Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2011-05-24
2011-05-24
Moazzami, Nasser (Department: 2436)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
Reexamination Certificate
active
07950058
ABSTRACT:
A method for security information management in a network comprises receiving event information for a plurality of events, wherein the event information for a particular event comprises a plurality of attributes associated with that event. The method continues by assigning a plurality of attribute values to each event, the attribute values of each event defining a point in n-dimensional space. The method continues by generating a first n-dimensional graph comprising a plurality of points, the points corresponding to the events. The method continues by receiving a second n-dimensional graph comprising a plurality of points. The method concludes by combining the first n-dimensional graph with the second n-dimensional graph.
REFERENCES:
patent: 5020411 (1991-06-01), Rowan
patent: 5341229 (1994-08-01), Rowan
patent: 5432871 (1995-07-01), Novik
patent: 5790599 (1998-08-01), Wright, Jr. et al.
patent: 5805801 (1998-09-01), Holloway et al.
patent: 5991881 (1999-11-01), Conklin et al.
patent: 6088804 (2000-07-01), Hill et al.
patent: 6226589 (2001-05-01), Maeda et al.
patent: 6253337 (2001-06-01), Maloney et al.
patent: 6327550 (2001-12-01), Vinberg et al.
patent: 6341298 (2002-01-01), Ilani
patent: 6347263 (2002-02-01), Johnson et al.
patent: 6404380 (2002-06-01), Poore, Jr.
patent: 6408297 (2002-06-01), Ohashi
patent: 6421467 (2002-07-01), Mitra
patent: 6574378 (2003-06-01), Lim
patent: 6633882 (2003-10-01), Fayyad et al.
patent: 6650779 (2003-11-01), Vachtesvanos et al.
patent: 6665715 (2003-12-01), Houri
patent: 6674911 (2004-01-01), Pearlman et al.
patent: 6744396 (2004-06-01), Stone et al.
patent: 6954775 (2005-10-01), Shanklin et al.
patent: 7017186 (2006-03-01), Day
patent: 7058976 (2006-06-01), Dark
patent: 7100204 (2006-08-01), Myllymaki et al.
patent: 7127743 (2006-10-01), Khanolkar et al.
patent: 7130611 (2006-10-01), Kimura et al.
patent: 7146421 (2006-12-01), Syvanne
patent: 7185368 (2007-02-01), Copeland, III
patent: 7251376 (2007-07-01), Qian et al.
patent: 7324108 (2008-01-01), Hild et al.
patent: 7370358 (2008-05-01), Ghanea-Hercock
patent: 2002/0059164 (2002-05-01), Shtivelman
patent: 2002/0078381 (2002-06-01), Farley et al.
patent: 2002/0112189 (2002-08-01), Syvanne et al.
patent: 2002/0165842 (2002-11-01), Hellerstein et al.
patent: 2002/0188618 (2002-12-01), Ma et al.
patent: 2003/0009699 (2003-01-01), Gupta et al.
patent: 2003/0023876 (2003-01-01), Bardsley et al.
patent: 2003/0058339 (2003-03-01), Trajkovic et al.
patent: 2003/0105976 (2003-06-01), Copeland, III
patent: 2003/0145226 (2003-07-01), Bruton et al.
patent: 2003/0154399 (2003-08-01), Zuk et al.
patent: 2003/0177383 (2003-09-01), Ofek et al.
patent: 2003/0188189 (2003-10-01), Desai et al.
patent: 2003/0200236 (2003-10-01), Hong
patent: 2003/0217289 (2003-11-01), Ammon et al.
patent: 2004/0015719 (2004-01-01), Lee et al.
patent: 2004/0024855 (2004-02-01), Tsai et al.
patent: 2004/0025044 (2004-02-01), Day
patent: 2004/0044912 (2004-03-01), Connary et al.
patent: 2004/0049698 (2004-03-01), Ott et al.
patent: 2004/0098623 (2004-05-01), Scheidell
patent: 2004/0103211 (2004-05-01), Jackson et al.
patent: 2004/0107125 (2004-06-01), Guheen et al.
patent: 2004/0117407 (2004-06-01), Kumar et al.
patent: 2004/0117654 (2004-06-01), Feldman et al.
patent: 2004/0133543 (2004-07-01), Shlaes et al.
patent: 2004/0172557 (2004-09-01), Nakae et al.
patent: 2004/0193943 (2004-09-01), Angelino et al.
patent: 2004/0215977 (2004-10-01), Goodman et al.
patent: 2004/0260945 (2004-12-01), Raikar et al.
patent: 2004/0261116 (2004-12-01), Mckeown et al.
patent: 2004/0267886 (2004-12-01), Malik
patent: 2005/0035965 (2005-02-01), Sloan et al.
patent: 2005/0044406 (2005-02-01), Stute
patent: 2005/0047670 (2005-03-01), Qian et al.
patent: 2005/0108518 (2005-05-01), Pandya
patent: 2005/0138110 (2005-06-01), Redlich et al.
patent: 2005/0222996 (2005-10-01), Yalamanchi
patent: 2005/0254654 (2005-11-01), Rockwell et al.
patent: 2006/0010493 (2006-01-01), Piesco et al.
patent: 2006/0031934 (2006-02-01), Kriegel
patent: 2006/0130070 (2006-06-01), Graf
patent: 2006/0209836 (2006-09-01), Ke et al.
patent: 2006/0253905 (2006-11-01), Mansel
patent: 2006/0253907 (2006-11-01), McConnell
patent: 2007/0009160 (2007-01-01), Loo et al.
