Distributed threat management

No: 7373666
Numero de solicitud: 10185008
Fecha archivado: 2002-07-01
Fecha emision: 2008-05-13
Tipo: B2
Demandas: 51
Hojas de dibujos: 11
Resumen: A method and system are provided for managing a security threat in a distributed system. A distributed element of the system detects and reports suspicious activity to a threat management agent. The threat management agent determines whether an attack is taking place and deploys a countermeasure to the attack when the attack is determined to be taking place. Another method and system are also provided for managing a security threat in a distributed system. A threat management agent reviews reported suspicious activity including suspicious activity reported from at least one distributed element of the system, determines, based on the reports, whether a pattern characteristic of an attack occurred, and predicts when a next attack is likely to occur. Deployment of a countermeasure to the predicted next attack is directed in a time window based on when the next attack is predicted to occur.
Inventores:
	Kaler Christopher G. (16)
	Della-Libera Giovanni Moises (1)
	Shewchuk John P. (13)
Examinador principal: Sheikh Ayaz
Ayundate de examinador: Chai Longbit
Agentes:
	Birch, Stewart, Kolasch & Birch, LLP} (ORG) (8440)
Cesionarios:
	Microsoft Corporation} (ORG) (5673)
Campo de busqueda:

Otras referencias:
	Box, Don. “A Brief History of SOAP” (Apr. 4, 2001) xml.com : http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html.
	Barrus et al.; “A Distributed Autonomous-Agent Network-Intrusion Detection and Response System”. (Jun. 1998) NEC Research Index, Proceedings of the 1998 Command and Control Research and Technology Symposium.
	P.A. Porras, P.G. Neumann. “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Distrubances” (1997) Proc. 20th NIST-NCSC National Information Systems Security Conference.
	E.A. Fisch “Intrusion Damage Control and Assessment: A Taxonomy and Implementation fo Automated Responses to Intrusive Behavior” (May 1996) PhD Thesis, Texas A&M University. Chapters I-III.
	The Honeynet Project “Know Your Enemy: Statistics” (Jul. 22, 2001). Avaliable online at http://www.chguy.net/news/jul01/attack-stats.html.
	J. Yuill, S.F. Wu, F. Gong, M. Huang. “Intrusion Detection for an On-Going Attack” (1999) Recent Advances in Intrusion Detection.
Referencias:
	6324656
	6408391

Distributed threat management

No:

Numero de solicitud:

Fecha archivado:

Fecha emision:

Tipo:

Demandas:

Hojas de dibujos:

Resumen:

Inventores:

Kaler Christopher G. (16)

Della-Libera Giovanni Moises (1)

Shewchuk John P. (13)

Examinador principal:

Ayundate de examinador:

Agentes:

Birch, Stewart, Kolasch & Birch, LLP} (ORG) (8440)

Cesionarios:

Microsoft Corporation} (ORG) (5673)

Campo de busqueda:

Otras referencias:

Box, Don. “A Brief History of SOAP” (Apr. 4, 2001) xml.com : http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html.

Barrus et al.; “A Distributed Autonomous-Agent Network-Intrusion Detection and Response System”. (Jun. 1998) NEC Research Index, Proceedings of the 1998 Command and Control Research and Technology Symposium.

P.A. Porras, P.G. Neumann. “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Distrubances” (1997) Proc. 20th NIST-NCSC National Information Systems Security Conference.

E.A. Fisch “Intrusion Damage Control and Assessment: A Taxonomy and Implementation fo Automated Responses to Intrusive Behavior” (May 1996) PhD Thesis, Texas A&M University. Chapters I-III.

The Honeynet Project “Know Your Enemy: Statistics” (Jul. 22, 2001). Avaliable online at http://www.chguy.net/news/jul01/attack-stats.html.

J. Yuill, S.F. Wu, F. Gong, M. Huang. “Intrusion Detection for an On-Going Attack” (1999) Recent Advances in Intrusion Detection.

Referencias:

6324656

6408391