CN1269030A - 自动化网络监视和安全违规干预的方法和装置 - Google Patents
自动化网络监视和安全违规干预的方法和装置 Download PDFInfo
- Publication number
- CN1269030A CN1269030A CN97182186A CN97182186A CN1269030A CN 1269030 A CN1269030 A CN 1269030A CN 97182186 A CN97182186 A CN 97182186A CN 97182186 A CN97182186 A CN 97182186A CN 1269030 A CN1269030 A CN 1269030A
- Authority
- CN
- China
- Prior art keywords
- data
- network
- session
- warning
- rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Burglar Alarm Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
一种网络监视系统,包括用于捕获网络信息包和过滤无效信息包的处理程序过程(10),第一和第二连续分类的记录文档(15a,15b),和用于扫描在网络上发生的所有会话和检查特定规则(38)存在的扫描器过程(30)。当符合规则而指示安全事故时,可以采取包括经过电子或其它邮件通知网络安全官员,或记录或终止网络会话等各种适当动作。监视系统完全地独立于任何其它网络通信和网络文档服务器操作,因此对网络性能没有影响。
Description
本专利文件所公开的一部分内容包含属于版权保护范围的材料。只要它出现在专利和商标局的专利文档或记录中,版权所有人并不反对本专利文件或专利公开的任何复制,但保留所有的版权。
本发明涉及一个网络中多个数字设备之间的信息传输和一个互联网中多个网络之间的信息传输。更具体地讲,本发明涉及通过对网络上所有或几乎所有发送的数据进行监视和检查,网络会话的再建,和安全违规干预以保证安全网络通信的方法和装置。网络设备标准
本说明书假定读者对当前LAN网应用和WAN互联网应用中使用的一般概念、协议和设备有一定了解。由于这些标准是广泛公开使用的,因此不再对它们进行全面的讨论。一般LAN配置
图3示出了当今可以在中等规模办公单位或院校环境中使用的一种类型的局域网(LAN)80的概况图,并且作为讨论其中可以有效地使用本发明的一种网络类型的实例。LAN是由各种硬件和软件元件装备而成的,它们共同操作以使多个数字设备可以在LAN内交换数据,并且LAN也可以包括对,例如WAN82和84这样的外部广域网(WAN)的互联网连接。像80这样的典型现代LAN包括一至多个可以对整个LAN上的数据传输作出响应的中间系统(IS),例如IS60-62,和代表终端用户设备的多个终端系统(ES),例如ES 50a-d,51a-c,和52a-g。ES可以是熟悉的终端用户数据处理设备,例如,个人计算机,工作站,用于拨号连接的调制解调器,和打印机,并且可以是额外的数字设备,例如数字电话或实时视频显示器。不同类型的ES可以在同一个LAN上共同操作。可以有许多不同的LAN结构,而且本发明并不限于应用在图3所示的网络中。网络通信中的安全问题
LAN和WAN环境中一个日益突出的问题是,在大多数现有技术的网络中,线路上信息包通信基本上是不安全的。LAN通常是设计为包括通过互联网或拨号连接连接的处理设备在内的任何连接到LAN的用户处理设备提供容易和灵活的网络资源访问。在一个企业LAN中,许多用户可以访问包含诸如帐目结算或金融交易信息之类的能够操纵以进行犯罪或掩盖罪行的数据的计算机文档。防火墙是一种防止从LAN外部非法访问LAN上文档的技术。但是,大量的计算机犯罪是由LAN合法的、内部使用人员以非法的方式访问或操纵数据进行的。防火墙不能防止未经授权的内部人员访问LAN资源。
其它的安全问题涉及电子欺诈和嗅探(spoofing and sniffing)。在LAN的一个部分,例如72d,该LAN部分上每个ES都会听到发送给该部分上任何ES的每个信息包。网络中每个ES一般都有一个唯一的以太网(或MAC)地址,一个ES将放弃它听到的任何不是以它的MAC地址定址的信息包。但是,网络并不强迫ES放弃非定址于它们的信息包,并且能够以一种不加选择的模式(promiscuous mode)操作,在这种模式中ES读取它在网络上听到的每个信息包并把该信息包向上传送到该ES中运行的更高级的软件。既然适配器配置或调试过程中可以合法地使用不加选择的模式,一个ES也可以使用它不经授权地读取和检查网络上所有网络通信。在本领域中有时把这种行为称为嗅探。
有关嗅探的问题可能发生在从一个LAN发射的过程中,其中在LAN上运行的软件可以发送出网信息包地址,以模仿另一个ES的信息包。这种技术在本领域中称为电子欺诈。一个欺骗另一个ES的信息包的不道德的用户可以在从该ES发送的信息包流中引入不需要的数据,例如病毒,或是可以劫持一个用户的网络会话和得以非法访问其它系统资源。
已经提出或使用了许多技术来加强网络安全。所有这些技术一般都依赖于对MAC地址和IP地址或用户识别码的验证。但是,这些技术存在局限性,因为不能保证网上发送的信息包在它们的包标题中有一个有效的MAC或IP地址,并且也不能保证LAN的合法用户不会以非法方式访问或操纵LAN数据。
需要的是一种能够监视网上行为和扫描非法网络行为并且在检测到非法行为时自动采取动作的简单、廉价的系统。最好这种技术能够在网络中使用而又不会降低网络的操作性能。
为了简明,本发明的讨论参考特定实施例的网络设备和概念。但是,本发明的方法和装置可以用各种类型的网络设备操作,包括与图3中所示的以及下面要说明的特定实例极不相同的网络。因此本发明除了受附属的权利要求的限定外,不受上述实施例的限制。
在许多现有的LAN系统中,网络上的数据被分组成称为信息包的离散单元,每个信息包具有一个来源和目的地的指示。尽管本发明并不限于打包的数据,但为了易于理解,在这里是以信息包来说明数据的。
本发明是一种用于在LAN上发送数据的改进方法和装置。根据本发明,一种网络安全代理TM(Network Security AgentTM)监视系统能够读取在一网络部分上发送的所有信息包,再建所有的用户会话,和为值得注意的或可疑的行为扫描所有用户会话,所有这些都是实时进行的并且对网络性能没有任何显著影响。当检测到任何值得注意或可疑行为时,产生警告并可以采取适当的干预动作。
本发明利用了信息包嗅探,会话再建,和会话扫描,以便扫描会话检查非法行为,并且在检测到非法行为时,采取预定的自动干预动作。本发明使用了自动实时会话再建和扫描,以完成对典型的LAN上每日产生的数千万信息包的网络监视。
根据本发明,优化地设计硬件和软件元件,以便能够实时地读取LAN上所有信息包,和再建会话。在本发明中结合了从以太网控制器直接读取低级信息包的定制例程,以便100%地捕获全部网络信息。
在一个实施例中,本发明包括以一种为数据操作和I/O而优化的语言写出的软件元件。本发明包括一组用户接口,以使网络管理人员能够检查本发明收集的数据和设定某些参数。
参考以下的附图和详细说明将会更好地了解本发明。
图1是根据本发明的网络监视系统的方框图;
图2是根据本发明的一个实施例的处理程序过程的方框图;
图3是一个其中可以使用本发明的一般化LAN的示意图;
图4示出了根据本发明的一个实施例的带有远程监视系统代理的多个远程网络;
图5示出了根据本发明的一个实施例的远程监视系统代理;
图6是根据本发明的一个可以用一个软件实施例配置的计算机系统的方框图。综述
图1是根据本发明的一个实施例的网络监视系统的方框图。图1中示出了一个指示连接到LAN或其它数据通信媒介的通信信道5。网络驱动器7从信道5接收打包的或其它形式的数据,网络驱动器7可以包括硬件和软件组成部分,以快速读取信道5上的信号,并把它们转换成计算机可读数据。网络驱动器7可以是预先存在的或客户网络接口,并设置为它在其中接收所有或几乎所有信道5上发送的数据的不加选择模式。把网络驱动器7上接收的数据送到处理程序过程10,在如下面将要说明的那样把数据作为记录放在文档15a或15b之一中之前,处理程序过程10可以进行像下面将要说明的某种数据过滤或处理。如已知的现有技术那样,对文档15a和15b进行连续的分类。扫描器过程30从文档15a-b读取记录,并把记录组织到会话数据库32中。会话数据库32包含在一特定会话中接收的所有信息包的顺序列表。根据本发明,扫描器过程30包括会话窗口(SW)扫描器34。SW扫描器34定义了用于读取会话数据库32中数据窗口和对那些数据窗口测试一组规则38的会话窗口。
根据本发明,适当构造会话窗口,以便提供叠加的和滑动的数据窗口,因而可以充分地测试规则,即使会激发规则的数据在接收信息包时被分割在记录文档1和记录文档2之中。维护数据库40a-d,以提供诸如访问过的URL,访问过的域,访问过的头十个URL之类的有关网络使用参数的信息。设计用户接口42,以从一工作站,例如45,接受用户指令,和像以下将说明的那样向工作站45显示请求的数据。一种可选的实时显示引擎44可以与处理程序过程10交互作用,显示实时会话数据。
根据本发明,通过组合两个记录文档15a和15b,在前面捕获的信息包正在被扫描的同时,在信道5上捕获最新发送的信息包,两个文档的组合是这样操作的,在为监视事故而扫描和分析一个记录文档的同时,处理程序过程10用连续分类的信息包填写另一个记录文档。与记录文档相关联的也可以是一个用于存储更大数量的信息包数据的存储空间16。处理程序过程
图2示出了根据本发明的一个实施例的处理程序过程10的功能。处理程序10读取信道5上所有数据或数据的大子集,并且选择用于以后再建的会话信息包。处理程序10与扫描器30和实时显示引擎44通信。
处理程序10确定从信道5读取信息包的优先次序,在繁忙的LAN上一天可以有超过50,000,000个信息包。处理程序的一个实施例使用了小状态表,并且完全是事件驱动的。从网络5信息包读取数据得到最高优先次序,因而不会丢失希望的信息包。
处理程序过程10包括用于初始信息包过滤的过滤过程22。根据本发明,可以把过滤过程22设定为根据多个标准滤除信息包,包括由于不正确的校验和或某些识别滤除无效信息包。
处理程序过程10也包括用于为每个接收的网络信息包加上时间标记的标时器23,和为每个接收的信息包加上顺序号的定序器25,以便唯一地标识每个信息包。处理程序译码器26为网络信息包部分译码,并且可以被编程以处理某种内部信息包压缩。
记录器28把每个处理过的数据信息包作为记录写入连续分类的记录文档15a-15b。写入哪一个文档是由如下所述的扫描器过程30确定的。图1中示出了代表性的记录18,具有包括指示源、目的地或目的地组、服务器、顺序号、数据、时标(T.S.)、和处理顺序号(HSQ)的多个字段。扫描器过程
扫描器30的基本任务是会话再建和会话扫描。扫描器30以定时的间隔设置一个请求一组用于会话再建的信息包的标记。信息包一般是由处理程序10从文档15a或15b提供的,并且处理程序10开始在没有被扫描器30访问的文档中存储新接收的记录。在扫描器30接收信息包时,它立即进行处理以再建会话。
会话是根据诸如IP地址和端口(对于TCP/IP)或本地传输协议(LAT)虚拟电路和槽之类的源和目的地指示的任何组合再建的。与一个会话标识符一起独立地再建每个识别的会话。保留以前再建的会话数据的某部分,以使SW扫描器34能够检测可能跨越两个记录文档的图形。规则和干预动作
使再建的会话通过一系列用户定义的规则38。在一个实施例中,每个规则仅由报警名和图形组成。当SW扫描器34检测到会话窗口包含图形时,触发报警。
与每个报警名相关联的是报警说明,在报警触发时要采取的动作的列表,和报警的优先等级。当触发报警时,在记录39中记录一个事故。事故记录39包含事故的识别数据,例如报警名,说明,用户注册名,位置(TCP/IP或LAT地址/端口),和一个会话的快照,其有一箭头指向引起报警触发的图形。
在记录了事故之后,报警处理程序36采取任何报警动作。可能的报警动作包括向某个人或一组人发送电子邮件,包含例如触发报警的名,位置(TCP/IP或LAT地址/端口),用户注册名,和具有对引起报警触发的图形的指示的会话快照。
另一种可能的报警动作包括记录从报警瞬间向前的会话以便以后重放。记录包括用户所做的涉及通过网络发送的每一次击键、每一件事。报警还可能采取动作终止产生报警的用户连接。
扫描器30也可以进行会话数据库清除过程,例如清除非活动的注册信息。实时显示模块
实时显示模块44是本发明的一个可选组成部分,它负责实时显示会话。当实时显示模块44从报警处理程序36或用户接口模块42接收到监视消息时,它产生终端仿真弹出式窗口。每个窗口一次击键接一次击键地实时显示用户会话。在这种场合,扫描器30和实时显示模块44都从处理程序10接收某些信息包。然后,实时显示模块44向处理程序10发送消息,请求复制来自被监视会话的信息包并送到实时显示模块44。当接收到监视信息包时,把它们格式化并送到适当的终端仿真弹出式窗口。
如果会话中断连接,在弹出式窗口上显示会话被关闭的消息,并且停止会话监视。如果用户手动关闭弹出式窗口,该会话的会话监视也被中断。用户接口模块
用户接口模块42提供了至网络监视系统的用户接口。从模块42可以看到会话,产生报告,定义报警和规则,以及采取会话动作。
在请求会话监视时,模块42与实时显示模块44通信。模块42执行的所有其它显示和动作都是通过数据库操作执行的。扫描器30注意数据库变化(例如新的报警或规则),并在需要时重建它的内部表。
模块42可以用鼠标,直接从键盘,或通过任何其它计算机工作站和用户之间的连接方法操作。在所有的决定点都提供有广泛的在线帮助。实例
通过一个实例可以进一步理解本发明的操作。为了这个实例,假设LAN80是一个投资管理公司中的局域网。该网络可以包括一个特定雇员被授权在任何时间从包括拨号连接在内的任何地点使用的多种功能。雇员可以在任何时间访问的一个功能是办公室间电子邮件功能。此外,LAN可以包括有关顾客帐目的敏感性数据,一般这种数据只有授权的雇员在工作时间在办公室处理顾客帐目时才能访问。标准现有安全措施,例如文档访问授权,可以指定某些雇员使用这种数据,但是这种措施通常不能限制基于该雇员是否正在通过拨号连接连通的访问,或基于该雇员是否在有效工作时间中试图访问数据的访问。
根据本发明,可以设定一个规则,监视对顾客文档结构内任何文档的访问。这种规则可以是十分简单的规则,检查通过网络从客户机处理器发往服务器处理器的特定文本串,其中该文本串代表一个文档路径名。为进一步说明本发明的这些方面,假设完整的文档路径名被分割在一个以上的网络信息包中,并且正在扫描器30请求从记录文档1切换到记录文档2时,接收到两个网络信息包。
这一规则可以表达为:
IF text_contains(″\data\customer″)AND
(time()=off_hours OR connection()=dial_up)
THEN
email(session_data,supervisor)
terminate_session()
ENDIF
根据这个实例,在信道5上发送来自会话S2的以数据“\data\cu”结束的第一信息包,并由处理程序10放入记录文档15a中,在从S2接收到下一个信息包之前,扫描器30向处理程序10发出切换记录文档的信号。然后,扫描器30读取记录文档1中的数据,并把来自S2的数据放入适当的会话数据库文档中。接下来,会话窗口扫描器34为上述规则扫描SW2中的文本,并且由于没有发现文本,不激发该规则。
此时,在信道5上发送来自会话S2的以数据“stomer”开始的第二信息包,并由处理程序10放入记录文档15b中。当扫描器30充分地分析了来自15a的数据之后,它切换到15b,并把来自S2的附加数据放入适当的会话数据库文档中。接着,会话窗口扫描器34为上述规则扫描SW2中的文本,并且由于SW2包括至少13个字节的重叠,激发了规则。事故记录在39中,并由处理程序36处理报警。特定实施
本发明的主要挑战是要能够实时地读取LAN上所有数据信息包。在一种专用的装备中,选择了在233Mhz至500Mhz速度的DigitalAlpha/AXP CPU上运行的OpenVMS操作系统在处理会话再建,实时扫描和实时显示任务的同时满足读取100%的繁忙的LAN信息包的沉重处理要求。
用于从网络控制器直接读取低级信息包的定制例程是利用OpenVMS的异步QIO服务以C语言写的。实时显示模块也是用C语言写的。
对于会话再建和实时会话扫描,一个实施例是用INTOUCH4GL(TM)编程语言实现的,该语言是本发明的受让人开发的。INTOUCH4GL是一种专门设计用于数据操作和文本扫描的高性能语言。为了监视代理使用,包括有专门高速图形匹配功能来加强INTOUCH 4GL。
