WO2002045380A3 - Flow-based detection of network intrusions - Google Patents
Flow-based detection of network intrusions Download PDFInfo
- Publication number
- WO2002045380A3 WO2002045380A3 PCT/US2001/045275 US0145275W WO0245380A3 WO 2002045380 A3 WO2002045380 A3 WO 2002045380A3 US 0145275 W US0145275 W US 0145275W WO 0245380 A3 WO0245380 A3 WO 0245380A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- flow
- value
- appears
- suspicious
- concern index
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE60124295T DE60124295T8 (en) | 2000-11-30 | 2001-11-30 | RIVER-BASED DETECTION OF AN INSERT INTO A NETWORK |
AU3054102A AU3054102A (en) | 2000-11-30 | 2001-11-30 | Flow-based detection of network intrusions |
AU2002230541A AU2002230541B2 (en) | 2000-11-30 | 2001-11-30 | Flow-based detection of network intrusions |
CA2430571A CA2430571C (en) | 2000-11-30 | 2001-11-30 | Flow-based detection of network intrusions |
EP01990779A EP1338130B1 (en) | 2000-11-30 | 2001-11-30 | Flow-based detection of network intrusions |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US25026100P | 2000-11-30 | 2000-11-30 | |
US60/250,261 | 2000-11-30 | ||
US26519401P | 2001-01-31 | 2001-01-31 | |
US60/265,194 | 2001-01-31 |
Publications (3)
Publication Number | Publication Date |
---|---|
WO2002045380A2 WO2002045380A2 (en) | 2002-06-06 |
WO2002045380A9 WO2002045380A9 (en) | 2002-09-19 |
WO2002045380A3 true WO2002045380A3 (en) | 2003-01-30 |
Family
ID=26940735
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2001/045275 WO2002045380A2 (en) | 2000-11-30 | 2001-11-30 | Flow-based detection of network intrusions |
Country Status (7)
Country | Link |
---|---|
US (1) | US7185368B2 (en) |
EP (1) | EP1338130B1 (en) |
AT (1) | ATE344573T1 (en) |
AU (2) | AU2002230541B2 (en) |
CA (1) | CA2430571C (en) |
DE (1) | DE60124295T8 (en) |
WO (1) | WO2002045380A2 (en) |
Families Citing this family (296)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7073198B1 (en) | 1999-08-26 | 2006-07-04 | Ncircle Network Security, Inc. | Method and system for detecting a vulnerability in a network |
US6957348B1 (en) | 2000-01-10 | 2005-10-18 | Ncircle Network Security, Inc. | Interoperability of vulnerability and intrusion detection systems |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US7181769B1 (en) | 2000-08-25 | 2007-02-20 | Ncircle Network Security, Inc. | Network security system having a device profiler communicatively coupled to a traffic monitor |
US9280667B1 (en) | 2000-08-25 | 2016-03-08 | Tripwire, Inc. | Persistent host determination |
US6944673B2 (en) * | 2000-09-08 | 2005-09-13 | The Regents Of The University Of Michigan | Method and system for profiling network flows at a measurement point within a computer network |
US6988148B1 (en) * | 2001-01-19 | 2006-01-17 | Cisco Technology, Inc. | IP pool management utilizing an IP pool MIB |
GB2372673B (en) * | 2001-02-27 | 2003-05-28 | 3Com Corp | Apparatus and method for processing data relating to events on a network |
US7788345B1 (en) | 2001-06-04 | 2010-08-31 | Cisco Technology, Inc. | Resource allocation and reclamation for on-demand address pools |
US7234168B2 (en) | 2001-06-13 | 2007-06-19 | Mcafee, Inc. | Hierarchy-based method and apparatus for detecting attacks on a computer system |
US20040187032A1 (en) * | 2001-08-07 | 2004-09-23 | Christoph Gels | Method, data carrier, computer system and computer progamme for the identification and defence of attacks in server of network service providers and operators |
US20030105973A1 (en) * | 2001-12-04 | 2003-06-05 | Trend Micro Incorporated | Virus epidemic outbreak command system and method using early warning monitors in a network environment |
US7062553B2 (en) * | 2001-12-04 | 2006-06-13 | Trend Micro, Inc. | Virus epidemic damage control system and method for network environment |
EP1330095B1 (en) * | 2002-01-18 | 2006-04-05 | Stonesoft Corporation | Monitoring of data flow for enhancing network security |
US7225343B1 (en) * | 2002-01-25 | 2007-05-29 | The Trustees Of Columbia University In The City Of New York | System and methods for adaptive model generation for detecting intrusions in computer systems |
US8209756B1 (en) | 2002-02-08 | 2012-06-26 | Juniper Networks, Inc. | Compound attack detection in a computer network |
US7734752B2 (en) | 2002-02-08 | 2010-06-08 | Juniper Networks, Inc. | Intelligent integrated network security device for high-availability applications |
US7650634B2 (en) | 2002-02-08 | 2010-01-19 | Juniper Networks, Inc. | Intelligent integrated network security device |
US8370936B2 (en) * | 2002-02-08 | 2013-02-05 | Juniper Networks, Inc. | Multi-method gateway-based network security systems and methods |
US20060015942A1 (en) | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US6941467B2 (en) * | 2002-03-08 | 2005-09-06 | Ciphertrust, Inc. | Systems and methods for adaptive message interrogation through multiple queues |
US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
CA2486519C (en) * | 2002-05-20 | 2015-01-27 | Airdefense, Inc. | System and method for making managing wireless network activity |
US7058796B2 (en) * | 2002-05-20 | 2006-06-06 | Airdefense, Inc. | Method and system for actively defending a wireless LAN against attacks |
US7042852B2 (en) * | 2002-05-20 | 2006-05-09 | Airdefense, Inc. | System and method for wireless LAN dynamic channel change with honeypot trap |
US7322044B2 (en) * | 2002-06-03 | 2008-01-22 | Airdefense, Inc. | Systems and methods for automated network policy exception detection and correction |
GB2391419A (en) | 2002-06-07 | 2004-02-04 | Hewlett Packard Co | Restricting the propagation of a virus within a network |
GB2401280B (en) | 2003-04-29 | 2006-02-08 | Hewlett Packard Development Co | Propagation of viruses through an information technology network |
GB2394382A (en) | 2002-10-19 | 2004-04-21 | Hewlett Packard Co | Monitoring the propagation of viruses through an Information Technology network |
TWI244297B (en) * | 2002-06-12 | 2005-11-21 | Thomson Licensing Sa | Apparatus and method adapted to communicate via a network |
US7420929B1 (en) | 2002-07-02 | 2008-09-02 | Juniper Networks, Inc. | Adaptive network flow analysis |
