Semantically-aware network intrusion signature generator

Details Semantically-aware network intrusion signature generator Semantically-aware network intrusion signature generator

2005-03-21

2011-11-22

Flynn, Nathan (Department: 2431)

Information security

Access control or authentication

Network

C713S176000, C713S188000, C713S189000, C709S223000, C709S224000, C709S225000, C726S001000, C726S003000, C726S011000, C726S013000, C726S022000, C726S023000, C726S024000, C726S025000, C370S229000, C370S230000, C370S231000, C370S235000, C370S250000, C370S252000, C370S253000, C370S389000, C370S392000, C370S401000, C370S470000, C370S476000, C370S472000, C370S474000, C370S506000

Reexamination Certificate

active

08065722

ABSTRACT:
An automatic technique for generating signatures for malicious network traffic performs a cluster analysis of known malicious traffic to create a signature in the form of a state machine. The cluster analysis may operate on semantically tagged data collected by connection or session and normalized to eliminate protocol specific features. The signature extractor may generalize the finite-state machine signatures to match network traffic not previously observed.

REFERENCES:
patent: 7496962 (2009-02-01), Roelker et al.
patent: 2004/0025044 (2004-02-01), Day
patent: 2004/0174820 (2004-09-01), Ricciulli
patent: 2005/0050353 (2005-03-01), Thiele et al.
patent: 2005/0281291 (2005-12-01), Stolfo et al.
patent: 2006/0107321 (2006-05-01), Tzadikario

Affiliated with

Also associated with

Rating

Semantically-aware network intrusion signature generator does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Semantically-aware network intrusion signature generator, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Semantically-aware network intrusion signature generator will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-4293503