INTOUCH 4GL也可以用于用户接口和事故跟踪,报告,数据库维护,和记录的会话重放。远程监视代理
图4和5示出了本发明的一个不同实施例,其中可以与互联网一同使用多个远程监视代理(RSA),以便在一个地点捕获网络数据通信,并在另一个地点进行通信分析和会话再建。图4显示了连接于不同WAN/LAN网105a的RSA100a-c。根据这个实施例,RSA100a-c收集来自它们连接的LAN或WAN的所有网络数据通信,但RSA100a-c不是充分地扫描该通信,而是以可以发送到远程监视服务器(RSS)110的形式存储收集的信息包。RSS110接收用于RAS100a-c的信息,并把这个信息发送至根据本发明的执行如上所述的会话再建,规则检查和报警处理的监视系统1。
根据一个特定的实时例,RSA100a-c在它们连接的WAN/LAN上收集多个信息包,并把多个信息包压缩成可以跨越互联网通过WAN/LAN发送回RSS110的单个互联网信息包。根据这个实施例,以这种方式,RSA100a-c能够允许位于一个城市的监视系统1监视位于不同城市的几个WAN/LAN,其仅需要把RSA插入到远程网中而无需对该网络进行任何其它的改变。
图5示出了根据本发明的一个RSA的实例。处理程序过程10实际上如上面所述的一样接收并处理LAN/WAN数据,并存储在多个记录文档15a-b之一中。然后,互联网打包器130读取记录文档数据,互联网打包器130把多个LAN/WAN信息包存储到一个互联网信息包中,然后把它送到驱动器7,以便经互联网发送到RSS110。在一个替代实施例中,由一个RSA接收LAN/WAN信息包并标时,并立即以RSA最少的附加处理经互联网单独或多组发送。
本发明可以以记录在固定介质上的或电子发射的软件指令实现。在这种情况下,图3的监视系统1将是一个高性能的计算机系统,软件指令将使计算机1的存储器和其它存储介质构造成如图1所示的形式,并使计算机1的处理器根据本发明操作。
图6示出了一个用于执行本发明软件的计算机系统的实例。图7示出了一个计算机系统700,它包括监视器705,机箱707,键盘709,和鼠标711。机箱707里安装着用于读取CD-ROM或其它类型盘717的盘驱动器715,并安装着诸如处理器、存储器,磁盘驱动器等其它熟悉的计算机组件(未示出),以及用于连接到通信信道5的适配器1。
现在已经参考特定的实时例说明了本发明。对于熟悉本领域的技术人员其它实施例是显而易见的。具体地说,已经说明了特定的处理次序,并且各种功能也是以特定的顺序说明的,但是可以以不同的顺序安排许多这样的子功能而不改变本发明的基本操作。因此,除了附属权利要求所指示的之外,本发明并不受上述实施例的限制。
Claims (20)
1.一种不依赖于网络服务器在网络上进行监视的网络监视系统,包括:
用于捕获网络上数据的网络驱动器;
用于接收来自所述网络驱动器的数据和实时存储所述数据的处理程序过程;
多个用于接收网络数据和在进一步检查之前存储所述数据的记录文档;
用于指定所述多个记录文档中的一个为接收文档同时从所述多个记录文档中另一个文档读取数据,并且用于利用所述数据构造多个会话数据流的扫描器过程,所述会话数据流提供了由会话组织的网络数据通信的顺序再建;
用于在所述多个会话数据流中的一个读取数据窗口的会话窗口扫描器;
一组定义了数据图形的监视规则,在符合所述规则时将触发报警;和
用于响应激发的规则和采取定义的动作的报警处理程序。
2.根据权利要求1所述的装置,还包括:
使用户可以实时看到会话和访问多个包含所述会话窗口处理器维护的会话事件的数据库的用户接口。
3.根据权利要求1所述的装置,其中所述处理程序过程过滤特定的网络数据并在从网络接收特定网络数据时加上时间指示。
4.根据权利要求1所述的装置,其中所述多个记录文档是根据记录索引连续分类的。
5.根据权利要求1所述的装置,其中所述会话窗口包括以前检查过的来自所述会话数据库的数据的一个重叠部分,以便测试应用到包含在一个以上的记录中的数据的规则。
6.根据权利要求5所述的装置,其中所述会话窗口重叠是由可能触发规则的最长的文本串确定的。
7.根据权利要求1所述的装置,其中所述报警处理程序可以通过向特定的多个目的地发送消息来响应报警。
8.根据权利要求1所述的装置,其中所述报警处理程序可以通过强迫用户会话终止来响应报警。
9.根据权利要求1所述的装置,其中所述报警处理程序可以通过记录会话来响应报警。
10.一种包含计算机可执行程序编码的固定的计算机可读介质,当把该程序编码装载到一个适当构造的计算机系统中时将使计算机实现权利要求1的装置。
11.一种用于在网络上进行监视的方法,包括:
捕获网络上的数据;
把所述数据实时存储在多个记录文档之一中;
利用所述数据构造多个会话数据流,所述会话数据流提供了由会话组织的网络数据通信的顺序再建;
读取所述多个会话数据流之一中的数据窗口;
相对于一组监视规则测试所述数据窗口;和
通过采取定义的干预动作响应激发的规则。
12.根据权利要求11所述的方法,进一步包括把再建的会话视图实时提供给用户。
13.根据权利要求11所述的方法,进一步包括在存储前过滤特定网络数据信息包。
14.根据权利要求11所述的方法,进一步包括连续地分类记录文档。
15.根据权利要求11所述的方法,进一步包括检查以前检查过的数据的一个重叠部分以便测试应用到包含在一个以上的记录中的数据的规则。
16.根据权利要求15所述的方法,其中所述会话窗口重叠是由可能触发规则的最长的文本串确定的。
17.根据权利要求11所述的方法,进一步包括通过向特定的多个目的地发送消息来响应报警。
18.根据权利要求11所述的方法,进一步包括通过强迫终止用户会话来响应报警。
19.根据权利要求11所述的方法,进一步包括通过记录会话来响应报警。
20.一种包含计算机可执行程序编码的固定的计算机可读介质,当把该程序编码装载到一个适当构造的计算机系统中时将使计算机实现权利要求11的方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/749,352 US5796942A (en) | 1996-11-21 | 1996-11-21 | Method and apparatus for automated network-wide surveillance and security breach intervention |
US08/749,352 | 1996-11-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN1269030A true CN1269030A (zh) | 2000-10-04 |
Family
ID=25013375
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN97182186A Pending CN1269030A (zh) | 1996-11-21 | 1997-11-21 | 自动化网络监视和安全违规干预的方法和装置 |
Country Status (11)
Country | Link |
---|---|
US (1) | US5796942A (zh) |
EP (1) | EP1008046B1 (zh) |
JP (1) | JP2002515152A (zh) |
KR (1) | KR20000057209A (zh) |
CN (1) | CN1269030A (zh) |
AT (1) | ATE458221T1 (zh) |
AU (1) | AU777399B2 (zh) |
CA (1) | CA2274299C (zh) |
DE (1) | DE69739769D1 (zh) |
IL (1) | IL130079A (zh) |
WO (1) | WO1998022875A1 (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102436560A (zh) * | 2011-08-22 | 2012-05-02 | 高振宇 | 计算机自防御系统及方法 |
CN102473119A (zh) * | 2009-07-17 | 2012-05-23 | 美国运通旅游有关服务公司 | 用于基于反馈调适通信网络的安全性措施的系统、方法和计算机程序产品 |
US9712552B2 (en) | 2009-12-17 | 2017-07-18 | American Express Travel Related Services Company, Inc. | Systems, methods, and computer program products for collecting and reporting sensor data in a communication network |
US9756076B2 (en) | 2009-12-17 | 2017-09-05 | American Express Travel Related Services Company, Inc. | Dynamically reacting policies and protections for securing mobile financial transactions |
US9847995B2 (en) | 2010-06-22 | 2017-12-19 | American Express Travel Related Services Company, Inc. | Adaptive policies and protections for securing financial transaction data at rest |
US10360625B2 (en) | 2010-06-22 | 2019-07-23 | American Express Travel Related Services Company, Inc. | Dynamically adaptive policy management for securing mobile financial transactions |
US10395250B2 (en) | 2010-06-22 | 2019-08-27 | American Express Travel Related Services Company, Inc. | Dynamic pairing system for securing a trusted communication channel |
US10432668B2 (en) | 2010-01-20 | 2019-10-01 | American Express Travel Related Services Company, Inc. | Selectable encryption methods |
Families Citing this family (289)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6453345B2 (en) * | 1996-11-06 | 2002-09-17 | Datadirect Networks, Inc. | Network security and surveillance system |
US5935245A (en) * | 1996-12-13 | 1999-08-10 | 3Com Corporation | Method and apparatus for providing secure network communications |
US6263444B1 (en) * | 1997-03-11 | 2001-07-17 | National Aerospace Laboratory Of Science & Technology Agency | Network unauthorized access analysis method, network unauthorized access analysis apparatus utilizing the method, and computer-readable recording medium having network unauthorized access analysis program recorded thereon |
US6070243A (en) * | 1997-06-13 | 2000-05-30 | Xylan Corporation | Deterministic user authentication service for communication network |
JPH1146196A (ja) * | 1997-07-25 | 1999-02-16 | Fujitsu Ltd | 通信機器及び通信端末及びプログラム記録媒体 |
US5961644A (en) * | 1997-09-19 | 1999-10-05 | International Business Machines Corporation | Method and apparatus for testing the integrity of computer security alarm systems |
US6104392A (en) * | 1997-11-13 | 2000-08-15 | The Santa Cruz Operation, Inc. | Method of displaying an application on a variety of client devices in a client/server network |
US6925606B2 (en) * | 1997-11-13 | 2005-08-02 | Tarantella, Inc. | Color quality and packet shaping features for displaying an application on a variety of client devices |
US5951665A (en) * | 1997-11-14 | 1999-09-14 | The Panda Project | Interface optimized computer system architecture |
US6026442A (en) * | 1997-11-24 | 2000-02-15 | Cabletron Systems, Inc. | Method and apparatus for surveillance in communications networks |
US6782510B1 (en) * | 1998-01-27 | 2004-08-24 | John N. Gross | Word checking tool for controlling the language content in documents using dictionaries with modifyable status fields |
US6366912B1 (en) * | 1998-04-06 | 2002-04-02 | Microsoft Corporation | Network security zones |
US6345361B1 (en) | 1998-04-06 | 2002-02-05 | Microsoft Corporation | Directional set operations for permission based security in a computer system |
US6282546B1 (en) | 1998-06-30 | 2001-08-28 | Cisco Technology, Inc. | System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment |
US6324656B1 (en) | 1998-06-30 | 2001-11-27 | Cisco Technology, Inc. | System and method for rules-driven multi-phase network vulnerability assessment |
US6321334B1 (en) | 1998-07-15 | 2001-11-20 | Microsoft Corporation | Administering permissions associated with a security zone in a computer system security model |
