Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2008-05-13
2008-05-13
Sheikh, Ayaz (Department: 2131)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C726S002000, C726S003000, C726S004000, C726S005000, C726S006000, C726S007000, C726S008000, C726S025000, C726S026000, C726S027000, C713S187000, C713S188000, C709S223000, C709S224000, C709S225000
Reexamination Certificate
active
07373666
ABSTRACT:
A method and system are provided for managing a security threat in a distributed system. A distributed element of the system detects and reports suspicious activity to a threat management agent. The threat management agent determines whether an attack is taking place and deploys a countermeasure to the attack when the attack is determined to be taking place. Another method and system are also provided for managing a security threat in a distributed system. A threat management agent reviews reported suspicious activity including suspicious activity reported from at least one distributed element of the system, determines, based on the reports, whether a pattern characteristic of an attack occurred, and predicts when a next attack is likely to occur. Deployment of a countermeasure to the predicted next attack is directed in a time window based on when the next attack is predicted to occur.
REFERENCES:
patent: 6324656 (2001-11-01), Gleichauf et al.
patent: 6408391 (2002-06-01), Huff et al.
patent: 2002/0073338 (2002-06-01), Burrows et al.
patent: 2002/0119427 (2002-08-01), Brown et al.
patent: 2003/0163706 (2003-08-01), Cocchi et al.
Box, Don. “A Brief History of SOAP” (Apr. 4, 2001) xml.com : http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html.
Barrus et al.; “A Distributed Autonomous-Agent Network-Intrusion Detection and Response System”. (Jun. 1998) NEC Research Index, Proceedings of the 1998 Command and Control Research and Technology Symposium.
P.A. Porras, P.G. Neumann. “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Distrubances” (1997) Proc. 20th NIST-NCSC National Information Systems Security Conference.
E.A. Fisch “Intrusion Damage Control and Assessment: A Taxonomy and Implementation fo Automated Responses to Intrusive Behavior” (May 1996) PhD Thesis, Texas A&M University. Chapters I-III.
The Honeynet Project “Know Your Enemy: Statistics” (Jul. 22, 2001). Avaliable online at http://www.chguy.net
ews/jul01/attack-stats.html.
J. Yuill, S.F. Wu, F. Gong, M. Huang. “Intrusion Detection for an On-Going Attack” (1999) Recent Advances in Intrusion Detection.
Della-Libera Giovanni Moises
Kaler Christopher G.
Shewchuk John P.
Birch & Stewart Kolasch & Birch, LLP
Chai Longbit
Microsoft Corporation
Sheikh Ayaz
LandOfFree
Distributed threat management does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Distributed threat management, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Distributed threat management will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2785147