WO2004008700A2 (en) * | 2002-07-12 | 2004-01-22 | The Penn State Research Foundation | Real-time packet traceback and associated packet marking strategies |
US7752665B1 (en) * | 2002-07-12 | 2010-07-06 | TCS Commercial, Inc. | Detecting probes and scans over high-bandwidth, long-term, incomplete network traffic information using limited memory |
US7519990B1 (en) * | 2002-07-19 | 2009-04-14 | Fortinet, Inc. | Managing network traffic flow |
JP3996010B2 (en) | 2002-08-01 | 2007-10-24 | 株式会社日立製作所 | Storage network system, management apparatus, management method and program |
US7251215B1 (en) * | 2002-08-26 | 2007-07-31 | Juniper Networks, Inc. | Adaptive network router |
US7313100B1 (en) | 2002-08-26 | 2007-12-25 | Juniper Networks, Inc. | Network device having accounting service card |
JP3773194B2 (en) * | 2002-09-30 | 2006-05-10 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Communication monitoring system and method, information processing method and program |
WO2004034229A2 (en) | 2002-10-10 | 2004-04-22 | Rocksteady Networks, Inc. | System and method for providing access control |
US8479057B2 (en) * | 2002-11-04 | 2013-07-02 | Riverbed Technology, Inc. | Aggregator for connection based anomaly detection |
US8191136B2 (en) * | 2002-11-04 | 2012-05-29 | Riverbed Technology, Inc. | Connection based denial of service detection |
US8504879B2 (en) * | 2002-11-04 | 2013-08-06 | Riverbed Technology, Inc. | Connection based anomaly detection |
US7454499B2 (en) * | 2002-11-07 | 2008-11-18 | Tippingpoint Technologies, Inc. | Active network defense system and method |
US7359930B2 (en) * | 2002-11-21 | 2008-04-15 | Arbor Networks | System and method for managing computer networks |
US7500266B1 (en) * | 2002-12-03 | 2009-03-03 | Bbn Technologies Corp. | Systems and methods for detecting network intrusions |
US9503470B2 (en) | 2002-12-24 | 2016-11-22 | Fred Herz Patents, LLC | Distributed agent based model for security monitoring and response |
US8327442B2 (en) | 2002-12-24 | 2012-12-04 | Herz Frederick S M | System and method for a distributed application and network security system (SDI-SCAM) |
US20040193943A1 (en) * | 2003-02-13 | 2004-09-30 | Robert Angelino | Multiparameter network fault detection system using probabilistic and aggregation analysis |
US7895649B1 (en) | 2003-04-04 | 2011-02-22 | Raytheon Company | Dynamic rule generation for an enterprise intrusion detection system |
US7293238B1 (en) | 2003-04-04 | 2007-11-06 | Raytheon Company | Graphical user interface for an enterprise intrusion detection system |
US7356585B1 (en) * | 2003-04-04 | 2008-04-08 | Raytheon Company | Vertically extensible intrusion detection system and method |
US8027841B2 (en) * | 2003-04-09 | 2011-09-27 | Holloway J Michael | Centralized server obtaining security intelligence knowledge by analyzing VoIP bit-stream |
US7522908B2 (en) * | 2003-04-21 | 2009-04-21 | Airdefense, Inc. | Systems and methods for wireless network site survey |
US7324804B2 (en) * | 2003-04-21 | 2008-01-29 | Airdefense, Inc. | Systems and methods for dynamic sensor discovery and selection |
US7359676B2 (en) * | 2003-04-21 | 2008-04-15 | Airdefense, Inc. | Systems and methods for adaptively scanning for wireless communications |
GB2401281B (en) | 2003-04-29 | 2006-02-08 | Hewlett Packard Development Co | Propagation of viruses through an information technology network |
US7796515B2 (en) | 2003-04-29 | 2010-09-14 | Hewlett-Packard Development Company, L.P. | Propagation of viruses through an information technology network |
US7308716B2 (en) * | 2003-05-20 | 2007-12-11 | International Business Machines Corporation | Applying blocking measures progressively to malicious network traffic |
US7710867B1 (en) * | 2003-05-23 | 2010-05-04 | F5 Networks, Inc. | System and method for managing traffic to a probe |
EP1630862B1 (en) * | 2003-05-30 | 2016-01-13 | Ebara Corporation | Sample inspection device and method, and device manufacturing method using the sample inspection device and method |
ATE400016T1 (en) | 2003-08-11 | 2008-07-15 | Telecom Italia Spa | METHOD AND SYSTEM FOR DETECTING UNAUTHORIZED USE OF A COMMUNICATIONS NETWORK |
US7624438B2 (en) | 2003-08-20 | 2009-11-24 | Eric White | System and method for providing a secure connection between networked computers |
US7725936B2 (en) * | 2003-10-31 | 2010-05-25 | International Business Machines Corporation | Host-based network intrusion detection systems |
JP4516306B2 (en) | 2003-11-28 | 2010-08-04 | 株式会社日立製作所 | How to collect storage network performance information |
EP1545131B1 (en) * | 2003-12-19 | 2007-07-18 | STMicroelectronics Limited | Semiconductor circuit for restricting data access |
US9032095B1 (en) | 2004-01-06 | 2015-05-12 | Juniper Networks, Inc. | Routing device having multiple logical routers |
US7895448B1 (en) * | 2004-02-18 | 2011-02-22 | Symantec Corporation | Risk profiling |
US20050204022A1 (en) * | 2004-03-10 | 2005-09-15 | Keith Johnston | System and method for network management XML architectural abstraction |
US7590728B2 (en) | 2004-03-10 | 2009-09-15 | Eric White | System and method for detection of aberrant network behavior by clients of a network access gateway |
US8543710B2 (en) * | 2004-03-10 | 2013-09-24 | Rpx Corporation | Method and system for controlling network access |
US7665130B2 (en) | 2004-03-10 | 2010-02-16 | Eric White | System and method for double-capture/double-redirect to a different location |
US7509625B2 (en) | 2004-03-10 | 2009-03-24 | Eric White | System and method for comprehensive code generation for system management |
US7610621B2 (en) * | 2004-03-10 | 2009-10-27 | Eric White | System and method for behavior-based firewall modeling |
WO2005093576A1 (en) * | 2004-03-28 | 2005-10-06 | Robert Iakobashvili | Visualization of packet network performance, analysis and optimization for design |
US7966658B2 (en) * | 2004-04-08 | 2011-06-21 | The Regents Of The University Of California | Detecting public network attacks using signatures and fast content analysis |
US7673049B2 (en) * | 2004-04-19 | 2010-03-02 | Brian Dinello | Network security system |