US6473800B1 (en) | 1998-07-15 | 2002-10-29 | Microsoft Corporation | Declarative permission requests in a computer system |
US6317787B1 (en) * | 1998-08-11 | 2001-11-13 | Webtrends Corporation | System and method for analyzing web-server log files |
US20030009464A1 (en) * | 1998-10-02 | 2003-01-09 | Campbell Rene L. | System and method for managing computer and phone network resources |
US10511573B2 (en) | 1998-10-30 | 2019-12-17 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
US6826616B2 (en) | 1998-10-30 | 2004-11-30 | Science Applications International Corp. | Method for establishing secure communication link between computers of virtual private network |
US6502135B1 (en) | 1998-10-30 | 2002-12-31 | Science Applications International Corporation | Agile network protocol for secure communications with assured system availability |
AU765914B2 (en) * | 1998-10-30 | 2003-10-02 | Virnetx Inc. | An agile network protocol for secure communications with assured system availability |
US7418504B2 (en) | 1998-10-30 | 2008-08-26 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
US6321338B1 (en) | 1998-11-09 | 2001-11-20 | Sri International | Network surveillance |
IL143592A0 (en) | 1998-12-07 | 2002-04-21 | Network Ice Corp | A method and apparatus for remote installation of network drivers and software |
EP1149339A1 (en) | 1998-12-09 | 2001-10-31 | Network Ice Corporation | A method and apparatus for providing network and computer system security |
US6301668B1 (en) | 1998-12-29 | 2001-10-09 | Cisco Technology, Inc. | Method and system for adaptive network security using network vulnerability assessment |
US6415321B1 (en) | 1998-12-29 | 2002-07-02 | Cisco Technology, Inc. | Domain mapping method and system |
US6499107B1 (en) | 1998-12-29 | 2002-12-24 | Cisco Technology, Inc. | Method and system for adaptive network security using intelligent packet analysis |
US6477651B1 (en) | 1999-01-08 | 2002-11-05 | Cisco Technology, Inc. | Intrusion detection system and method having dynamically loaded signatures |
US6487666B1 (en) | 1999-01-15 | 2002-11-26 | Cisco Technology, Inc. | Intrusion detection signature analysis using regular expressions and logical operators |
US6954775B1 (en) | 1999-01-15 | 2005-10-11 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
US6578147B1 (en) | 1999-01-15 | 2003-06-10 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
US6484262B1 (en) | 1999-01-26 | 2002-11-19 | Dell Usa, L.P. | Network controlled computer system security |
US6925442B1 (en) | 1999-01-29 | 2005-08-02 | Elijahu Shapira | Method and apparatus for evaluating vistors to a web server |
US6484315B1 (en) | 1999-02-01 | 2002-11-19 | Cisco Technology, Inc. | Method and system for dynamically distributing updates in a network |
US6567917B1 (en) | 1999-02-01 | 2003-05-20 | Cisco Technology, Inc. | Method and system for providing tamper-resistant executable software |
US6405318B1 (en) | 1999-03-12 | 2002-06-11 | Psionic Software, Inc. | Intrusion detection system |
US6609205B1 (en) | 1999-03-18 | 2003-08-19 | Cisco Technology, Inc. | Network intrusion detection signature analysis using decision graphs |
EP1045549A1 (en) * | 1999-04-15 | 2000-10-18 | International Business Machines Corporation | System and method for non intrusive monitoring and management of distributed data networks |
US7016951B1 (en) * | 1999-04-30 | 2006-03-21 | Mantech Ctx Corporation | System and method for network security |
AU773737B2 (en) * | 1999-05-17 | 2004-06-03 | Invicta Networks, Inc. | Method of communications and communication network intrusion protection methods and intrusion attempt detection system |
EP1533700A3 (en) * | 1999-05-17 | 2008-05-28 | Invicta Networks, Inc. | Method and system for protecting a communication device from intrusion |
US6981146B1 (en) * | 1999-05-17 | 2005-12-27 | Invicta Networks, Inc. | Method of communications and communication network intrusion protection methods and intrusion attempt detection system |
US7117532B1 (en) | 1999-07-14 | 2006-10-03 | Symantec Corporation | System and method for generating fictitious content for a computer |
AU6218800A (en) * | 1999-07-14 | 2001-01-30 | Recourse Technologies, Inc. | System and method for quickly authenticating messages using sequence numbers |
US6981155B1 (en) | 1999-07-14 | 2005-12-27 | Symantec Corporation | System and method for computer security |
US7346929B1 (en) | 1999-07-29 | 2008-03-18 | International Business Machines Corporation | Method and apparatus for auditing network security |
WO2001013639A1 (en) * | 1999-08-18 | 2001-02-22 | Fred Deutsch | Remote surveillance and archive system using video cameras |
US7073198B1 (en) | 1999-08-26 | 2006-07-04 | Ncircle Network Security, Inc. | Method and system for detecting a vulnerability in a network |
US7203962B1 (en) * | 1999-08-30 | 2007-04-10 | Symantec Corporation | System and method for using timestamps to detect attacks |
US7085936B1 (en) | 1999-08-30 | 2006-08-01 | Symantec Corporation | System and method for using login correlations to detect intrusions |
US6647270B1 (en) | 1999-09-10 | 2003-11-11 | Richard B. Himmelstein | Vehicletalk |
US6880087B1 (en) | 1999-10-08 | 2005-04-12 | Cisco Technology, Inc. | Binary state machine system and method for REGEX processing of a data stream in an intrusion detection system |
US6789202B1 (en) * | 1999-10-15 | 2004-09-07 | Networks Associates Technology, Inc. | Method and apparatus for providing a policy-driven intrusion detection system |
US7107347B1 (en) | 1999-11-15 | 2006-09-12 | Fred Cohen | Method and apparatus for network deception/emulation |
US6990591B1 (en) * | 1999-11-18 | 2006-01-24 | Secureworks, Inc. | Method and system for remotely configuring and monitoring a communication device |
US6363489B1 (en) * | 1999-11-29 | 2002-03-26 | Forescout Technologies Inc. | Method for automatic intrusion detection and deflection in a network |
US8006243B2 (en) | 1999-12-07 | 2011-08-23 | International Business Machines Corporation | Method and apparatus for remote installation of network drivers and software |
US6597957B1 (en) | 1999-12-20 | 2003-07-22 | Cisco Technology, Inc. | System and method for consolidating and sorting event data |
US6775657B1 (en) | 1999-12-22 | 2004-08-10 | Cisco Technology, Inc. | Multilayered intrusion detection system and method |
KR100642462B1 (ko) * | 1999-12-30 | 2006-11-02 | 주식회사 케이티 | 보안시스템 동작 분석기 및 그 방법 |
US6779120B1 (en) * | 2000-01-07 | 2004-08-17 | Securify, Inc. | Declarative language for specifying a security policy |
US8074256B2 (en) * | 2000-01-07 | 2011-12-06 | Mcafee, Inc. | Pdstudio design system and method |
US6957348B1 (en) | 2000-01-10 | 2005-10-18 | Ncircle Network Security, Inc. | Interoperability of vulnerability and intrusion detection systems |
JP2001197100A (ja) * | 2000-01-12 | 2001-07-19 | Mitsubishi Electric Corp | ユーザサーバ、監視装置、情報配信システム及びユーザサーバ設定方法 |
US7315891B2 (en) * | 2000-01-12 | 2008-01-01 | Vericept Corporation | Employee internet management device |
US6854063B1 (en) * | 2000-03-03 | 2005-02-08 | Cisco Technology, Inc. | Method and apparatus for optimizing firewall processing |
US7159237B2 (en) * | 2000-03-16 | 2007-01-02 | Counterpane Internet Security, Inc. | Method and system for dynamic network intrusion monitoring, detection and response |
