Information security – Access control or authentication – Network
Reexamination Certificate
2006-10-10
2006-10-10
Louis Jacques, Jacques H. (Department: 2134)
Information security
Access control or authentication
Network
C726S012000, C713S152000
Reexamination Certificate
active
07120931
ABSTRACT:
A method and system for generating filters based on analyzed flow data are disclosed. A method generally comprises separating the data into different network flows, analyzing at least one of the network flows, and detecting potentially harmful network flows. A filter is generated to prevent packets corresponding to the detected potentially harmful network flows from passing through the network device.
REFERENCES:
patent: 5774668 (1998-06-01), Choquier et al.
patent: 5848233 (1998-12-01), Radia et al.
patent: 5958015 (1999-09-01), Dascalu
patent: 5968176 (1999-10-01), Nessett et al.
patent: 6154775 (2000-11-01), Coss et al.
patent: 6222856 (2001-04-01), Krishnan et al.
patent: 6243667 (2001-06-01), Kerr et al.
patent: 6266706 (2001-07-01), Brodnik et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6389532 (2002-05-01), Gupta et al.
patent: 6453345 (2002-09-01), Trcka et al.
patent: 6496935 (2002-12-01), Fink et al.
patent: 6510509 (2003-01-01), Chopra et al.
patent: 6542508 (2003-04-01), Lin
patent: 6550012 (2003-04-01), Villa et al.
patent: 6567408 (2003-05-01), Li et al.
patent: 6598034 (2003-07-01), Kloth
patent: 6625150 (2003-09-01), Yu
patent: 6651099 (2003-11-01), Dietz et al.
patent: 6667985 (2003-12-01), Drummond-Murray
patent: 6771661 (2004-08-01), Chawla et al.
patent: 6772347 (2004-08-01), Xie et al.
patent: 6804820 (2004-10-01), Meric et al.
patent: 6816903 (2004-11-01), Rakoshitz et al.
patent: 2002/0023089 (2002-02-01), Woo
patent: 2002/0032793 (2002-03-01), Malan et al.
patent: 2002/0035628 (2002-03-01), Gil et al.
patent: 2002/0152209 (2002-10-01), Merugu et al.
patent: 2003/0023733 (2003-01-01), Lingafelt et al.
patent: 2003/0226038 (2003-12-01), Raanan et al.
patent: 2004/0215977 (2004-10-01), Goodman et al.
patent: 910197 (1999-04-01), None
patent: WO 9724841 (1997-07-01), None
Allied Telesyn, “Application Note 2037 Nemesis Firewall”, May 2000.
Apisdorf, Joel et al. “OC3MON: flexible, affordable, high performance statistics collection”, Sep. 1996 (http://www.nlanr.net/NA/Oc3mon/).
Cyberplaces Online Internet Workshop, “Firewalls” (http://www.cyberplaces.com/workshop/archive/0304982.htm).
Decasper, Dan et al. “Router Plugins A Software Architecture for Next Generation Routers”, 1998 ACM, pp. 229-240.
Deering, S. et al. “Inernet Protocol, Version 6 (IPv6) Specification”, Dec. 1998.
Gupta, Pankaj et al. “Packet Classification on Multiple Fields”, 1999 ACM, pp. 147-160.
Ilvesmaki, Mika et al. “Adaptive Flow Classification in IP Switching—The Measurement Based Approach”, 1998.
Lakshman, T.V. et al. “High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching”, 1998 ACM, pp. 203-214.
Newman, Peter et al. “Flow Labelled IP: A Connectionless Approach to ATM”, 1996 IEEE.
Frank, Jeremy. “Artificial Intelligence and Intrusion Detection: Current and Future Directions”, Jun. 1994 in Proceedings of the 17th National Computer Security Conference.
Neumann, Peter G. et al. “Experience with EMERALD to Date”, Apr. 1999.
Porras, Phillip A. et al. “Life Traffic Analysis of TCP/IP Gateways”, Dec. 1997.
Sekar, R. et al. “A High-Performance Network Intrusion Detection System”, 1999.
Valdes, Alfonso et al. “Adaptive, Model-based Monitoring for Cyber Attack Detection”, 2000.
Yoo, InSeon et al. “Adaptive Detection of Worms/Viruses In Firewalls”, 2003.
Bellovin, Steven M. “Distributed Firewalls”, Nov. 1999.
Buddhikot, Milind M. et al. “Space Decomposition Techniques for Fast Layer-4 Switching”.
Feldmann, Anja et al. “Tradeoffs for Packet Classification”, 2000 IEEE.
Network Associates. “The Active Firewall, The End of the Passive Firewall Era”, 1999.
Romig, Steve et al. “Cisco Flow Logs and Intrusion Detection at the Ohio State University”, Dec. 1999, <http://web.archive.org/web/19980415195433/http://signal9.com/technical/prodsummary/fwsummary.html>.
Signal9. “ConSeal PC Firewall Technical Summary”, Apr. 1998, <http://web.archive.org/web/19980415195433/http://signal9.com/technical/prodsummary/fwsummary.html>.
Smith, Robert N. et al. “Operating Firewalls Outside the LAN Perimeter”, 1999 IEEE.
Smith, Robert N. et al. “A Protocol and Simulation for Distributed Communicating Firewalls”, 1999 IEEE.
Smith, Robert N. et al. “Firewall Placement in a Large Network Topology”, 1997 IEEE.
Venkatesan, Ramkumar M. et al. “Threat-Adaptive Security Policy”, 1997 IEEE.
Fullmer, Mark et al. “The OSU Flow-tools Package and Cisco NetFlow Logs”, LISA 2000, Dec. 2000, <http://www.usenix.org/events/lisa00/full—papers/fullmer/fullmer—html/>.
Nvarro, John-Paul et al. “Combining Cisco NetFlow Exports with Relational Database Technology for Usage Statistics, Intrusion Detection, and Network Forensics”, LISA 2000, Dec. 2000.
Wang, Feiyi et al. “SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services”, 2001 IEEE.
Cisco Technology Inc.
Jacques Jacques H. Louis
Kaplan Cindy
Simitoski Michael J.
LandOfFree
System and method for generating filters based on analyzed... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for generating filters based on analyzed..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for generating filters based on analyzed... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3635655