CA2733172C (en) * | 2004-05-07 | 2011-10-25 | Sandvine Incorporated Ulc | A system and method for detecting sources of abnormal computer network messages |
US7225468B2 (en) * | 2004-05-07 | 2007-05-29 | Digital Security Networks, Llc | Methods and apparatus for computer network security using intrusion detection and prevention |
US8074277B2 (en) * | 2004-06-07 | 2011-12-06 | Check Point Software Technologies, Inc. | System and methodology for intrusion detection and prevention |
GB2415578B (en) * | 2004-06-23 | 2007-07-04 | Hewlett Packard Development Co | Restricting virus access to a network |
US7523504B2 (en) * | 2004-08-02 | 2009-04-21 | Netiq Corporation | Methods, systems and computer program products for evaluating security of a network environment |
US7546635B1 (en) | 2004-08-11 | 2009-06-09 | Juniper Networks, Inc. | Stateful firewall protection for control plane traffic within a network device |
US8176126B2 (en) | 2004-08-26 | 2012-05-08 | International Business Machines Corporation | System, method and program to limit rate of transferring messages from suspected spammers |
US7706273B2 (en) * | 2004-09-30 | 2010-04-27 | Riverbed Technology, Inc. | Port tracking on dynamically negotiated ports |
US20060101516A1 (en) * | 2004-10-12 | 2006-05-11 | Sushanthan Sudaharan | Honeynet farms as an early warning system for production networks |
US7835361B1 (en) * | 2004-10-13 | 2010-11-16 | Sonicwall, Inc. | Method and apparatus for identifying data patterns in a file |
US7600257B2 (en) * | 2004-10-13 | 2009-10-06 | Sonicwall, Inc. | Method and an apparatus to perform multiple packet payloads analysis |
US8196199B2 (en) * | 2004-10-19 | 2012-06-05 | Airdefense, Inc. | Personal wireless monitoring agent |
US8635690B2 (en) * | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US7607170B2 (en) | 2004-12-22 | 2009-10-20 | Radware Ltd. | Stateful attack protection |
US7577992B2 (en) * | 2005-01-14 | 2009-08-18 | Microsoft Corporation | Software security based on control flow integrity |
US7809826B1 (en) | 2005-01-27 | 2010-10-05 | Juniper Networks, Inc. | Remote aggregation of network traffic profiling data |
US7810151B1 (en) | 2005-01-27 | 2010-10-05 | Juniper Networks, Inc. | Automated change detection within a network environment |
US7769851B1 (en) | 2005-01-27 | 2010-08-03 | Juniper Networks, Inc. | Application-layer monitoring and profiling network traffic |
US7937755B1 (en) * | 2005-01-27 | 2011-05-03 | Juniper Networks, Inc. | Identification of network policy violations |
JP4170299B2 (en) * | 2005-01-31 | 2008-10-22 | 独立行政法人 宇宙航空研究開発機構 | Communication state transition monitoring method and communication state transition monitoring apparatus using the same |
US7797411B1 (en) | 2005-02-02 | 2010-09-14 | Juniper Networks, Inc. | Detection and prevention of encapsulated network attacks using an intermediate device |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
WO2006130840A2 (en) * | 2005-06-02 | 2006-12-07 | Georgia Tech Research Corporation | System and method for data streaming |
US7877803B2 (en) * | 2005-06-27 | 2011-01-25 | Hewlett-Packard Development Company, L.P. | Automated immune response for a computer |
US8572733B1 (en) | 2005-07-06 | 2013-10-29 | Raytheon Company | System and method for active data collection in a network security system |
US7746862B1 (en) | 2005-08-02 | 2010-06-29 | Juniper Networks, Inc. | Packet processing in a multiple processor system |
US7908655B1 (en) * | 2005-08-16 | 2011-03-15 | Sprint Communications Company L.P. | Connectionless port scan detection on a network |
US8224761B1 (en) | 2005-09-01 | 2012-07-17 | Raytheon Company | System and method for interactive correlation rule design in a network security system |
US7352280B1 (en) | 2005-09-01 | 2008-04-01 | Raytheon Company | System and method for intruder tracking using advanced correlation in a network security system |
US7950058B1 (en) | 2005-09-01 | 2011-05-24 | Raytheon Company | System and method for collaborative information security correlation in low bandwidth environments |
US8079083B1 (en) * | 2005-09-02 | 2011-12-13 | Symantec Corporation | Method and system for recording network traffic and predicting potential security events |
US7716340B2 (en) * | 2005-09-30 | 2010-05-11 | Lycos, Inc. | Restricting access to a shared resource |
US20070078589A1 (en) * | 2005-10-05 | 2007-04-05 | Antonio Magnaghi | Detecting anomalies internal to a network from traffic external to the network |
US20070076611A1 (en) * | 2005-10-05 | 2007-04-05 | Fujitsu Limited | Detecting anomalies from acceptable traffic affected by anomalous traffic |
US8566928B2 (en) | 2005-10-27 | 2013-10-22 | Georgia Tech Research Corporation | Method and system for detecting and responding to attacking networks |
US7653670B2 (en) * | 2005-11-28 | 2010-01-26 | Nec Laboratories America, Inc. | Storage-efficient and collision-free hash-based packet processing architecture and method |
US7849185B1 (en) | 2006-01-10 | 2010-12-07 | Raytheon Company | System and method for attacker attribution in a network security system |
US7715800B2 (en) | 2006-01-13 | 2010-05-11 | Airdefense, Inc. | Systems and methods for wireless intrusion detection using spectral analysis |
US7787390B1 (en) | 2006-01-30 | 2010-08-31 | Marvell International Ltd. | Custom automatic remote monitoring for network devices |
US9392009B2 (en) | 2006-03-02 | 2016-07-12 | International Business Machines Corporation | Operating a network monitoring entity |
US7971251B2 (en) * | 2006-03-17 | 2011-06-28 | Airdefense, Inc. | Systems and methods for wireless security using distributed collaboration of wireless clients |
US20070218874A1 (en) * | 2006-03-17 | 2007-09-20 | Airdefense, Inc. | Systems and Methods For Wireless Network Forensics |
US20090021343A1 (en) * | 2006-05-10 | 2009-01-22 | Airdefense, Inc. | RFID Intrusion Protection System and Methods |
WO2007133799A2 (en) * | 2006-05-15 | 2007-11-22 | Fair Isaac Corporation | Comprehensive online fraud detection system and method |
US7697418B2 (en) * | 2006-06-12 | 2010-04-13 | Alcatel Lucent | Method for estimating the fan-in and/or fan-out of a node |