US20010052081A1 (en) * | 2000-04-07 | 2001-12-13 | Mckibben Bernard R. | Communication network with a service agent element and method for providing surveillance services |
US7006508B2 (en) * | 2000-04-07 | 2006-02-28 | Motorola, Inc. | Communication network with a collection gateway and method for providing surveillance services |
AU2001262958A1 (en) | 2000-04-28 | 2001-11-12 | Internet Security Systems, Inc. | Method and system for managing computer security information |
US7574740B1 (en) | 2000-04-28 | 2009-08-11 | International Business Machines Corporation | Method and system for intrusion detection in a computer network |
AU2001257400A1 (en) | 2000-04-28 | 2001-11-12 | Internet Security Systems, Inc. | System and method for managing security events on a network |
KR20010090014A (ko) * | 2000-05-09 | 2001-10-18 | 김대연 | 네트워크 보호 시스템 |
EP1297440B1 (en) | 2000-05-12 | 2008-08-27 | Niksun, Inc. | Security camera for a network |
US7565692B1 (en) | 2000-05-30 | 2009-07-21 | At&T Wireless Services, Inc. | Floating intrusion detection platforms |
NL1015389C2 (nl) * | 2000-06-07 | 2001-12-10 | Koninkl Kpn Nv | Methode en systeem voor het beveiligen van een datasysteem. |
US6931444B2 (en) * | 2000-06-12 | 2005-08-16 | Amdocs (Israel) Ltd. | System, method and computer program product for reading, correlating, processing, categorizing and aggregating events of any type |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US6470297B1 (en) | 2000-06-21 | 2002-10-22 | The United States Of America As Represented By The Director Of The National Security Agency | Method of multi-dimensionally accentuating a deviation in information and identifying its cause |
US6907531B1 (en) | 2000-06-30 | 2005-06-14 | Internet Security Systems, Inc. | Method and system for identifying, fixing, and updating security vulnerabilities |
US7162649B1 (en) | 2000-06-30 | 2007-01-09 | Internet Security Systems, Inc. | Method and apparatus for network assessment and authentication |
GB0016835D0 (en) * | 2000-07-07 | 2000-08-30 | Messagelabs Limited | Method of, and system for, processing email |
US7093239B1 (en) | 2000-07-14 | 2006-08-15 | Internet Security Systems, Inc. | Computer immune system and method for detecting unwanted code in a computer system |
US20040120262A1 (en) * | 2000-07-25 | 2004-06-24 | Shinji Hirose | Site monitor and method for monitoring site |
US7380270B2 (en) * | 2000-08-09 | 2008-05-27 | Telos Corporation | Enhanced system, method and medium for certifying and accrediting requirements compliance |
US6993448B2 (en) | 2000-08-09 | 2006-01-31 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
US6901346B2 (en) | 2000-08-09 | 2005-05-31 | Telos Corporation | System, method and medium for certifying and accrediting requirements compliance |
JP2002063084A (ja) * | 2000-08-21 | 2002-02-28 | Toshiba Corp | パケット転送装置、パケット転送方法、及びそのプログラムが格納された記憶媒体 |
US9280667B1 (en) | 2000-08-25 | 2016-03-08 | Tripwire, Inc. | Persistent host determination |
US6353385B1 (en) | 2000-08-25 | 2002-03-05 | Hyperon Incorporated | Method and system for interfacing an intrusion detection system to a central alarm system |
US7181769B1 (en) * | 2000-08-25 | 2007-02-20 | Ncircle Network Security, Inc. | Network security system having a device profiler communicatively coupled to a traffic monitor |
US7278159B2 (en) * | 2000-09-07 | 2007-10-02 | Mazu Networks, Inc. | Coordinated thwarting of denial of service attacks |
US7043759B2 (en) * | 2000-09-07 | 2006-05-09 | Mazu Networks, Inc. | Architecture to thwart denial of service attacks |
US6807576B1 (en) * | 2000-09-08 | 2004-10-19 | International Business Machines Corporation | Method and system for determining and graphically representing frame classification rule relationships |
US7178166B1 (en) | 2000-09-19 | 2007-02-13 | Internet Security Systems, Inc. | Vulnerability assessment and authentication of a computer by a local scanner |
US9027121B2 (en) * | 2000-10-10 | 2015-05-05 | International Business Machines Corporation | Method and system for creating a record for one or more computer security incidents |
US7146305B2 (en) | 2000-10-24 | 2006-12-05 | Vcis, Inc. | Analytical virtual machine |
US7185368B2 (en) * | 2000-11-30 | 2007-02-27 | Lancope, Inc. | Flow-based detection of network intrusions |
US7130466B2 (en) | 2000-12-21 | 2006-10-31 | Cobion Ag | System and method for compiling images from a database and comparing the compiled images with known images |
US7168093B2 (en) | 2001-01-25 | 2007-01-23 | Solutionary, Inc. | Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures |
CA2436710C (en) * | 2001-01-31 | 2011-06-14 | Lancope, Inc. | Network port profiling |
AU2002243763A1 (en) | 2001-01-31 | 2002-08-12 | Internet Security Systems, Inc. | Method and system for configuring and scheduling security audits of a computer network |
US20020116488A1 (en) * | 2001-02-09 | 2002-08-22 | Subramanian Harihara Rama | System and method for delivery and usage based billing for data services in telecommunication networks |
US6925488B2 (en) * | 2001-02-28 | 2005-08-02 | International Business Machines Corporation | Distributed intelligent information technology operations automation |
US20020129285A1 (en) * | 2001-03-08 | 2002-09-12 | Masateru Kuwata | Biometric authenticated VLAN |
US7068998B2 (en) * | 2001-04-13 | 2006-06-27 | Northrop Grumman Corp. | Methodology for the detection of intrusion into radio frequency (RF) based networks including tactical data links and the tactical internet |
WO2002088968A1 (en) * | 2001-04-30 | 2002-11-07 | Ctx Corporation | Apparatus and method for network analysis |
US20100027430A1 (en) * | 2001-04-30 | 2010-02-04 | Netwitness Corporation | Apparatus and Method for Network Analysis |
US7036148B2 (en) | 2001-05-08 | 2006-04-25 | International Business Machines Corporation | Method of operating an intrusion detection system according to a set of business rules |
AU2002344308A1 (en) * | 2001-05-31 | 2002-12-09 | Internet Security Systems, Inc. | Method and system for implementing security devices in a network |
KR20010084950A (ko) * | 2001-06-02 | 2001-09-07 | 유진영 | 시큐어 웜 |
US7237264B1 (en) | 2001-06-04 | 2007-06-26 | Internet Security Systems, Inc. | System and method for preventing network misuse |
US7657419B2 (en) | 2001-06-19 | 2010-02-02 | International Business Machines Corporation | Analytical virtual machine |
KR20010079361A (ko) * | 2001-07-09 | 2001-08-22 | 김상욱 | 네트워크 상태 기반의 방화벽 장치 및 그 방법 |
US7315894B2 (en) * | 2001-07-17 | 2008-01-01 | Mcafee, Inc. | Network data retrieval and filter systems and methods |
US7162698B2 (en) | 2001-07-17 | 2007-01-09 | Mcafee, Inc. | Sliding window packet management systems |
US7296080B2 (en) * | 2001-07-17 | 2007-11-13 | Mcafee, Inc. | Method of simulating network communications |
WO2003009532A1 (en) * | 2001-07-19 | 2003-01-30 | Intrusion, Inc. | System and method for detecting network events |
US7023861B2 (en) * | 2001-07-26 | 2006-04-04 | Mcafee, Inc. | Malware scanning using a network bridge |
US7299496B2 (en) * | 2001-08-14 | 2007-11-20 | Illinois Institute Of Technology | Detection of misuse of authorized access in an information retrieval system |