Ma et al., Event Miner: An integrated mining tool for Scalable Analysis of EVent Data, May 21, 2001, pp. 1-17.
Noel et al., Correlating Inrusion Events and Building Attack Scenarios Through Attack Graph Distances, 2004, Computer Security Applications Conferences, 2004, 20th Annual, pp. 1-5.
U.S. Appl. No. 10/407,513, entitled “Vertically Extensible Intrusion Detection System and Method”, inventors Jon-Michael C. Brook, et al., 44 pages plus 7 pages of drawings, filed Apr. 4, 2003.
U.S. Appl. No. 10/407,700, entitled “Dynamic Rule Generation for an Enterprise Intrusion Detection System”, inventors Jon-Michael C. Brook, et al., 38 pages plus 7 pages of drawings, filed Apr. 4, 2003.
U.S. Appl. No. 10/407,030, entitled “Graphical User Interface for an Enterprise Intrusion Detection System”, inventors Jon-Michael C. Brook, et al., 34 pages plus 7 pages of drawings, filed Apr. 4, 2003.
Patent Pending Application (serial No. not yet assigned), entitled “System and Method for Active Data Collection in a Network Security System”, inventor Troy D. Rockwood, 23 pages plus 2 pages of drawings, filed Jul. 6, 2005.
New Patent Application (serial No. not yet assigned), entitled “System and Method for Interactive Correlation Rule Design in a Network Security System”, inventor Troy D. Rockwood, 31 pages plus 4 pages of drawings, filed Sep. 1, 2005.
New Patent Application (serial No. not yet assigned), entitled “System and Method for Intruder Tracking Using Advanced Correlation in a Network Security System”, inventor Troy D. Rockwood, 43 pages plus 7 pages of drawings, filed Sep. 1, 2005.
Li et al., “Multi-Tier Intrusion Detection System,” pp. 1-11.
Commonwealth of Australia, “Handbook 13, Intrusion Detection and Audit Analysis, v. 1.0,” Australian Communications-Electronic Security Instruction 33 (ACSI 33), pp. 13:1-13.
Wu et al., “JiNao: Design and Implementation of a Scalable Intrusion Detection System for the OSPF Routing Protocol,” pp. 0-23, Feb. 24, 1999.
Dasgupta; “Experiments with Random Projection,” Proc. 16th Conference Uncertainty in Artificial Intelligence (UAI), 9 pages, 2000.
Cisco Systems, Inc., “NetRanger User Guide 2.2.1,” Chapters 1-9 and Appendices A-C 2000.
Jou et al., “Design and Implementation of a Scalable Intrusion Detection System for the Protection of Network Infrastructure,” DARPA Information Survivability Conference and Exposition (DISCEX), 15 pages, Jan. 2000.
Boeckman, “Getting Closer to Policy-Based Intrusion Detection,” Information Security Bulletin, pp. 13-20, May 2000.
Jansen et al., “Mobile Agents in Intrusion Detection and Response,” National Institute for Standards and Technology, 12 pages, Jun. 2000.
Northcutt et al., “Network Intrusion Detection: An Analyst's Handbook,” 2ndEd., 19 pages, Sep. 2000.
Phung, “Intrusion Detection FAQ; Data Mining in Intrusion Detection,” SANS.org, 3 pages, Oct. 24, 2000.
Power, “CSI Roundtable: Experts Discuss Present and Future Intrusion Detection Systems,” Computer Security Journal vol. XIV, #1, 15 pages, 2001.
Bace et al., “Intrusion Detection Systems,” NIST Special Publication on Intrusion Detection System, 51 pages, Feb. 2001.
“Stick—A Potential Denial of Service Against IDS Systems,” Internet Security Systems Security Alert, 2 pages, Mar. 14, 2001.
Arnold, “Kernel Based Anomaly Detection,” Intrusion Detection Systems, Machine Learning Group, Columbia University, 2 pages, Apr. 26, 2001.
Wang et al., “SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services,” IEEE Workshop on Information Assurance and Security, pp. 38-45, Jun. 5-6, 2001.
Intrusion.
Baker & Botts L.L.P.
Moazzami Nasser
Nguyen Trong
Raytheon Company
LandOfFree
System and method for collaborative information security... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for collaborative information security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for collaborative information security... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2664275