ATE341024T1 - Verfahren, vorrichtung und computersoftware- produkt zur reaktion auf computereinbrüche - Google Patents
Verfahren, vorrichtung und computersoftware- produkt zur reaktion auf computereinbrücheInfo
- Publication number
- ATE341024T1 ATE341024T1 AT03778561T AT03778561T ATE341024T1 AT E341024 T1 ATE341024 T1 AT E341024T1 AT 03778561 T AT03778561 T AT 03778561T AT 03778561 T AT03778561 T AT 03778561T AT E341024 T1 ATE341024 T1 AT E341024T1
- Authority
- AT
- Austria
- Prior art keywords
- intrusion
- pattern
- computer
- responding
- software product
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/313,732 US7941854B2 (en) | 2002-12-05 | 2002-12-05 | Method and system for responding to a computer intrusion |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ATE341024T1 true ATE341024T1 (de) | 2006-10-15 |
Family
ID=32468329
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AT03778561T ATE341024T1 (de) | 2002-12-05 | 2003-11-28 | Verfahren, vorrichtung und computersoftware- produkt zur reaktion auf computereinbrüche |
Country Status (10)
| Country | Link |
|---|---|
| US (1) | US7941854B2 (de) |
| EP (1) | EP1567926B1 (de) |
| JP (1) | JP4283228B2 (de) |
| KR (1) | KR100734732B1 (de) |
| CN (1) | CN100518174C (de) |
| AT (1) | ATE341024T1 (de) |
| AU (1) | AU2003285563A1 (de) |
| DE (1) | DE60308722T2 (de) |
| TW (1) | TWI234707B (de) |
| WO (1) | WO2004051441A2 (de) |
Families Citing this family (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7941854B2 (en) | 2002-12-05 | 2011-05-10 | International Business Machines Corporation | Method and system for responding to a computer intrusion |
| US7483972B2 (en) * | 2003-01-08 | 2009-01-27 | Cisco Technology, Inc. | Network security monitoring system |
| US8201249B2 (en) * | 2003-05-14 | 2012-06-12 | Northrop Grumman Systems Corporation | Steady state computer intrusion and misuse detection |
| US6985920B2 (en) * | 2003-06-23 | 2006-01-10 | Protego Networks Inc. | Method and system for determining intra-session event correlation across network address translation devices |
| US20070113272A2 (en) | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Real-time vulnerability monitoring |
| US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
| US9100431B2 (en) | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
| US7644365B2 (en) * | 2003-09-12 | 2010-01-05 | Cisco Technology, Inc. | Method and system for displaying network security incidents |
| US8347375B2 (en) * | 2003-10-03 | 2013-01-01 | Enterasys Networks, Inc. | System and method for dynamic distribution of intrusion signatures |
| US20050076236A1 (en) * | 2003-10-03 | 2005-04-07 | Bryan Stephenson | Method and system for responding to network intrusions |
| US8839417B1 (en) | 2003-11-17 | 2014-09-16 | Mcafee, Inc. | Device, system and method for defending a computer network |
| US20050198530A1 (en) * | 2003-12-12 | 2005-09-08 | Chess David M. | Methods and apparatus for adaptive server reprovisioning under security assault |
| US7225468B2 (en) * | 2004-05-07 | 2007-05-29 | Digital Security Networks, Llc | Methods and apparatus for computer network security using intrusion detection and prevention |
| US8850565B2 (en) * | 2005-01-10 | 2014-09-30 | Hewlett-Packard Development Company, L.P. | System and method for coordinating network incident response activities |
| US7882262B2 (en) | 2005-08-18 | 2011-02-01 | Cisco Technology, Inc. | Method and system for inline top N query computation |
| US20070195776A1 (en) * | 2006-02-23 | 2007-08-23 | Zheng Danyang R | System and method for channeling network traffic |
| US8233388B2 (en) | 2006-05-30 | 2012-07-31 | Cisco Technology, Inc. | System and method for controlling and tracking network content flow |