US8332502B1 (en) | 2001-08-15 | 2012-12-11 | Metavante Corporation | Business to business network management event detection and response system and method |
US7302706B1 (en) * | 2001-08-31 | 2007-11-27 | Mcafee, Inc | Network-based file scanning and solution delivery in real time |
US7331061B1 (en) | 2001-09-07 | 2008-02-12 | Secureworks, Inc. | Integrated computer security management system and method |
US8776230B1 (en) * | 2001-10-02 | 2014-07-08 | Mcafee, Inc. | Master security policy server |
US7512980B2 (en) * | 2001-11-30 | 2009-03-31 | Lancope, Inc. | Packet sampling flow-based detection of network intrusions |
US10129273B2 (en) | 2001-11-30 | 2018-11-13 | Cisco Technology, Inc. | System and methods for computer network security involving user confirmation of network connections |
US7644151B2 (en) * | 2002-01-31 | 2010-01-05 | Lancope, Inc. | Network service zone locking |
US7475426B2 (en) * | 2001-11-30 | 2009-01-06 | Lancope, Inc. | Flow-based detection of network intrusions |
US7895326B2 (en) * | 2002-03-25 | 2011-02-22 | Lancope, Inc. | Network service zone locking |
NZ516346A (en) * | 2001-12-21 | 2004-09-24 | Esphion Ltd | A device for evaluating traffic on a computer network to detect traffic abnormalities such as a denial of service attack |
US7673137B2 (en) | 2002-01-04 | 2010-03-02 | International Business Machines Corporation | System and method for the managed security control of processes on a computer system |
US7370356B1 (en) * | 2002-01-23 | 2008-05-06 | Symantec Corporation | Distributed network monitoring system and method |
US7076803B2 (en) * | 2002-01-28 | 2006-07-11 | International Business Machines Corporation | Integrated intrusion detection services |
US7213264B2 (en) | 2002-01-31 | 2007-05-01 | Mazu Networks, Inc. | Architecture to thwart denial of service attacks |
US7093292B1 (en) * | 2002-02-08 | 2006-08-15 | Mcafee, Inc. | System, method and computer program product for monitoring hacker activities |
US20030154270A1 (en) * | 2002-02-12 | 2003-08-14 | Loss Prevention Management, Inc., New Mexico Corporation | Independent and integrated centralized high speed system for data management |
JP4088082B2 (ja) * | 2002-02-15 | 2008-05-21 | 株式会社東芝 | 未知コンピュータウイルスの感染を防止する装置およびプログラム |
US6874089B2 (en) * | 2002-02-25 | 2005-03-29 | Network Resonance, Inc. | System, method and computer program product for guaranteeing electronic transactions |
US8132250B2 (en) | 2002-03-08 | 2012-03-06 | Mcafee, Inc. | Message profiling systems and methods |
US7693947B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for graphically displaying messaging traffic |
US7870203B2 (en) | 2002-03-08 | 2011-01-11 | Mcafee, Inc. | Methods and systems for exposing messaging reputation to an end user |
US8561167B2 (en) | 2002-03-08 | 2013-10-15 | Mcafee, Inc. | Web reputation scoring |
US8578480B2 (en) | 2002-03-08 | 2013-11-05 | Mcafee, Inc. | Systems and methods for identifying potentially malicious messages |
US7124438B2 (en) | 2002-03-08 | 2006-10-17 | Ciphertrust, Inc. | Systems and methods for anomaly detection in patterns of monitored communications |
US20030172291A1 (en) | 2002-03-08 | 2003-09-11 | Paul Judge | Systems and methods for automated whitelisting in monitored communications |
US7694128B2 (en) | 2002-03-08 | 2010-04-06 | Mcafee, Inc. | Systems and methods for secure communication delivery |
US20060015942A1 (en) | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US7903549B2 (en) | 2002-03-08 | 2011-03-08 | Secure Computing Corporation | Content-based policy compliance systems and methods |
US7737134B2 (en) * | 2002-03-13 | 2010-06-15 | The Texas A & M University System | Anticancer agents and use |
US20110099621A1 (en) * | 2002-04-22 | 2011-04-28 | Nicholas Lizarraga | Process for monitoring, filtering and caching internet connections |
US7254632B2 (en) * | 2002-04-26 | 2007-08-07 | P-Cube Ltd. | Apparatus and method for pattern matching in text based protocol |
US7370360B2 (en) | 2002-05-13 | 2008-05-06 | International Business Machines Corporation | Computer immune system and method for detecting unwanted code in a P-code or partially compiled native-code program executing within a virtual machine |
US7042852B2 (en) * | 2002-05-20 | 2006-05-09 | Airdefense, Inc. | System and method for wireless LAN dynamic channel change with honeypot trap |
US7277404B2 (en) * | 2002-05-20 | 2007-10-02 | Airdefense, Inc. | System and method for sensing wireless LAN activity |
US20040203764A1 (en) * | 2002-06-03 | 2004-10-14 | Scott Hrastar | Methods and systems for identifying nodes and mapping their locations |
US7086089B2 (en) * | 2002-05-20 | 2006-08-01 | Airdefense, Inc. | Systems and methods for network security |
US7383577B2 (en) * | 2002-05-20 | 2008-06-03 | Airdefense, Inc. | Method and system for encrypted network management and intrusion detection |
US7058796B2 (en) * | 2002-05-20 | 2006-06-06 | Airdefense, Inc. | Method and system for actively defending a wireless LAN against attacks |
US7532895B2 (en) | 2002-05-20 | 2009-05-12 | Air Defense, Inc. | Systems and methods for adaptive location tracking |
AU2003231875A1 (en) * | 2002-06-03 | 2003-12-19 | University Of North Carolina At Charlotte | Systems and methods for enhanced network security |
US7322044B2 (en) * | 2002-06-03 | 2008-01-22 | Airdefense, Inc. | Systems and methods for automated network policy exception detection and correction |
US7418732B2 (en) * | 2002-06-26 | 2008-08-26 | Microsoft Corporation | Network switches for detection and prevention of virus attacks |
US7383582B1 (en) * | 2002-08-02 | 2008-06-03 | Federal Network Systems, Llc | Systems and methods for performing electronic surveillance |
US7587762B2 (en) * | 2002-08-09 | 2009-09-08 | Netscout Systems, Inc. | Intrusion detection system and network flow director method |
KR100457971B1 (ko) * | 2002-09-06 | 2004-11-18 | 지승도 | 시뮬레이션 기반 네트워크 보안관리 시스템 |
US7467408B1 (en) * | 2002-09-09 | 2008-12-16 | Cisco Technology, Inc. | Method and apparatus for capturing and filtering datagrams for network security monitoring |
US20040117658A1 (en) * | 2002-09-27 | 2004-06-17 | Andrea Klaes | Security monitoring and intrusion detection system |
US8407798B1 (en) | 2002-10-01 | 2013-03-26 | Skybox Secutiry Inc. | Method for simulation aided security event management |
US6952779B1 (en) * | 2002-10-01 | 2005-10-04 | Gideon Cohen | System and method for risk detection and analysis in a computer network |
US8479057B2 (en) * | 2002-11-04 | 2013-07-02 | Riverbed Technology, Inc. | Aggregator for connection based anomaly detection |
US8504879B2 (en) * | 2002-11-04 | 2013-08-06 | Riverbed Technology, Inc. | Connection based anomaly detection |
US7363656B2 (en) * | 2002-11-04 | 2008-04-22 | Mazu Networks, Inc. | Event detection/anomaly correlation heuristics |
US7660980B2 (en) * | 2002-11-18 | 2010-02-09 | Liquidware Labs, Inc. | Establishing secure TCP/IP communications using embedded IDs |
US7591001B2 (en) * | 2004-05-14 | 2009-09-15 | Liquidware Labs, Inc. | System, apparatuses, methods and computer-readable media for determining the security status of a computer before establishing a network connection |
US7549159B2 (en) * | 2004-05-10 | 2009-06-16 | Liquidware Labs, Inc. | System, apparatuses, methods and computer-readable media for determining the security status of a computer before establishing connection thereto |
