Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2010-04-01
2011-11-15
Bates, Kevin (Department: 2456)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C709S223000, C709S225000
Reexamination Certificate
active
08060607
ABSTRACT:
A system and method for detecting aberrant network behavior. One embodiment provides a system of detecting aberrant network behavior behind a network access gateway comprising a processor, a first network interface coupled to the processor, a second network interface coupled to the processor, a storage media accessible by the processor and a set of computer instructions executable by the processor. The computer instructions can be executable to observe network communications arriving at the first network interface from multiple clients and determine when the traffic of a particular client is indicative of malware infection or other hostile network activity. If the suspicious network communication is determined to be of a sufficient volume, type, or duration the computer instructions can be executable to log such activity to storage media, or to notify an administrative entity via either the first network interface or second network interface, or to make the computer instructions be executable to perform other configured actions related to the functioning of the network access gateway.
REFERENCES:
patent: 6199113 (2001-03-01), Alegre et al.
patent: 6678733 (2004-01-01), Brown et al.
patent: 6708212 (2004-03-01), Porras et al.
patent: 7272646 (2007-09-01), Cooper et al.
patent: 7509625 (2009-03-01), Johnston et al.
patent: 7587512 (2009-09-01), Ta et al.
patent: 7590728 (2009-09-01), Tonnesen et al.
patent: 7610621 (2009-10-01), Turley et al.
patent: 7624438 (2009-11-01), White
patent: 2005/0204169 (2005-09-01), Tonnesen
patent: 2006/0173992 (2006-08-01), Weber et al.
Notice of Allowance for U.S. Appl. No. 12/536,700, mailed May 6, 2011, 8 pgs.
Office Action issued in U.S. Appl. No. 11/076,652, dated Jan. 25, 2008, 9 pages.
Office Action issued in U.S. Appl. No. 11/076,652, dated Jul. 22, 2008, 8 pages.
Office Action issued in U.S. Appl. No. 11/076,652, dated Dec. 11, 2008, 8 pages.
Office Action issued in U.S. Appl. No. 11/076,672, dated Jul. 21, 2009, 11 pages.
Notice of Allowability issued in U.S. Appl. No. 11/076,646, dated Jul. 24, 2009, 7 pages.
Crandell et al., “A Secure and Transparent Firewall Web Proxy,” Oct. 2003, USENIX, Retrieved from the internet on Jul. 15, 2009, 8 pages; <URL: http://www.usenix.org/event/lisa03/tech/full—papers/crandell/crandell.pdf>.
Sommerlad, “Reverse Proxy Patterns,” 2003 Retrieved from the Internet on Jul. 15, 2009, 27 pages; <URL: http://www.modsecurity.org/archive/ReverseProxy-book-1.pdf>.
Williamson, Matthew, “Throttling Viruses: Restricting Propagation to Defeat Malicious Mobile Code,” Proceedings of the 18th Annual Computer Security Applications Conference, 2002 IEEE, 8 pages.
Williamson, et al, “Virus Throttling,” Virus Bulletin Research Feature 1, Mar. 2003, 4 pages.
Office Action issued in U.S. Appl. No. 11/076,672, dated Jan. 7, 2010, 9 pages.
Office Action issued in U.S. Appl. No. 11/536,700, dated Dec. 9, 2010, 12 pages.
Bates Kevin
Chacko Joe
Rocksteady Technologies, LLC
Sprinkle IP Law Group
LandOfFree
System and method for detection of aberrant network behavior... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for detection of aberrant network behavior..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for detection of aberrant network behavior... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4276680