| US20080127343A1 (en) * | 2006-11-28 | 2008-05-29 | Avaya Technology Llc | Self-Operating Security Platform |
| CN101286850B (zh) * | 2007-04-10 | 2010-12-15 | 深圳职业技术学院 | 路由器安全防御装置及防御系统和方法 |
| US9843596B1 (en) * | 2007-11-02 | 2017-12-12 | ThetaRay Ltd. | Anomaly detection in dynamically evolving data and systems |
| US8732829B2 (en) * | 2008-04-14 | 2014-05-20 | Tdi Technologies, Inc. | System and method for monitoring and securing a baseboard management controller |
| KR101190559B1 (ko) | 2010-12-24 | 2012-10-16 | 한국인터넷진흥원 | 봇의 행위 모니터링 정보 및 봇넷 정보의 시각화 방법 |
| CN104348795B (zh) * | 2013-07-30 | 2019-09-20 | 深圳市腾讯计算机系统有限公司 | 通用网关接口业务入侵防护的方法及装置 |
| US11165812B2 (en) | 2014-12-03 | 2021-11-02 | Splunk Inc. | Containment of security threats within a computing environment |
| US20160180078A1 (en) * | 2014-12-23 | 2016-06-23 | Jasmeet Chhabra | Technologies for enhanced user authentication using advanced sensor monitoring |
| US10552615B2 (en) | 2016-02-18 | 2020-02-04 | Swimlane Llc | Threat response systems and methods |
| CA3079913A1 (en) * | 2017-11-06 | 2019-05-09 | Cyber Defence Qcd Corporation | Methods and systems for monitoring cyber-events |
| KR102062718B1 (ko) * | 2019-07-29 | 2020-01-07 | 주식회사 에프원시큐리티 | 패킷 가상화를 이용한 IoT 허니넷 시스템 |
| FR3104776B1 (fr) | 2019-12-17 | 2023-07-07 | Commissariat Energie Atomique | Procédé de détermination d’une réaction en réponse à une anomalie dans un réseau informatique |
| AT523933B1 (de) * | 2020-11-18 | 2022-01-15 | Ait Austrian Inst Tech Gmbh | Verfahren zur Klassifizierung von anomalen Betriebszuständen eines Computernetzwerks |
Family Cites Families (38)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5542024A (en) * | 1992-07-09 | 1996-07-30 | Johnson & Johnson | Graphically used expert system tool background of the invention |
| JP2501771B2 (ja) * | 1993-01-19 | 1996-05-29 | インターナショナル・ビジネス・マシーンズ・コーポレイション | 不所望のソフトウェア・エンティティの複数の有効なシグネチャを得る方法及び装置 |
| JPH06282527A (ja) | 1993-03-29 | 1994-10-07 | Hitachi Software Eng Co Ltd | ネットワーク管理システム |
| US5546507A (en) * | 1993-08-20 | 1996-08-13 | Unisys Corporation | Apparatus and method for generating a knowledge base |
| US5414833A (en) * | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
| US5557742A (en) * | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
| US6144961A (en) * | 1995-08-31 | 2000-11-07 | Compuware Corporation | Method and system for non-intrusive measurement of transaction response times on a network |
| US6178509B1 (en) * | 1996-06-13 | 2001-01-23 | Intel Corporation | Tamper resistant methods and apparatus |
| US5892903A (en) * | 1996-09-12 | 1999-04-06 | Internet Security Systems, Inc. | Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system |
| US6119236A (en) * | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
| US6802028B1 (en) * | 1996-11-11 | 2004-10-05 | Powerquest Corporation | Computer virus detection and removal |
| US5850516A (en) * | 1996-12-23 | 1998-12-15 | Schneier; Bruce | Method and apparatus for analyzing information systems using stored tree database structures |
| US6618074B1 (en) * | 1997-08-01 | 2003-09-09 | Wells Fargo Alarm Systems, Inc. | Central alarm computer for video security system |
| US6088804A (en) * | 1998-01-12 | 2000-07-11 | Motorola, Inc. | Adaptive system and method for responding to computer network security attacks |
| US6347374B1 (en) * | 1998-06-05 | 2002-02-12 | Intrusion.Com, Inc. | Event detection |
| WO2000019324A1 (en) * | 1998-09-28 | 2000-04-06 | Argus Systems Group, Inc. | Trusted compartmentalized computer operating system |
| US6321338B1 (en) * | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