US7386889B2 (en) | 2002-11-18 | 2008-06-10 | Trusted Network Technologies, Inc. | System and method for intrusion prevention in a communications network |
US7359930B2 (en) * | 2002-11-21 | 2008-04-15 | Arbor Networks | System and method for managing computer networks |
US20040103309A1 (en) * | 2002-11-27 | 2004-05-27 | Tracy Richard P. | Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing threat vulnerability feed |
US6983221B2 (en) * | 2002-11-27 | 2006-01-03 | Telos Corporation | Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing robust risk assessment model |
US6980927B2 (en) * | 2002-11-27 | 2005-12-27 | Telos Corporation | Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing continuous risk assessment |
US20040122937A1 (en) * | 2002-12-18 | 2004-06-24 | International Business Machines Corporation | System and method of tracking messaging flows in a distributed network |
US8239942B2 (en) * | 2002-12-30 | 2012-08-07 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
US7913303B1 (en) | 2003-01-21 | 2011-03-22 | International Business Machines Corporation | Method and system for dynamically protecting a computer system from attack |
US7278162B2 (en) | 2003-04-01 | 2007-10-02 | International Business Machines Corporation | Use of a programmable network processor to observe a flow of packets |
US7305708B2 (en) * | 2003-04-14 | 2007-12-04 | Sourcefire, Inc. | Methods and systems for intrusion detection |
US7522908B2 (en) * | 2003-04-21 | 2009-04-21 | Airdefense, Inc. | Systems and methods for wireless network site survey |
US7324804B2 (en) * | 2003-04-21 | 2008-01-29 | Airdefense, Inc. | Systems and methods for dynamic sensor discovery and selection |
US7355996B2 (en) | 2004-02-06 | 2008-04-08 | Airdefense, Inc. | Systems and methods for adaptive monitoring with bandwidth constraints |
US7359676B2 (en) * | 2003-04-21 | 2008-04-15 | Airdefense, Inc. | Systems and methods for adaptively scanning for wireless communications |
US8640234B2 (en) * | 2003-05-07 | 2014-01-28 | Trustwave Holdings, Inc. | Method and apparatus for predictive and actual intrusion detection on a network |
US8024795B2 (en) | 2003-05-09 | 2011-09-20 | Q1 Labs, Inc. | Network intelligence system |
US7885190B1 (en) | 2003-05-12 | 2011-02-08 | Sourcefire, Inc. | Systems and methods for determining characteristics of a network based on flow analysis |
US7848229B2 (en) | 2003-05-16 | 2010-12-07 | Siemens Enterprise Communications, Inc. | System and method for virtual channel selection in IP telephony systems |
US8065725B2 (en) * | 2003-05-30 | 2011-11-22 | Yuliang Zheng | Systems and methods for enhanced network security |
US8774214B1 (en) | 2003-06-06 | 2014-07-08 | Sprint Spectrum L.P. | Packet traffic surveillance at a network gateway |
US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20070113272A2 (en) | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Real-time vulnerability monitoring |
US9100431B2 (en) | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
EP1661367B1 (en) * | 2003-07-11 | 2013-08-21 | Computer Associates Think, Inc. | Packet sniffer |
US7356587B2 (en) * | 2003-07-29 | 2008-04-08 | International Business Machines Corporation | Automatically detecting malicious computer network reconnaissance by updating state codes in a histogram |
CN100466646C (zh) * | 2003-08-06 | 2009-03-04 | 华为技术有限公司 | 一种跟踪接口消息的实现方法和系统 |
US7657938B2 (en) | 2003-10-28 | 2010-02-02 | International Business Machines Corporation | Method and system for protecting computer networks by altering unwanted network data traffic |
JP2007534223A (ja) * | 2003-11-24 | 2007-11-22 | エフエスシー インターネット コーポレイション | ネットワークセッション再構築 |
US7523308B2 (en) * | 2004-02-23 | 2009-04-21 | Microsoft Corporation | Method and system for dynamic system protection |
US8806211B2 (en) * | 2004-05-19 | 2014-08-12 | Ca, Inc. | Method and systems for computer security |
US7929534B2 (en) * | 2004-06-28 | 2011-04-19 | Riverbed Technology, Inc. | Flow logging for connection-based anomaly detection |
US7539681B2 (en) | 2004-07-26 | 2009-05-26 | Sourcefire, Inc. | Methods and systems for multi-pattern searching |
US7496962B2 (en) * | 2004-07-29 | 2009-02-24 | Sourcefire, Inc. | Intrusion detection strategies for hypertext transport protocol |
US7600257B2 (en) * | 2004-10-13 | 2009-10-06 | Sonicwall, Inc. | Method and an apparatus to perform multiple packet payloads analysis |
US7835361B1 (en) | 2004-10-13 | 2010-11-16 | Sonicwall, Inc. | Method and apparatus for identifying data patterns in a file |
US20060123133A1 (en) * | 2004-10-19 | 2006-06-08 | Hrastar Scott E | Detecting unauthorized wireless devices on a wired network |
US8196199B2 (en) | 2004-10-19 | 2012-06-05 | Airdefense, Inc. | Personal wireless monitoring agent |
US7760653B2 (en) * | 2004-10-26 | 2010-07-20 | Riverbed Technology, Inc. | Stackable aggregation for connection based anomaly detection |
US8635690B2 (en) | 2004-11-05 | 2014-01-21 | Mcafee, Inc. | Reputation based message processing |
US20060224886A1 (en) * | 2005-04-05 | 2006-10-05 | Cohen Donald N | System for finding potential origins of spoofed internet protocol attack traffic |
US8806634B2 (en) | 2005-04-05 | 2014-08-12 | Donald N. Cohen | System for finding potential origins of spoofed internet protocol attack traffic |
US7765183B2 (en) * | 2005-04-23 | 2010-07-27 | Cisco Technology, Inc | Hierarchical tree of deterministic finite automata |
US7937480B2 (en) | 2005-06-02 | 2011-05-03 | Mcafee, Inc. | Aggregation of reputation data |
US8046833B2 (en) * | 2005-11-14 | 2011-10-25 | Sourcefire, Inc. | Intrusion event correlation with network discovery information |
US7733803B2 (en) * | 2005-11-14 | 2010-06-08 | Sourcefire, Inc. | Systems and methods for modifying network map attributes |
US7577424B2 (en) | 2005-12-19 | 2009-08-18 | Airdefense, Inc. | Systems and methods for wireless vulnerability analysis |
US7669228B2 (en) * | 2005-12-27 | 2010-02-23 | Cisco Technology, Inc. | System and method for changing network behavior based on presence information |
US7715800B2 (en) | 2006-01-13 | 2010-05-11 | Airdefense, Inc. | Systems and methods for wireless intrusion detection using spectral analysis |
US20070218874A1 (en) * | 2006-03-17 | 2007-09-20 | Airdefense, Inc. | Systems and Methods For Wireless Network Forensics |
US7971251B2 (en) | 2006-03-17 | 2011-06-28 | Airdefense, Inc. | Systems and methods for wireless security using distributed collaboration of wireless clients |
US20090021343A1 (en) * | 2006-05-10 | 2009-01-22 | Airdefense, Inc. | RFID Intrusion Protection System and Methods |
KR100719160B1 (ko) * | 2006-05-22 | 2007-05-18 | 주식회사 케이티 | 메시지 참조 테이블을 이용한 정상 생체정보 선별 장치 및그 방법 |
US7970013B2 (en) | 2006-06-16 | 2011-06-28 | Airdefense, Inc. | Systems and methods for wireless network content filtering |
US7948988B2 (en) * | 2006-07-27 | 2011-05-24 | Sourcefire, Inc. | Device, system and method for analysis of fragments in a fragment train |
US7701945B2 (en) | 2006-08-10 | 2010-04-20 | Sourcefire, Inc. | Device, system and method for analysis of segments in a transmission control protocol (TCP) session |