US7970013B2 (en) | 2006-06-16 | 2011-06-28 | Airdefense, Inc. | Systems and methods for wireless network content filtering |
US7873833B2 (en) * | 2006-06-29 | 2011-01-18 | Cisco Technology, Inc. | Detection of frequent and dispersed invariants |
EP1879350A1 (en) * | 2006-07-10 | 2008-01-16 | Abb Research Ltd. | Distributed computer system with a local area network |
US20080034424A1 (en) * | 2006-07-20 | 2008-02-07 | Kevin Overcash | System and method of preventing web applications threats |
US7934253B2 (en) * | 2006-07-20 | 2011-04-26 | Trustwave Holdings, Inc. | System and method of securing web applications across an enterprise |
US20080047009A1 (en) * | 2006-07-20 | 2008-02-21 | Kevin Overcash | System and method of securing networks against applications threats |
US8281392B2 (en) * | 2006-08-11 | 2012-10-02 | Airdefense, Inc. | Methods and systems for wired equivalent privacy and Wi-Fi protected access protection |
AU2007351385B2 (en) * | 2006-11-14 | 2013-05-16 | Fmr Llc | Detecting and interdicting fraudulent activity on a network |
US8145560B2 (en) | 2006-11-14 | 2012-03-27 | Fmr Llc | Detecting fraudulent activity on a network |
US8180873B2 (en) | 2006-11-14 | 2012-05-15 | Fmr Llc | Detecting fraudulent activity |
US8811156B1 (en) | 2006-11-14 | 2014-08-19 | Raytheon Company | Compressing n-dimensional data |
US7856494B2 (en) | 2006-11-14 | 2010-12-21 | Fmr Llc | Detecting and interdicting fraudulent activity on a network |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US8391288B2 (en) * | 2007-01-31 | 2013-03-05 | Hewlett-Packard Development Company, L.P. | Security system for protecting networks from vulnerability exploits |
WO2008098260A1 (en) * | 2007-02-09 | 2008-08-14 | Smobile Systems, Inc. | Off-line mms malware scanning system and method |
US7885976B2 (en) * | 2007-02-23 | 2011-02-08 | International Business Machines Corporation | Identification, notification, and control of data access quantity and patterns |
US8863286B1 (en) | 2007-06-05 | 2014-10-14 | Sonicwall, Inc. | Notification for reassembly-free file scanning |
US7991723B1 (en) | 2007-07-16 | 2011-08-02 | Sonicwall, Inc. | Data pattern analysis using optimized deterministic finite automaton |
US8291495B1 (en) * | 2007-08-08 | 2012-10-16 | Juniper Networks, Inc. | Identifying applications for intrusion detection systems |
US20090070880A1 (en) * | 2007-09-11 | 2009-03-12 | Harris David E | Methods and apparatus for validating network alarms |
US20090100518A1 (en) * | 2007-09-21 | 2009-04-16 | Kevin Overcash | System and method for detecting security defects in applications |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US8112800B1 (en) | 2007-11-08 | 2012-02-07 | Juniper Networks, Inc. | Multi-layered application classification and decoding |
US8180886B2 (en) * | 2007-11-15 | 2012-05-15 | Trustwave Holdings, Inc. | Method and apparatus for detection of information transmission abnormalities |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US7792922B2 (en) * | 2008-03-05 | 2010-09-07 | Caterpillar Inc. | Systems and methods for managing health of a client system |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8339959B1 (en) | 2008-05-20 | 2012-12-25 | Juniper Networks, Inc. | Streamlined packet forwarding using dynamic filters for routing and security in a shared forwarding plane |
US20090327971A1 (en) * | 2008-06-26 | 2009-12-31 | Microsoft Corporation | Informational elements in threat models |
US8856926B2 (en) | 2008-06-27 | 2014-10-07 | Juniper Networks, Inc. | Dynamic policy provisioning within network security devices |
US10027688B2 (en) | 2008-08-11 | 2018-07-17 | Damballa, Inc. | Method and system for detecting malicious and/or botnet-related domain names |
US8726382B2 (en) * | 2008-08-20 | 2014-05-13 | The Boeing Company | Methods and systems for automated detection and tracking of network attacks |
US7903566B2 (en) * | 2008-08-20 | 2011-03-08 | The Boeing Company | Methods and systems for anomaly detection using internet protocol (IP) traffic conversation data |
US8813220B2 (en) | 2008-08-20 | 2014-08-19 | The Boeing Company | Methods and systems for internet protocol (IP) packet header collection and storage |
US8762515B2 (en) | 2008-08-20 | 2014-06-24 | The Boeing Company | Methods and systems for collection, tracking, and display of near real time multicast data |
US7995496B2 (en) * | 2008-08-20 | 2011-08-09 | The Boeing Company | Methods and systems for internet protocol (IP) traffic conversation detection and storage |
US8009559B1 (en) * | 2008-08-28 | 2011-08-30 | Juniper Networks, Inc. | Global flow tracking system |
US8793339B2 (en) * | 2008-08-29 | 2014-07-29 | Red Hat, Inc. | Facilitating client server interaction |
US8793398B2 (en) * | 2008-08-29 | 2014-07-29 | Red Hat, Inc. | Facilitating client server interaction |
US8154996B2 (en) * | 2008-09-11 | 2012-04-10 | Juniper Networks, Inc. | Methods and apparatus for flow control associated with multi-staged queues |
US8213308B2 (en) | 2008-09-11 | 2012-07-03 | Juniper Networks, Inc. | Methods and apparatus for defining a flow control signal related to a transmit queue |
US8325749B2 (en) | 2008-12-24 | 2012-12-04 | Juniper Networks, Inc. | Methods and apparatus for transmission of groups of cells via a switch fabric |
US8955107B2 (en) * | 2008-09-12 | 2015-02-10 | Juniper Networks, Inc. | Hierarchical application of security services within a computer network |
US20110238587A1 (en) * | 2008-09-23 | 2011-09-29 | Savvis, Inc. | Policy management system and method |
US8220056B2 (en) * | 2008-09-23 | 2012-07-10 | Savvis, Inc. | Threat management system and method |
US8813221B1 (en) | 2008-09-25 | 2014-08-19 | Sonicwall, Inc. | Reassembly-free deep packet inspection on multi-core hardware |
US7855967B1 (en) * | 2008-09-26 | 2010-12-21 | Tellabs San Jose, Inc. | Method and apparatus for providing line rate netflow statistics gathering |
US8607347B2 (en) * | 2008-09-29 | 2013-12-10 | Sophos Limited | Network stream scanning facility |
US8572717B2 (en) | 2008-10-09 | 2013-10-29 | Juniper Networks, Inc. | Dynamic access control policy with port restrictions for a network security appliance |
