patent: WO 2005/001655 (2005-01-01), None
patent: WO 2005/026900 (2005-03-01), None
U.S. Appl. No. 60/405,921, filed Aug. 26, 2002, Gisby et al.
U.S. Appl. No. 10/308,767, filed Dec. 2, 2002.
U.S. Appl. No. 10/308,548, filed Dec. 2, 2002.
U.S. Appl. No. 10/308,941, filed Dec. 2, 2002.
U.S. Appl. No. 10/308,416, filed Dec. 2, 2002.
U.S. Appl. No. 10/308,418, filed Dec. 2, 2002.
U.S. Appl. No. 10/308,417, filed Dec. 2, 2002.
U.S. Appl. No. 10/308,584, filed Dec. 2, 2002.
U.S. Appl. No. 10/733,073, filed Dec. 10, 2003.
U.S. Appl. No. 10/713,471, filed Nov. 14, 2003.
U.S. Appl. No. 10/683,221, filed Oct. 10, 2003.
U.S. Appl. No. 10/683,191, filed Oct. 10, 2003.
U.S. Appl. No. 10/821,459, filed Apr. 9, 2004.
U.S. Appl. No. 10/839,563, filed May 4, 2004.
U.S. Appl. No. 10/975,962, filed Oct. 27, 2004.
U.S. Appl. No. 10/974,105, filed Oct. 27, 2004.
U.S. Appl. No. 11/029,920, filed Jan. 4, 2005.
U.S. Appl. No. 11/021,601, filed Dec. 23, 2004.
U.S. Appl. No. 11/070,024, filed Mar. 1, 2005.
U.S. Appl. No. 11/740,203, filed Apr. 25, 2007.
U.S. Appl. No. 11/836,251, filed Aug. 9, 2007.
U.S. Appl. No. 12/098,322, filed Apr. 4, 2008.
U.S. Appl. No. 11/023,942, filed Dec. 24, 2004, pp. 1-26.
Han, J., et al., “Mining Frequent Patterns without Candidate Generation,” Proceedings of the 2000 ACM SIGMOD International Conference on Management of Data (SIGMOD '00), Dallas, TX, May 2000.
Han, J., et al., “Mining Frequent Patterns without Candidate Generation: A Frequent-Pattern Tree Approach,” Data Mining and Knowledge Discovery: An International Journal, Jan. 2004, vol. 8, Issue 1, pp. 53-87, Kluwer Academic Publishers.
Examination Report, European Patent Application No. 05746753.2, Sep. 3, 2007, 3 Pages.
Abraham, T., “IDDM: Intrusion Detection Using Data Mining Techniques,” DSTO-GD-0286, Information Technology Division, AR-011-868, Electronics and Surveillance Research Laboratory, Defence Science & Technology Organisation (DSTO), Australia Department of Defence, May 2001.
Hipp, J., et al., “Algorithms for Association Rule Mining—A General Survey and Comparison”, ACM Special Interest Group on Knowledge Discovery and Data Mining (SIGKDD) Explorations Newsletter, Jul. 2000, vol. 2, Issue 1, pp. 58-64.
Hossain, M., et al., “A Framework for an Adaptive Intrusion Detection System with Data Mining”, Proceedings: 13th Annual Canadian Information Technology Security Symposium (CITSS), Ottawa, Canada, 2001.
Lee, W., et al., “Data Mining Approaches for Intrusion Detection,” Proceedings: 7th USENIX Security Symposium, Jan. 26-29, 1998, San Antonio, TX, vol. 1.
Perrochon, L., et al., “Enlisting Event Patterns for Cyber Battlefield Awareness,” Proceedings: DARPA Information Survivability Conference & Exposition (DISCEX), Jan. 25-27, 2000,Hilton Head, South Carolina, vol. 2., IEEE Computer Society Press.
Heberlein, L. T., et al., “A Method to Detect Intrusive Activity in a Networked Environment,” Proceedings of the Fourteenth National Computer Security Conference, NIST/NCSC, Oct. 1-4, 1991, Washington, D.C., pp. 362-371.
Javitz, H. S., et al., “The NIDES Statistical Component Description and Justification,” SRI Project 3131, Contract N00039-92-C-0015, Annual Report, A010, Mar. 7, 1994.
Jou, Y. F., et al., “Architecture Design of a Scalable Intrusion Detection System for the Emerging Network Infrastructure,” MCNC, Technical Report CDRL A005, Apr. 1997.
Porras, P. A., et al., “Live Traffic Analysis of TCP/IP Gateways,” Symposium on Networks and Distributed Systems Security, Internet Society, Mar. 1998.
Robinson, S. L., “Memorandum Opinion” inSRI International, Inc.v.Internet Security Systems, Inc. and Symantec Corporation(D. Del., Civ. No. Apr. 1199-SLR), Oct. 17, 2006.
Valdes, A., et al., “Statistical Methods for Computer Usage Anomaly Det
Saurabh Kumar
Tidwell Kenny C.
Chai Longbit
Hewlett--Packard Development Company, L.P.
LandOfFree
Pattern discovery in a network system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Pattern discovery in a network system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Pattern discovery in a network system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2637180