US8281392B2 (en) | 2006-08-11 | 2012-10-02 | Airdefense, Inc. | Methods and systems for wired equivalent privacy and Wi-Fi protected access protection |
US8214497B2 (en) | 2007-01-24 | 2012-07-03 | Mcafee, Inc. | Multi-dimensional reputation scoring |
US8179798B2 (en) | 2007-01-24 | 2012-05-15 | Mcafee, Inc. | Reputation based connection throttling |
US7949716B2 (en) | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US7779156B2 (en) | 2007-01-24 | 2010-08-17 | Mcafee, Inc. | Reputation based load balancing |
US8763114B2 (en) | 2007-01-24 | 2014-06-24 | Mcafee, Inc. | Detecting image spam |
US8069352B2 (en) | 2007-02-28 | 2011-11-29 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
EP2156290B1 (en) | 2007-04-30 | 2020-03-25 | Cisco Technology, Inc. | Real-time awareness for a computer network |
US8863286B1 (en) | 2007-06-05 | 2014-10-14 | Sonicwall, Inc. | Notification for reassembly-free file scanning |
US7991723B1 (en) | 2007-07-16 | 2011-08-02 | Sonicwall, Inc. | Data pattern analysis using optimized deterministic finite automaton |
US8185930B2 (en) | 2007-11-06 | 2012-05-22 | Mcafee, Inc. | Adjusting filter or classification control settings |
US8045458B2 (en) | 2007-11-08 | 2011-10-25 | Mcafee, Inc. | Prioritizing network traffic |
US8160975B2 (en) | 2008-01-25 | 2012-04-17 | Mcafee, Inc. | Granular support vector machine with random granularity |
US7792922B2 (en) * | 2008-03-05 | 2010-09-07 | Caterpillar Inc. | Systems and methods for managing health of a client system |
US8589503B2 (en) | 2008-04-04 | 2013-11-19 | Mcafee, Inc. | Prioritizing network traffic |
US8474043B2 (en) | 2008-04-17 | 2013-06-25 | Sourcefire, Inc. | Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing |
US8813221B1 (en) | 2008-09-25 | 2014-08-19 | Sonicwall, Inc. | Reassembly-free deep packet inspection on multi-core hardware |
US8272055B2 (en) | 2008-10-08 | 2012-09-18 | Sourcefire, Inc. | Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system |
US20100205014A1 (en) * | 2009-02-06 | 2010-08-12 | Cary Sholer | Method and system for providing response services |
US9871807B2 (en) | 2009-06-12 | 2018-01-16 | Microsoft Technology Licensing, Llc | Generic protocol decoder for generic application-level protocol signatures |
US9769149B1 (en) | 2009-07-02 | 2017-09-19 | Sonicwall Inc. | Proxy-less secure sockets layer (SSL) data inspection |
CA2789824C (en) | 2010-04-16 | 2018-11-06 | Sourcefire, Inc. | System and method for near-real time network attack detection, and system and method for unified detection via detection routing |
CN101867793A (zh) * | 2010-05-14 | 2010-10-20 | 蔡晓东 | 分布式智能视频搜索系统及使用方法 |
US8621638B2 (en) | 2010-05-14 | 2013-12-31 | Mcafee, Inc. | Systems and methods for classification of messaging entities |
US8433790B2 (en) | 2010-06-11 | 2013-04-30 | Sourcefire, Inc. | System and method for assigning network blocks to sensors |
US8671182B2 (en) | 2010-06-22 | 2014-03-11 | Sourcefire, Inc. | System and method for resolving operating system or service identity conflicts |
IL210899A (en) * | 2011-01-27 | 2015-08-31 | Verint Systems Ltd | A system and method for traffic transfers across proxy servers |
US8601034B2 (en) | 2011-03-11 | 2013-12-03 | Sourcefire, Inc. | System and method for real time data awareness |
WO2012154657A2 (en) | 2011-05-06 | 2012-11-15 | The Penn State Research Foundation | Robust anomaly detection and regularized domain adaptation of classifiers with application to internet packet-flows |
US10432587B2 (en) | 2012-02-21 | 2019-10-01 | Aventail Llc | VPN deep packet inspection |
US9166732B2 (en) * | 2012-04-19 | 2015-10-20 | At&T Mobility Ii Llc | Facilitation of security employing a femto cell access point |
US9773405B2 (en) | 2013-03-15 | 2017-09-26 | Cybersponse, Inc. | Real-time deployment of incident response roadmap |
US9961096B1 (en) | 2013-09-17 | 2018-05-01 | Cisco Technology, Inc. | Distributed behavior based anomaly detection |
US9306964B2 (en) | 2014-04-04 | 2016-04-05 | Netscout Systems, Inc. | Using trust profiles for network breach detection |
US9923767B2 (en) | 2014-04-15 | 2018-03-20 | Splunk Inc. | Dynamic configuration of remote capture agents for network data capture |
US10700950B2 (en) | 2014-04-15 | 2020-06-30 | Splunk Inc. | Adjusting network data storage based on event stream statistics |
US11086897B2 (en) | 2014-04-15 | 2021-08-10 | Splunk Inc. | Linking event streams across applications of a data intake and query system |
US9838512B2 (en) | 2014-10-30 | 2017-12-05 | Splunk Inc. | Protocol-based capture of network data using remote capture agents |
US10366101B2 (en) | 2014-04-15 | 2019-07-30 | Splunk Inc. | Bidirectional linking of ephemeral event streams to creators of the ephemeral event streams |
US10462004B2 (en) | 2014-04-15 | 2019-10-29 | Splunk Inc. | Visualizations of statistics associated with captured network data |
US9762443B2 (en) | 2014-04-15 | 2017-09-12 | Splunk Inc. | Transformation of network data at remote capture agents |
US10523521B2 (en) | 2014-04-15 | 2019-12-31 | Splunk Inc. | Managing ephemeral event streams generated from captured network data |
US10127273B2 (en) | 2014-04-15 | 2018-11-13 | Splunk Inc. | Distributed processing of network data using remote capture agents |
US10360196B2 (en) | 2014-04-15 | 2019-07-23 | Splunk Inc. | Grouping and managing event streams generated from captured network data |
US11281643B2 (en) | 2014-04-15 | 2022-03-22 | Splunk Inc. | Generating event streams including aggregated values from monitored network data |
US10693742B2 (en) | 2014-04-15 | 2020-06-23 | Splunk Inc. | Inline visualizations of metrics related to captured network data |
US9596253B2 (en) | 2014-10-30 | 2017-03-14 | Splunk Inc. | Capture triggers for capturing network data |
US10334085B2 (en) | 2015-01-29 | 2019-06-25 | Splunk Inc. | Facilitating custom content extraction from network packets |
US11997123B1 (en) | 2015-07-15 | 2024-05-28 | Management Analytics, Inc. | Scaleable cyber security assessment system and method |
CA2994548A1 (en) | 2015-08-03 | 2017-02-09 | Ingalls Information Security Ip, L.L.C. | Network security monitoring and correlation system and method of using same |
US9998482B2 (en) | 2015-09-18 | 2018-06-12 | International Business Machines Corporation | Automated network interface attack response |
CN108012338A (zh) * | 2016-11-02 | 2018-05-08 | 中兴通讯股份有限公司 | 数据传输方法、装置、应用及基站 |
GB201704931D0 (en) * | 2017-03-28 | 2017-05-10 | Indigovision Ltd | Monitoring devices and methods for IP surveillance networks |
US10958557B2 (en) * | 2019-07-31 | 2021-03-23 | International Business Machines Corporation | Automated deployment of a private monitoring network |
CN110890996B (zh) * | 2019-08-21 | 2021-08-13 | 研祥智能科技股份有限公司 | 网口状态的检测方法、设备及系统 |
US11711381B2 (en) | 2020-10-29 | 2023-07-25 | International Business Machines Corporation | Automatic hotspot identification in network graphs |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5101402A (en) * | 1988-05-24 | 1992-03-31 | Digital Equipment Corporation | Apparatus and method for realtime monitoring of network sessions in a local area network |
US5032979A (en) * | 1990-06-22 | 1991-07-16 | International Business Machines Corporation | Distributed security auditing subsystem for an operating system |