US8254255B2 (en) | 2008-12-29 | 2012-08-28 | Juniper Networks, Inc. | Flow-control in a switch fabric |
EP2392103B1 (en) | 2009-02-02 | 2017-03-22 | Level 3 Communications, LLC | Analysis of network traffic |
US8531978B2 (en) | 2009-02-02 | 2013-09-10 | Level 3 Communications, Llc | Network cost analysis |
US9398043B1 (en) | 2009-03-24 | 2016-07-19 | Juniper Networks, Inc. | Applying fine-grain policy action to encapsulated network attacks |
NL2002694C2 (en) * | 2009-04-01 | 2010-10-04 | Univ Twente | Method and system for alert classification in a computer network. |
US20100293618A1 (en) * | 2009-05-12 | 2010-11-18 | Microsoft Corporation | Runtime analysis of software privacy issues |
US20110131652A1 (en) * | 2009-05-29 | 2011-06-02 | Autotrader.Com, Inc. | Trained predictive services to interdict undesired website accesses |
US9769149B1 (en) | 2009-07-02 | 2017-09-19 | Sonicwall Inc. | Proxy-less secure sockets layer (SSL) data inspection |
US20110023088A1 (en) * | 2009-07-23 | 2011-01-27 | Electronics And Telecommunications Research Institute | Flow-based dynamic access control system and method |
US8369345B1 (en) | 2009-11-13 | 2013-02-05 | Juniper Networks, Inc. | Multi-router system having shared network interfaces |
US9264321B2 (en) | 2009-12-23 | 2016-02-16 | Juniper Networks, Inc. | Methods and apparatus for tracking data flow based on flow state values |
US8949987B2 (en) * | 2010-01-06 | 2015-02-03 | Alcatel Lucent | Computer security process monitor |
US8578497B2 (en) | 2010-01-06 | 2013-11-05 | Damballa, Inc. | Method and system for detecting malware |
US8826438B2 (en) | 2010-01-19 | 2014-09-02 | Damballa, Inc. | Method and system for network-based detecting of malware from behavioral clustering |
US9602439B2 (en) | 2010-04-30 | 2017-03-21 | Juniper Networks, Inc. | Methods and apparatus for flow control associated with a switch fabric |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US10187353B2 (en) * | 2010-06-02 | 2019-01-22 | Symantec Corporation | Behavioral classification of network data flows |
US9065773B2 (en) | 2010-06-22 | 2015-06-23 | Juniper Networks, Inc. | Methods and apparatus for virtual channel flow control associated with a switch fabric |
US8553710B1 (en) | 2010-08-18 | 2013-10-08 | Juniper Networks, Inc. | Fibre channel credit-based link flow control overlay onto fibre channel over ethernet |
US8509071B1 (en) | 2010-10-06 | 2013-08-13 | Juniper Networks, Inc. | Multi-dimensional traffic management |
US9660940B2 (en) | 2010-12-01 | 2017-05-23 | Juniper Networks, Inc. | Methods and apparatus for flow control associated with a switch fabric |
US9032089B2 (en) | 2011-03-09 | 2015-05-12 | Juniper Networks, Inc. | Methods and apparatus for path selection within a network based on flow duration |
CN102761517B (en) * | 2011-04-25 | 2015-06-24 | 工业和信息化部电信传输研究所 | Content reduction method for high-speed network |
KR20130030086A (en) * | 2011-09-16 | 2013-03-26 | 한국전자통신연구원 | Method and apparatus for defending distributed denial of service attack through abnomal terminated session |
US8811183B1 (en) | 2011-10-04 | 2014-08-19 | Juniper Networks, Inc. | Methods and apparatus for multi-path flow control within a multi-stage switch fabric |
US9251535B1 (en) | 2012-01-05 | 2016-02-02 | Juniper Networks, Inc. | Offload of data transfer statistics from a mobile access gateway |
US8976661B2 (en) * | 2012-01-11 | 2015-03-10 | Nec Laboratories America, Inc. | Network self-protection |
US9922190B2 (en) | 2012-01-25 | 2018-03-20 | Damballa, Inc. | Method and system for detecting DGA-based malware |
US10432587B2 (en) | 2012-02-21 | 2019-10-01 | Aventail Llc | VPN deep packet inspection |
RU2475836C1 (en) * | 2012-03-12 | 2013-02-20 | Федеральное государственное военное образовательное учреждение высшего профессионального образования "Военная академия связи имени маршала Советского Союза С.М. Буденного" Министерства обороны Российской Федерации | Method for protection of computer networks |
US10169575B1 (en) * | 2012-03-14 | 2019-01-01 | Symantec Corporation | Systems and methods for preventing internal network attacks |
US9038180B2 (en) | 2012-03-22 | 2015-05-19 | Los Alamos National Security, Llc | Using new edges for anomaly detection in computer networks |
US8995271B2 (en) * | 2012-04-30 | 2015-03-31 | Hewlett-Packard Development Company, L.P. | Communications flow analysis |
US9154461B2 (en) | 2012-05-16 | 2015-10-06 | The Keyw Corporation | Packet capture deep packet inspection sensor |
FI20125761A (en) * | 2012-06-29 | 2013-12-30 | Tellabs Oy | Method and apparatus for detecting sources of data frame storms |
US9686169B2 (en) | 2012-07-02 | 2017-06-20 | Ixia | Real-time highly accurate network latency measurement with low generated traffic or data requirements |
US9392003B2 (en) | 2012-08-23 | 2016-07-12 | Raytheon Foreground Security, Inc. | Internet security cyber threat reporting system and method |
US10547674B2 (en) | 2012-08-27 | 2020-01-28 | Help/Systems, Llc | Methods and systems for network flow analysis |
US9894088B2 (en) | 2012-08-31 | 2018-02-13 | Damballa, Inc. | Data mining to identify malicious activity |
US10084806B2 (en) | 2012-08-31 | 2018-09-25 | Damballa, Inc. | Traffic simulation to identify malicious activity |
US9137205B2 (en) | 2012-10-22 | 2015-09-15 | Centripetal Networks, Inc. | Methods and systems for protecting a secured network |
US9565213B2 (en) | 2012-10-22 | 2017-02-07 | Centripetal Networks, Inc. | Methods and systems for protecting a secured network |
US8943600B2 (en) * | 2012-10-26 | 2015-01-27 | International Business Machines Corporation | Weighted security analysis |
US9203806B2 (en) | 2013-01-11 | 2015-12-01 | Centripetal Networks, Inc. | Rule swapping in a packet network |
US9124552B2 (en) | 2013-03-12 | 2015-09-01 | Centripetal Networks, Inc. | Filtering network data transfers |
US9094445B2 (en) | 2013-03-15 | 2015-07-28 | Centripetal Networks, Inc. | Protecting networks from cyber attacks and overloading |
US9571511B2 (en) | 2013-06-14 | 2017-02-14 | Damballa, Inc. | Systems and methods for traffic classification |