| US6609205B1 (en) * | 1999-03-18 | 2003-08-19 | Cisco Technology, Inc. | Network intrusion detection signature analysis using decision graphs |
| US6681331B1 (en) * | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
| US7020697B1 (en) * | 1999-10-01 | 2006-03-28 | Accenture Llp | Architectures for netcentric computing systems |
| US6678734B1 (en) * | 1999-11-13 | 2004-01-13 | Ssh Communications Security Ltd. | Method for intercepting network packets in a computing device |
| US6775657B1 (en) * | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
| US6535227B1 (en) * | 2000-02-08 | 2003-03-18 | Harris Corporation | System and method for assessing the security posture of a network and having a graphical user interface |
| US7089428B2 (en) * | 2000-04-28 | 2006-08-08 | Internet Security Systems, Inc. | Method and system for managing computer security information |
| US20030159070A1 (en) * | 2001-05-28 | 2003-08-21 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
| US7007301B2 (en) * | 2000-06-12 | 2006-02-28 | Hewlett-Packard Development Company, L.P. | Computer architecture for an intrusion detection system |
| JP2002024831A (ja) | 2000-07-10 | 2002-01-25 | Casio Comput Co Ltd | 指紋認証装置及び指紋認証システム |
| US7093239B1 (en) * | 2000-07-14 | 2006-08-15 | Internet Security Systems, Inc. | Computer immune system and method for detecting unwanted code in a computer system |
| WO2002023808A2 (en) | 2000-09-15 | 2002-03-21 | Cymtec Systems, Inc. | Network management system |
| US20020161929A1 (en) * | 2001-04-30 | 2002-10-31 | Longerbeam Donald A. | Method and apparatus for routing data through a computer network |
| US6931552B2 (en) * | 2001-05-02 | 2005-08-16 | James B. Pritchard | Apparatus and method for protecting a computer system against computer viruses and unauthorized access |
| JP2002342276A (ja) | 2001-05-17 | 2002-11-29 | Ntt Data Corp | ネットワーク侵入検知システムおよびその方法 |
| US7624444B2 (en) * | 2001-06-13 | 2009-11-24 | Mcafee, Inc. | Method and apparatus for detecting intrusions on a computer system |
| US6907430B2 (en) * | 2001-10-04 | 2005-06-14 | Booz-Allen Hamilton, Inc. | Method and system for assessing attacks on computer networks using Bayesian networks |
| US6801940B1 (en) * | 2002-01-10 | 2004-10-05 | Networks Associates Technology, Inc. | Application performance monitoring expert |
| US20030208616A1 (en) * | 2002-05-01 | 2003-11-06 | Blade Software, Inc. | System and method for testing computer network access and traffic control systems |
| US6952779B1 (en) * | 2002-10-01 | 2005-10-04 | Gideon Cohen | System and method for risk detection and analysis in a computer network |
| US7941854B2 (en) | 2002-12-05 | 2011-05-10 | International Business Machines Corporation | Method and system for responding to a computer intrusion |
-
2002
- 2002-12-05 US US10/313,732 patent/US7941854B2/en not_active Expired - Fee Related
-
2003
- 2003-11-28 CN CNB2003801007455A patent/CN100518174C/zh not_active Expired - Fee Related
- 2003-11-28 KR KR1020057008221A patent/KR100734732B1/ko not_active IP Right Cessation
- 2003-11-28 AT AT03778561T patent/ATE341024T1/de not_active IP Right Cessation
- 2003-11-28 JP JP2004556507A patent/JP4283228B2/ja not_active Expired - Fee Related
- 2003-11-28 DE DE60308722T patent/DE60308722T2/de not_active Expired - Lifetime
- 2003-11-28 EP EP03778561A patent/EP1567926B1/de not_active Expired - Lifetime
- 2003-11-28 AU AU2003285563A patent/AU2003285563A1/en not_active Abandoned
- 2003-11-28 WO PCT/GB2003/005219 patent/WO2004051441A2/en active IP Right Grant
- 2003-12-02 TW TW092133851A patent/TWI234707B/zh not_active IP Right Cessation
Also Published As
| Publication number | Publication date |
|---|---|
| JP2006509283A (ja) | 2006-03-16 |
| JP4283228B2 (ja) | 2009-06-24 |
| US20040111637A1 (en) | 2004-06-10 |
