DE69817176D1 - Verfahren und Vorrichtung zur Eindringdetektion in Rechnern und Rechnernetzen - Google Patents

Verfahren und Vorrichtung zur Eindringdetektion in Rechnern und Rechnernetzen

Info

Publication number
DE69817176D1
DE69817176D1 DE69817176T DE69817176T DE69817176D1 DE 69817176 D1 DE69817176 D1 DE 69817176D1 DE 69817176 T DE69817176 T DE 69817176T DE 69817176 T DE69817176 T DE 69817176T DE 69817176 D1 DE69817176 D1 DE 69817176D1
Authority
DE
Germany
Prior art keywords
computers
computer networks
intrusion detection
intrusion
networks
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE69817176T
Other languages
English (en)
Other versions
DE69817176T2 (de
Inventor
Marc C Dacier
Herve C Debar
Andreas A Wespi
Aris Floratos
Isidore Rigoutsos
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Application granted granted Critical
Publication of DE69817176D1 publication Critical patent/DE69817176D1/de
Publication of DE69817176T2 publication Critical patent/DE69817176T2/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
DE1998617176 1998-09-09 1998-09-09 Verfahren und Vorrichtung zur Eindringdetektion in Rechnern und Rechnernetzen Expired - Lifetime DE69817176T2 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP19980117083 EP0985995B1 (de) 1998-09-09 1998-09-09 Verfahren und Vorrichtung zur Eindringdetektion in Rechnern und Rechnernetzen

Publications (2)

Publication Number Publication Date
DE69817176D1 true DE69817176D1 (de) 2003-09-18
DE69817176T2 DE69817176T2 (de) 2004-06-24

Family

ID=8232601

Family Applications (1)

Application Number Title Priority Date Filing Date
DE1998617176 Expired - Lifetime DE69817176T2 (de) 1998-09-09 1998-09-09 Verfahren und Vorrichtung zur Eindringdetektion in Rechnern und Rechnernetzen

Country Status (2)

Country Link
EP (1) EP0985995B1 (de)
DE (1) DE69817176T2 (de)