DE102013216847B4 (en) * | 2013-08-23 | 2023-06-01 | Siemens Mobility GmbH | Method, device and system for monitoring a security gateway unit |
US9288221B2 (en) | 2014-01-14 | 2016-03-15 | Pfu Limited | Information processing apparatus, method for determining unauthorized activity and computer-readable medium |
CN103780610A (en) * | 2014-01-16 | 2014-05-07 | 绵阳师范学院 | Network data recovery method based on protocol characteristics |
CA2938318C (en) * | 2014-01-30 | 2023-10-03 | Nasdaq, Inc. | Systems and methods for continuous active data security |
US9565114B1 (en) * | 2014-03-08 | 2017-02-07 | Google Inc. | Weighted load balancing using scaled parallel hashing |
KR101761737B1 (en) * | 2014-05-20 | 2017-07-26 | 한국전자통신연구원 | System and Method for Detecting Abnormal Behavior of Control System |
US9264370B1 (en) | 2015-02-10 | 2016-02-16 | Centripetal Networks, Inc. | Correlating packets in communications networks |
US9930065B2 (en) | 2015-03-25 | 2018-03-27 | University Of Georgia Research Foundation, Inc. | Measuring, categorizing, and/or mitigating malware distribution paths |
RO131470A2 (en) | 2015-04-10 | 2016-10-28 | Ixia, A California Corporation | Methods, systems and computer-readable media for one-way link delay measurement |
US10019333B2 (en) | 2015-04-16 | 2018-07-10 | Keysight Technologies Singapore (Holdings) Pte. Ltd. | Methods, systems, and computer readable media for emulating network devices with different clocks |
US9736804B2 (en) | 2015-04-16 | 2017-08-15 | Ixia | Methods, systems, and computer readable media for synchronizing timing among network interface cards (NICS) in a network equipment test device |
US9866576B2 (en) | 2015-04-17 | 2018-01-09 | Centripetal Networks, Inc. | Rule-based network-threat detection |
RO131471A2 (en) | 2015-04-21 | 2016-10-28 | Ixia, A California Corporation | Methods, systems and computer-readable media for testing quality of recovered clock |
US10536357B2 (en) | 2015-06-05 | 2020-01-14 | Cisco Technology, Inc. | Late data detection in data center |
US10142353B2 (en) | 2015-06-05 | 2018-11-27 | Cisco Technology, Inc. | System for monitoring and managing datacenters |
US9917753B2 (en) | 2015-06-12 | 2018-03-13 | Level 3 Communications, Llc | Network operational flaw detection using metrics |
US9813226B2 (en) | 2015-08-05 | 2017-11-07 | Ixia | Modeling a clock |
US9800595B2 (en) * | 2015-09-21 | 2017-10-24 | Ixia | Methods, systems, and computer readable media for detecting physical link intrusions |
US9917856B2 (en) | 2015-12-23 | 2018-03-13 | Centripetal Networks, Inc. | Rule-based network-threat detection for encrypted communications |
US10075416B2 (en) | 2015-12-30 | 2018-09-11 | Juniper Networks, Inc. | Network session data sharing |
US11729144B2 (en) | 2016-01-04 | 2023-08-15 | Centripetal Networks, Llc | Efficient packet capture for cyber threat analysis |
US10430442B2 (en) * | 2016-03-09 | 2019-10-01 | Symantec Corporation | Systems and methods for automated classification of application network activity |
RU2634211C1 (en) | 2016-07-06 | 2017-10-24 | Общество с ограниченной ответственностью "Траст" | Method and system of protocols analysis of harmful programs interaction with control centers and detection of computer attacks |
RU2649793C2 (en) | 2016-08-03 | 2018-04-04 | ООО "Группа АйБи" | Method and system of detecting remote connection when working on web resource pages |
US10263835B2 (en) * | 2016-08-12 | 2019-04-16 | Microsoft Technology Licensing, Llc | Localizing network faults through differential analysis of TCP telemetry |
RU2634209C1 (en) | 2016-09-19 | 2017-10-24 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | System and method of autogeneration of decision rules for intrusion detection systems with feedback |
US10666675B1 (en) | 2016-09-27 | 2020-05-26 | Ca, Inc. | Systems and methods for creating automatic computer-generated classifications |
RU2671991C2 (en) | 2016-12-29 | 2018-11-08 | Общество с ограниченной ответственностью "Траст" | System and method for collecting information for detecting phishing |
RU2637477C1 (en) | 2016-12-29 | 2017-12-04 | Общество с ограниченной ответственностью "Траст" | System and method for detecting phishing web pages |
CN108322354B (en) * | 2017-01-18 | 2020-10-23 | 中国移动通信集团河南有限公司 | Method and device for identifying running-stealing flow account |
US10230690B2 (en) * | 2017-03-23 | 2019-03-12 | International Business Machines Corporation | Digital media content distribution blocking |
US10609054B2 (en) | 2017-04-07 | 2020-03-31 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for monitoring, adjusting, and utilizing latency associated with accessing distributed computing resources |
US10425321B2 (en) | 2017-04-25 | 2019-09-24 | Keysight Technologies Singapore (Sales) Pte. Ltd. | Methods, systems, and computer readable media for testing time sensitive network (TSN) elements |
US10503899B2 (en) | 2017-07-10 | 2019-12-10 | Centripetal Networks, Inc. | Cyberanalysis workflow acceleration |
US11233777B2 (en) | 2017-07-24 | 2022-01-25 | Centripetal Networks, Inc. | Efficient SSL/TLS proxy |
US10284526B2 (en) | 2017-07-24 | 2019-05-07 | Centripetal Networks, Inc. | Efficient SSL/TLS proxy |
US10855705B2 (en) | 2017-09-29 | 2020-12-01 | Cisco Technology, Inc. | Enhanced flow-based computer network threat detection |
RU2689816C2 (en) | 2017-11-21 | 2019-05-29 | ООО "Группа АйБи" | Method for classifying sequence of user actions (embodiments) |
RU2680736C1 (en) | 2018-01-17 | 2019-02-26 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | Malware files in network traffic detection server and method |
RU2668710C1 (en) | 2018-01-17 | 2018-10-02 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | Computing device and method for detecting malicious domain names in network traffic |
RU2677361C1 (en) | 2018-01-17 | 2019-01-16 | Общество с ограниченной ответственностью "Траст" | Method and system of decentralized identification of malware programs |
RU2677368C1 (en) | 2018-01-17 | 2019-01-16 | Общество С Ограниченной Ответственностью "Группа Айби" | Method and system for automatic determination of fuzzy duplicates of video content |