FR2706652B1 (fr) * | 1993-06-09 | 1995-08-18 | Alsthom Cge Alcatel | Dispositif de détection d'intrusions et d'usagers suspects pour ensemble informatique et système de sécurité comportant un tel dispositif. |
US5414833A (en) * | 1993-10-27 | 1995-05-09 | International Business Machines Corporation | Network security system and method using a parallel finite state machine adaptive active monitor and responder |
US5606668A (en) * | 1993-12-15 | 1997-02-25 | Checkpoint Software Technologies Ltd. | System for securing inbound and outbound data packet flow in a computer network |
US5557742A (en) * | 1994-03-07 | 1996-09-17 | Haystack Labs, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
US5524238A (en) * | 1994-03-23 | 1996-06-04 | Breakout I/O Corporation | User specific intelligent interface which intercepts and either replaces or passes commands to a data identity and the field accessed |
US5488715A (en) * | 1994-08-01 | 1996-01-30 | At&T Corp. | Process for integrated traffic data management and network surveillance in communications networks |
US5699513A (en) * | 1995-03-31 | 1997-12-16 | Motorola, Inc. | Method for secure network access via message intercept |
-
1996
- 1996-11-21 US US08/749,352 patent/US5796942A/en not_active Expired - Lifetime
-
1997
- 1997-11-21 WO PCT/US1997/021322 patent/WO1998022875A1/en active IP Right Grant
- 1997-11-21 EP EP97949535A patent/EP1008046B1/en not_active Expired - Lifetime
- 1997-11-21 DE DE69739769T patent/DE69739769D1/de not_active Expired - Lifetime
- 1997-11-21 KR KR1019990704542A patent/KR20000057209A/ko not_active Application Discontinuation
- 1997-11-21 JP JP52390698A patent/JP2002515152A/ja not_active Withdrawn
- 1997-11-21 CA CA002274299A patent/CA2274299C/en not_active Expired - Fee Related
- 1997-11-21 AU AU73031/98A patent/AU777399B2/en not_active Ceased
- 1997-11-21 CN CN97182186A patent/CN1269030A/zh active Pending
- 1997-11-21 IL IL13007997A patent/IL130079A/xx not_active IP Right Cessation
- 1997-11-21 AT AT97949535T patent/ATE458221T1/de not_active IP Right Cessation
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9848011B2 (en) | 2009-07-17 | 2017-12-19 | American Express Travel Related Services Company, Inc. | Security safeguard modification |
US8752142B2 (en) | 2009-07-17 | 2014-06-10 | American Express Travel Related Services Company, Inc. | Systems, methods, and computer program products for adapting the security measures of a communication network based on feedback |
US10735473B2 (en) | 2009-07-17 | 2020-08-04 | American Express Travel Related Services Company, Inc. | Security related data for a risk variable |
CN102473119B (zh) * | 2009-07-17 | 2015-02-25 | 美国运通旅游有关服务公司 | 用于基于反馈调适通信网络的安全性措施的系统和方法 |
US9635059B2 (en) | 2009-07-17 | 2017-04-25 | American Express Travel Related Services Company, Inc. | Systems, methods, and computer program products for adapting the security measures of a communication network based on feedback |
CN102473119A (zh) * | 2009-07-17 | 2012-05-23 | 美国运通旅游有关服务公司 | 用于基于反馈调适通信网络的安全性措施的系统、方法和计算机程序产品 |
US10997571B2 (en) | 2009-12-17 | 2021-05-04 | American Express Travel Related Services Company, Inc. | Protection methods for financial transactions |
US9756076B2 (en) | 2009-12-17 | 2017-09-05 | American Express Travel Related Services Company, Inc. | Dynamically reacting policies and protections for securing mobile financial transactions |
US9712552B2 (en) | 2009-12-17 | 2017-07-18 | American Express Travel Related Services Company, Inc. | Systems, methods, and computer program products for collecting and reporting sensor data in a communication network |
US10218737B2 (en) | 2009-12-17 | 2019-02-26 | American Express Travel Related Services Company, Inc. | Trusted mediator interactions with mobile device sensor data |
US9973526B2 (en) | 2009-12-17 | 2018-05-15 | American Express Travel Related Services Company, Inc. | Mobile device sensor data |
US10432668B2 (en) | 2010-01-20 | 2019-10-01 | American Express Travel Related Services Company, Inc. | Selectable encryption methods |
US10931717B2 (en) | 2010-01-20 | 2021-02-23 | American Express Travel Related Services Company, Inc. | Selectable encryption methods |
US9847995B2 (en) | 2010-06-22 | 2017-12-19 | American Express Travel Related Services Company, Inc. | Adaptive policies and protections for securing financial transaction data at rest |
US10104070B2 (en) | 2010-06-22 | 2018-10-16 | American Express Travel Related Services Company, Inc. | Code sequencing |
US10360625B2 (en) | 2010-06-22 | 2019-07-23 | American Express Travel Related Services Company, Inc. | Dynamically adaptive policy management for securing mobile financial transactions |
US10395250B2 (en) | 2010-06-22 | 2019-08-27 | American Express Travel Related Services Company, Inc. | Dynamic pairing system for securing a trusted communication channel |
US10715515B2 (en) | 2010-06-22 | 2020-07-14 | American Express Travel Related Services Company, Inc. | Generating code for a multimedia item |
CN102436560A (zh) * | 2011-08-22 | 2012-05-02 | 高振宇 | 计算机自防御系统及方法 |
Also Published As
Publication number | Publication date |
---|---|
EP1008046A1 (en) | 2000-06-14 |
JP2002515152A (ja) | 2002-05-21 |
CA2274299C (en) | 2002-06-11 |
WO1998022875A1 (en) | 1998-05-28 |
AU777399B2 (en) | 2004-10-14 |
AU7303198A (en) | 1998-06-10 |
KR20000057209A (ko) | 2000-09-15 |
IL130079A (en) | 2003-07-06 |
DE69739769D1 (de) | 2010-04-01 |
ATE458221T1 (de) | 2010-03-15 |
CA2274299A1 (en) | 1998-05-28 |
EP1008046A4 (en) | 2004-09-08 |
IL130079A0 (en) | 2000-02-29 |
EP1008046B1 (en) | 2010-02-17 |
US5796942A (en) | 1998-08-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1269030A (zh) | 自动化网络监视和安全违规干预的方法和装置 | |
US7243371B1 (en) | Method and system for configurable network intrusion detection | |
JP3448254B2 (ja) | アクセス・チェーン追跡システム、ネットワーク・システム、方法、及び記録媒体 | |
CN102160048B (zh) | 收集和分析恶意软件数据 | |
US8813220B2 (en) | Methods and systems for internet protocol (IP) packet header collection and storage | |
US6347374B1 (en) | Event detection | |
EP1618725B1 (en) | Attack database structure | |
CN101176331B (zh) | 计算机网络入侵检测系统和方法 | |
CN1841397B (zh) | 聚合计算机系统的知识库以主动保护计算机免受恶意软件侵害 | |
EP0985995B1 (en) | Method and apparatus for intrusion detection in computers and computer networks | |
US20030084318A1 (en) | System and method of graphically correlating data for an intrusion protection system | |
CN1647483A (zh) | 检测和反击企业网络中的恶意代码 | |
US20030083847A1 (en) | User interface for presenting data for an intrusion protection system | |
CN1768516A (zh) | 智能集成网络安全设备 | |
CN1697404A (zh) | 一种交互式的网络蠕虫检测系统和方法 | |
CN1174580C (zh) | 网络管理系统中管理警报信息的方法 | |
CN1203641C (zh) | 网络入侵监测的方法和系统 | |
US20030084340A1 (en) | System and method of graphically displaying data for an intrusion protection system | |
Herrerias et al. | A log correlation model to support the evidence search process in a forensic investigation | |
CN1317855C (zh) | 一种入侵检测系统及其入侵检测方法 | |
CN114629711A (zh) | 一种针对Windows平台特种木马检测的方法及系统 | |
CN1447263A (zh) | 计算机网络信息安全事件处理方法 | |
CN111212039A (zh) | 基于dns流量的主机挖矿行为检测方法 | |
CN1653403A (zh) | 分析和处理来自网络入侵检测系统的警报的方法和系统 | |
Chen et al. | The Study and Implementation of Network-Based Auditing System with Session Tracking and Monitoring |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |