Information security – Access control or authentication – Network
Reexamination Certificate
2007-01-02
2007-01-02
Sheikh, Ayaz (Department: 2131)
Information security
Access control or authentication
Network
C726S001000, C726S002000, C726S006000, C726S011000, C726S012000, C726S013000, C726S022000, C726S023000, C726S006000, C709S223000, C709S226000, C709S229000
Reexamination Certificate
active
09766343
ABSTRACT:
A probe attached to a customer's network collects status data and other audit information from monitored components of the network, looking for footprints or evidence of unauthorized intrusions or attacks. The probe filters and analyzes the collected data to identify potentially security-related events happening on the network. Identified events are transmitted to a human analyst for problem resolution. The analyst has access to a variety of databases (including security intelligence databases containing information about known vulnerabilities of particular network products and characteristics of various hacker tools, and problem resolution databases containing information relevant to possible approaches or solutions) to aid in problem resolution. The analyst may follow a predetermined escalation procedure in the event he or she is unable to resolve the problem without assistance from others. Various customer personnel can be alerted in a variety of ways depending on the nature of the problem and the status of its resolution. Feedback from problem resolution efforts can be used to update the knowledge base available to analysts for future attacks and to update the filtering and analysis capabilities of the probe and other systems.
REFERENCES:
patent: 5796942 (1998-08-01), Esbensen
patent: 5909493 (1999-06-01), Motoyama
patent: 6088804 (2000-07-01), Hill et al.
patent: 6119236 (2000-09-01), Shipley
patent: 6182226 (2001-01-01), Reid et al.
patent: 6205551 (2001-03-01), Grosse
patent: 6363489 (2002-03-01), Comay et al.
patent: 6519703 (2003-02-01), Joyce
patent: 6681331 (2004-01-01), Munson et al.
patent: 6704874 (2004-03-01), Porras et al.
M2 Presswire, Sep. 3, 1999, pp. 1-3.
VPNTrust: Consulting, 1999, pp. 1-3.
Fratto, Nov. 1, 1998, vol. 9, iss. 20; p. 68, p. 1-12.
M2 Presswire, Aug. 31, 1999, p. 1.
http://www.redsiren.com, p. 1-3.
http://www.rkontechnologies.com.
Messmer, Apr. 3, 2000, Network World.
Communication News, Jun. 2000.
Savage, Computer Reseller News, Sep. 25, 2000.
Information Week, 2000, No. 792, p. 244.
Essex, Computerworld, Jun. 12, 2000.
Blacharski, Network Magazine, Aug. 1, 2000.
ENT, Nov. 22, 2000.
Computel white papers, 2001, pp. 1-4.
Balasubramaniyan, J. S. et al., “An Architecture for Intrusion Detection Using Autonomous Agents,” Center for Education and Research in Information Assurance and Security, CERIAS Technical Report May 1995, Jun. 11, 1998, pp. 1-19.
Hunteman, W., “Automated Information System—(AIS) Alarm System,” University of California, Los Alamos National Laboratory, In Proceedings of the 20th National Information Systems Security Conference, National Institute of Standards and Technology, Oct. 1997, pp. 1-12.
Citation details: “Automated Information System—(AIS) Alarm System,” W. Hunmteman, http://citeseer.nj.nec.com/context/1642652/0, downloaded Oct. 19, 2001, 1 p.
Neumann, P. G. et al., “Experience with Emerald to Date,” Computer Science Laboratory, SRI International, 1st USENIX Workshop on Intrusion Detection and Networking Monitoring, Santa Clara, California, Apr. 11-12, 1999, pp. 73-80, http://www.csl.sri.com/users
eumann/det99.html, downloaded Oct. 19, 2001, pp. 1-9.
Porras, P. A. et al., “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disburbances,” Computer Science Laboratory, SRI International, 20th NISSC —Oct. 9, 1997 pp. 1-22 (version with legible text but no figures), pp. 1-13 (version with figures but illegible text).
“FAQ: Network Intrusion Detection Systems,” Version 0.3, Jan. 1, 1998, http://www.robertgraham.com/pubs
etwork-intrusion-detection.txt, downloaded Oct. 19, 2001, pp. 1-29.
Callas Jonathan D.
Gross Andrew H.
Schneier Bruce
Albert Philip H.
Counterpane Internet Security, Inc.
Jackson Jenise
Sheikh Ayaz
Townsend and Townsend and Crew
LandOfFree
Method and system for dynamic network intrusion monitoring,... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for dynamic network intrusion monitoring,..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for dynamic network intrusion monitoring,... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3815240