RU2676247C1 (en) | 2018-01-17 | 2018-12-26 | Общество С Ограниченной Ответственностью "Группа Айби" | Web resources clustering method and computer device |
RU2681699C1 (en) | 2018-02-13 | 2019-03-12 | Общество с ограниченной ответственностью "Траст" | Method and server for searching related network resources |
US10333898B1 (en) | 2018-07-09 | 2019-06-25 | Centripetal Networks, Inc. | Methods and systems for efficient network protection |
WO2020087039A1 (en) * | 2018-10-26 | 2020-04-30 | Netography, Inc. | Distributed network and security operations platform |
RU2708508C1 (en) | 2018-12-17 | 2019-12-09 | Общество с ограниченной ответственностью "Траст" | Method and a computing device for detecting suspicious users in messaging systems |
RU2701040C1 (en) | 2018-12-28 | 2019-09-24 | Общество с ограниченной ответственностью "Траст" | Method and a computer for informing on malicious web resources |
US10965392B2 (en) | 2019-01-25 | 2021-03-30 | Keysight Technologies, Inc. | Active network tap supporting time sensitive network (TSN) standards |
US11563768B2 (en) | 2019-01-31 | 2023-01-24 | Keysight Technologies, Inc. | Methods, systems, and computer readable media for detecting and mitigating effects of timing attacks in time sensitive networks |
SG11202101624WA (en) | 2019-02-27 | 2021-03-30 | Group Ib Ltd | Method and system for user identification by keystroke dynamics |
US11381459B2 (en) * | 2019-08-05 | 2022-07-05 | Sk Planet Co., Ltd. | Service providing system and method for preventing hidden camera, service providing apparatus therefor, and non-transitory computer readable medium having computer program recorded thereon |
US11546354B2 (en) * | 2019-11-26 | 2023-01-03 | Kyndryl, Inc. | Network shutdown for cyber security |
RU2728498C1 (en) | 2019-12-05 | 2020-07-29 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | Method and system for determining software belonging by its source code |
RU2728497C1 (en) | 2019-12-05 | 2020-07-29 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | Method and system for determining belonging of software by its machine code |
RU2743974C1 (en) | 2019-12-19 | 2021-03-01 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | System and method for scanning security of elements of network architecture |
SG10202001963TA (en) | 2020-03-04 | 2021-10-28 | Group Ib Global Private Ltd | System and method for brand protection based on the search results |
FR3111442B1 (en) * | 2020-06-10 | 2023-07-28 | Serenicity | System for analyzing the IT risk of a set of peripherals connected to a network |
US11475090B2 (en) | 2020-07-15 | 2022-10-18 | Group-Ib Global Private Limited | Method and system for identifying clusters of affiliated web resources |
RU2743619C1 (en) | 2020-08-06 | 2021-02-20 | Общество с ограниченной ответственностью "Группа АйБи ТДС" | Method and system for generating the list of compromise indicators |
US11316823B2 (en) | 2020-08-27 | 2022-04-26 | Centripetal Networks, Inc. | Methods and systems for efficient virtualization of inline transparent computer networking devices |
US11362996B2 (en) | 2020-10-27 | 2022-06-14 | Centripetal Networks, Inc. | Methods and systems for efficient adaptive logging of cyber threat incidents |
CN112929362B (en) * | 2021-02-04 | 2023-01-20 | 广东电网有限责任公司广州供电局 | Probe device, front-end message processing method and wireless communication management system |
US11947572B2 (en) | 2021-03-29 | 2024-04-02 | Group IB TDS, Ltd | Method and system for clustering executable files |
US11159546B1 (en) | 2021-04-20 | 2021-10-26 | Centripetal Networks, Inc. | Methods and systems for efficient threat context-aware packet filtering for network protection |
CN115103000B (en) * | 2022-06-20 | 2023-09-26 | 北京鼎兴达信息科技股份有限公司 | Method for restoring and analyzing business session of railway data network based on NetStream |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000034847A1 (en) * | 1998-12-08 | 2000-06-15 | Visa International Service Association | Computer network intrusion detection |
WO2001031420A2 (en) * | 1999-10-25 | 2001-05-03 | Visa International Service Association | Features generation for use in computer network intrusion detection |
US6321338B1 (en) * | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
Family Cites Families (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5437244A (en) * | 1991-09-16 | 1995-08-01 | Agri-Engineering, Inc. | Ball float for a watering tank |
US5557686A (en) * | 1993-01-13 | 1996-09-17 | University Of Alabama | Method and apparatus for verification of a computer user's identification, based on keystroke characteristics |
FR2706652B1 (en) | 1993-06-09 | 1995-08-18 | Alsthom Cge Alcatel | Device for detecting intrusions and suspicious users for a computer system and security system comprising such a device. |
US5557742A (en) | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
US5825750A (en) * | 1996-03-29 | 1998-10-20 | Motorola | Method and apparatus for maintaining security in a packetized data communications network |
US5970227A (en) | 1996-04-30 | 1999-10-19 | International Business Machines Corp. | Wireless proximity detector security feature |
US6119236A (en) * | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
US6453345B2 (en) * | 1996-11-06 | 2002-09-17 | Datadirect Networks, Inc. | Network security and surveillance system |
US5991881A (en) | 1996-11-08 | 1999-11-23 | Harris Corporation | Network surveillance system |
US5796942A (en) * | 1996-11-21 | 1998-08-18 | Computer Associates International, Inc. | Method and apparatus for automated network-wide surveillance and security breach intervention |
US6578077B1 (en) * | 1997-05-27 | 2003-06-10 | Novell, Inc. | Traffic monitoring tool for bandwidth management |
US6182226B1 (en) | 1998-03-18 | 2001-01-30 | Secure Computing Corporation | System and method for controlling interactions between networks |
US6275942B1 (en) | 1998-05-20 | 2001-08-14 | Network Associates, Inc. | System, method and computer program product for automatic response to computer system misuse using active response modules |
FR2790348B1 (en) * | 1999-02-26 | 2001-05-25 | Thierry Grenot | SYSTEM AND METHOD FOR MEASURING HANDOVER TIMES AND LOSS RATES IN HIGH-SPEED TELECOMMUNICATIONS NETWORKS |