| EP1567926A2 (de) | 2005-08-31 |
| CN1695365A (zh) | 2005-11-09 |
| AU2003285563A8 (en) | 2004-06-23 |
| DE60308722T2 (de) | 2007-08-16 |
| TWI234707B (en) | 2005-06-21 |
| WO2004051441A3 (en) | 2004-08-26 |
| KR100734732B1 (ko) | 2007-07-04 |
| DE60308722D1 (de) | 2006-11-09 |
| CN100518174C (zh) | 2009-07-22 |
| WO2004051441A2 (en) | 2004-06-17 |
| AU2003285563A1 (en) | 2004-06-23 |
| US7941854B2 (en) | 2011-05-10 |
| TW200424845A (en) | 2004-11-16 |
| EP1567926B1 (de) | 2006-09-27 |
| KR20050086445A (ko) | 2005-08-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| ATE341024T1 (de) | Verfahren, vorrichtung und computersoftware- produkt zur reaktion auf computereinbrüche | |
| Wilson et al. | Making neighborhoods safe: Sometimes" fixing broken windows" does more to reduce crime than conventional" incident-oriented" policing | |
| Tedesco et al. | Mosquito politics: local vector control policies and the spread of West Nile Virus in the Chicago region | |
| WO2008070501A3 (en) | Determining advertisement effectiveness | |
| ATE513402T1 (de) | Verfahren zur risikodetektion und -analyse in einem computernetzwerk | |
| ATE455428T1 (de) | System und verfahren zur verwaltung von benutzergruppen in einem anwesenheitssystem | |
| WO2008049092A3 (en) | Generic online ranking system and method suitable for syndication | |
| WO2006049945A3 (en) | Method and apparatus for a mechanized attendance management system | |
| ATE343277T1 (de) | System, verfahren und computerprogrammprodukt zur zentralisierten verwaltung eines verteilten infiniband-systemnetzwerks | |
| WO2004079553A3 (en) | System, method and model for autonomic management of enterprise applications | |
| DE60227496D1 (de) | Verfahren und system zur verwaltung von konfigurationsänderungen in einem datenverarbeitungssystem | |
| ATE538438T1 (de) | Verfahren und system zur auflösung von adressierungskonflikten auf der basis von tunnelinformationen | |
| ATE465576T1 (de) | Verfahren und schaltungsanordnung zur überwachung und verwaltung von datenverkehr in einem kommunikationssystem mit mehreren kommunikationsknoten | |
| ATE511265T1 (de) | Vorrichtung, system und verfahren zum dynamischen bestimmen einer menge von speicherbereichnetzwerkkomponenten zur überwachung der leistungsfähigkeit | |
| DE60200494D1 (de) | System, Verfahren, Server und Computerprogramm zur Darstellung von Informationen | |
| D'Egidio et al. | A study of the efficacy of flashing lights to increase the salience of alcohol-gel dispensers for improving hand hygiene compliance | |
| DE602004027492D1 (de) | System und verfahren zur überwachung von netzwerkeinrichtungen auf agent-basis | |
| ATE478399T1 (de) | Verfahren zum zählen von objekten in einer überwachten umgebung und vorrichtung dafür | |
| Dishlieva | Differentiability of solutions of impulsive differential equations with respect to the impulsive perturbations | |
| Nguyen et al. | Smoke-free environment policy in Vietnam: what did people see and how did they react when they visited various public places? | |
| ATE395646T1 (de) | Vorrichtung und verfahren zur analyse eines systems mit fehlstarten | |
| DE502005007323D1 (de) | Verfahren zur Übermittlung von Informationen von einem Informationsserver an einen Client | |
| Ręk et al. | Reality and illusion: the assessment of angular separation of multi-modal signallers in a duetting bird | |
| ATE452360T1 (de) | Verfahren und system zum analysieren und adressieren von alarmen aus netzwerkeindringdetektionssystemen | |
| Khan et al. | Pervasive approach to acoustic source perception in horizontal plane |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| RER | Ceased as to paragraph 5 lit. 3 law introducing patent treaties |