US6628654B1 (en) * | 1999-07-01 | 2003-09-30 | Cisco Technology, Inc. | Dispatching packets from a forwarding agent using tag switching |
US6363489B1 (en) * | 1999-11-29 | 2002-03-26 | Forescout Technologies Inc. | Method for automatic intrusion detection and deflection in a network |
US20020133586A1 (en) * | 2001-01-16 | 2002-09-19 | Carter Shanklin | Method and device for monitoring data traffic and preventing unauthorized access to a network |
US20020104017A1 (en) * | 2001-01-30 | 2002-08-01 | Rares Stefan | Firewall system for protecting network elements connected to a public network |
US20040187032A1 (en) * | 2001-08-07 | 2004-09-23 | Christoph Gels | Method, data carrier, computer system and computer progamme for the identification and defence of attacks in server of network service providers and operators |
US7565678B2 (en) * | 2001-12-28 | 2009-07-21 | At&T Intellectual Property, I, L.P. | Methods and devices for discouraging unauthorized modifications to set top boxes and to gateways |
-
2001
- 2001-11-30 WO PCT/US2001/045275 patent/WO2002045380A2/en active IP Right Grant
- 2001-11-30 CA CA2430571A patent/CA2430571C/en not_active Expired - Lifetime
- 2001-11-30 EP EP01990779A patent/EP1338130B1/en not_active Expired - Lifetime
- 2001-11-30 US US10/000,396 patent/US7185368B2/en active Active
- 2001-11-30 DE DE60124295T patent/DE60124295T8/en active Active
- 2001-11-30 AU AU2002230541A patent/AU2002230541B2/en not_active Expired
- 2001-11-30 AU AU3054102A patent/AU3054102A/en active Pending
- 2001-11-30 AT AT01990779T patent/ATE344573T1/en not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6321338B1 (en) * | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
WO2000034847A1 (en) * | 1998-12-08 | 2000-06-15 | Visa International Service Association | Computer network intrusion detection |
WO2001031420A2 (en) * | 1999-10-25 | 2001-05-03 | Visa International Service Association | Features generation for use in computer network intrusion detection |
Non-Patent Citations (2)
Title |
---|
DEBAR H ET AL: "Towards a taxonomy of intrusion-detection systems", COMPUTER NETWORKS, ELSEVIER SCIENCE PUBLISHERS B.V., AMSTERDAM, NL, vol. 31, no. 8, 23 April 1999 (1999-04-23), pages 805 - 822, XP004304519, ISSN: 1389-1286 * |
KATO N ET AL: "A REAL-TIME INTRUSION DETECTION SYSTEM (IDS) FOR LARGE SCALE NETWORKS AND ITS EVALUATIONS", IEICE TRANSACTIONS ON COMMUNICATIONS, INSTITUTE OF ELECTRONICS INFORMATION AND COMM. ENG. TOKYO, JP, vol. E82-B, no. 11, November 1999 (1999-11-01), pages 1817 - 1825, XP001063764, ISSN: 0916-8516 * |
Also Published As
Publication number | Publication date |
---|---|
WO2002045380A9 (en) | 2002-09-19 |
CA2430571C (en) | 2011-07-12 |
ATE344573T1 (en) | 2006-11-15 |
EP1338130B1 (en) | 2006-11-02 |
DE60124295T8 (en) | 2007-12-06 |
WO2002045380A2 (en) | 2002-06-06 |
DE60124295T2 (en) | 2007-05-31 |
AU3054102A (en) | 2002-06-11 |
CA2430571A1 (en) | 2002-06-06 |
EP1338130A2 (en) | 2003-08-27 |
DE60124295D1 (en) | 2006-12-14 |
US7185368B2 (en) | 2007-02-27 |
US20030105976A1 (en) | 2003-06-05 |
AU2002230541B2 (en) | 2007-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2002045380A3 (en) | Flow-based detection of network intrusions | |
WO2006127012A3 (en) | Packet sampling flow-based detection of network intrusions | |
KR101424490B1 (en) | Reverse access detecting system and method based on latency | |
Bhuyan et al. | An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection | |
CN111277587A (en) | Malicious encrypted traffic detection method and system based on behavior analysis | |
CN100435513C (en) | Method of linking network equipment and invading detection system | |
US10701076B2 (en) | Network management device at network edge for INS intrusion detection based on adjustable blacklisted sources | |
US20060137009A1 (en) | Stateful attack protection | |
WO2003067847A3 (en) | Integrated network intrusion detection | |
CN102271068A (en) | Method for detecting DOS/DDOS (denial of service/distributed denial of service) attack | |
Alenezi et al. | Methodologies for detecting DoS/DDoS attacks against network servers | |
CN110933111B (en) | DDoS attack identification method and device based on DPI | |
EP1542406B1 (en) | Mechanism for detection of attacks based on impersonation in a wireless network | |
CN108616488B (en) | Attack defense method and defense equipment | |
CN105187437A (en) | Centralized detection system of SDN denial of service attack | |
Haggerty et al. | DiDDeM: a system for early detection of TCP SYN flood attacks | |
KR20200109875A (en) | Harmful ip determining method | |
CN101453363A (en) | Network intrusion detection system | |
CN110198298A (en) | A kind of information processing method, device and storage medium | |
KR20120000942A (en) | Bot-infected host detection apparatus and method based on blacklist access statistics | |
CN106817268B (en) | DDOS attack detection method and system | |
Hashim et al. | Detection of DoS and DDoS attacks in NGMN using frequency domain analysis | |
CN115987531A (en) | Intranet safety protection system and method based on dynamic deception parallel network | |
Ji et al. | Botnet detection and response architecture for offering secure internet services | |
Sable et al. | A Review-Botnet Detection and Suppression in Clouds |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
AK | Designated states |
Kind code of ref document: C2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: C2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
COP | Corrected version of pamphlet |
Free format text: PAGES 36 AND 37, CLAIMS, REPLACED BY NEW PAGES 36 AND 37 |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2001990779 Country of ref document: EP Ref document number: 2430571 Country of ref document: CA Ref document number: 2002230541 Country of ref document: AU |
|
WWP | Wipo information: published in national office |
Ref document number: 2001990779 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: JP |
|
WWG | Wipo information: grant in national office |
Ref document number: 2001990779 Country of ref document: EP |