Families Citing this family (42)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1149339A1 (de) 1998-12-09 2001-10-31 Network Ice Corporation Verfahren und vorrichtung zur netzwerk- und computersystem- sicherung
US7346929B1 (en) 1999-07-29 2008-03-18 International Business Machines Corporation Method and apparatus for auditing network security
JP4434465B2 (ja) * 1999-11-16 2010-03-17 キヤノン株式会社 通信装置及び方法並びに記憶媒体
US8006243B2 (en) 1999-12-07 2011-08-23 International Business Machines Corporation Method and apparatus for remote installation of network drivers and software
US7007174B2 (en) * 2000-04-26 2006-02-28 Infoglide Corporation System and method for determining user identity fraud using similarity searching
US20010054153A1 (en) * 2000-04-26 2001-12-20 Wheeler David B. System and method for determining user identity fraud using similarity searching
AU2001262958A1 (en) 2000-04-28 2001-11-12 Internet Security Systems, Inc. Method and system for managing computer security information
US7574740B1 (en) * 2000-04-28 2009-08-11 International Business Machines Corporation Method and system for intrusion detection in a computer network
AU2001257400A1 (en) 2000-04-28 2001-11-12 Internet Security Systems, Inc. System and method for managing security events on a network
US9027121B2 (en) 2000-10-10 2015-05-05 International Business Machines Corporation Method and system for creating a record for one or more computer security incidents
AU2002243763A1 (en) 2001-01-31 2002-08-12 Internet Security Systems, Inc. Method and system for configuring and scheduling security audits of a computer network
US20060265746A1 (en) 2001-04-27 2006-11-23 Internet Security Systems, Inc. Method and system for managing computer security information
US7036148B2 (en) 2001-05-08 2006-04-25 International Business Machines Corporation Method of operating an intrusion detection system according to a set of business rules
KR100439950B1 (ko) * 2001-05-22 2004-07-12 (주)인젠 네트워크 침입탐지 시스템
US7657419B2 (en) 2001-06-19 2010-02-02 International Business Machines Corporation Analytical virtual machine
US7278160B2 (en) 2001-08-16 2007-10-02 International Business Machines Corporation Presentation of correlated events as situation classes
US7571480B2 (en) 2001-08-16 2009-08-04 International Business Machines Corporation Presentation of correlated events as situation classes
US7039953B2 (en) 2001-08-30 2006-05-02 International Business Machines Corporation Hierarchical correlation of intrusion detection events
CA2460492A1 (en) 2001-09-28 2003-04-10 British Telecommunications Public Limited Company Agent-based intrusion detection system
US7673137B2 (en) 2002-01-04 2010-03-02 International Business Machines Corporation System and method for the managed security control of processes on a computer system
AU2003220582A1 (en) 2002-03-29 2003-10-13 Cisco Technology, Inc. Method and system for reducing the false alarm rate of network intrusion detection systems
GB0208711D0 (en) * 2002-04-16 2002-05-29 Neural Technologies Ltd A hierarchical system for analysing data streams
US7017186B2 (en) 2002-07-30 2006-03-21 Steelcloud, Inc. Intrusion detection system using self-organizing clusters
US8819285B1 (en) 2002-10-01 2014-08-26 Trustwave Holdings, Inc. System and method for managing network communications
US7506360B1 (en) 2002-10-01 2009-03-17 Mirage Networks, Inc. Tracking communication for determining device states
US7469418B1 (en) 2002-10-01 2008-12-23 Mirage Networks, Inc. Deterring network incursion
US7913303B1 (en) 2003-01-21 2011-03-22 International Business Machines Corporation Method and system for dynamically protecting a computer system from attack
US7281270B2 (en) 2003-04-01 2007-10-09 Lockheed Martin Corporation Attack impact prediction system
US7805762B2 (en) 2003-10-15 2010-09-28 Cisco Technology, Inc. Method and system for reducing the false alarm rate of network intrusion detection systems
US7657938B2 (en) 2003-10-28 2010-02-02 International Business Machines Corporation Method and system for protecting computer networks by altering unwanted network data traffic
EP1695167A1 (de) * 2003-12-17 2006-08-30 Telecom Italia S.p.A. Verfahren und vorrichtung zum überwachen der funktionsweise von verarbeitungssystemen, diesbezügliches netzwerk und computerprogrammprodukt dafür
FR2864392A1 (fr) * 2003-12-17 2005-06-24 France Telecom Procede de classification automatique d'un ensemble d'alertes issues de sondes de detection d'intrusions d'un systeme de securite d'information
US8185955B2 (en) 2004-11-26 2012-05-22 Telecom Italia S.P.A. Intrusion detection method and system, related network and computer program product therefor
US7814548B2 (en) 2005-09-13 2010-10-12 Honeywell International Inc. Instance based learning framework for effective behavior profiling and anomaly intrusion detection
GB0816556D0 (en) 2008-09-10 2008-10-15 Univ Napier Improvements in or relating to digital forensics
EP2425365A4 (de) 2009-04-30 2016-08-24 Ericsson Telefon Ab L M Abweichendes verhalten eines benutzerendgeräts
CN101976313B (zh) * 2010-09-19 2012-09-26 四川大学 基于频繁子图挖掘的异常入侵检测方法
EP2899665B1 (de) * 2012-09-19 2020-03-04 Mitsubishi Electric Corporation Informationsverarbeitungsvorrichtung, informationsverarbeitungsverfahren und programm
GB201504612D0 (en) 2015-03-18 2015-05-06 Inquisitive Systems Ltd Forensic analysis
CN107851156B (zh) * 2015-07-30 2021-06-04 日本电信电话株式会社 分析方法、分析装置和记录介质
JP5933797B1 (ja) * 2015-10-07 2016-06-15 株式会社ソリトンシステムズ ログ情報生成装置及びプログラム並びにログ情報抽出装置及びプログラム
GB201708671D0 (en) 2017-05-31 2017-07-12 Inquisitive Systems Ltd Forensic analysis

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2706652B1 (fr) * 1993-06-09 1995-08-18 Alsthom Cge Alcatel Dispositif de détection d'intrusions et d'usagers suspects pour ensemble informatique et système de sécurité comportant un tel dispositif.

Also Published As

Publication number Publication date
DE69817176T2 (de) 2004-06-24
EP0985995B1 (de) 2003-08-13
EP0985995A1 (de) 2000-03-15

Similar Documents

Publication Publication Date Title
DE69817176D1 (de) Verfahren und Vorrichtung zur Eindringdetektion in Rechnern und Rechnernetzen
DE69931004D1 (de) Verfahren und Vorrichtung zur Datenverarbeitung
DE69937816D1 (de) Datenverarbeitungsgerät und Verfahren
DE69927545D1 (de) Verfahren zur Authentifikation und Datenverarbeitungsvorrichtung
DE69923659D1 (de) Datenverarbeitungsvorrichtung und verfahren
DE69624177T2 (de) Verfahren und Vorrichtung zur Datenverarbeitung
DE60030658D1 (de) Verfahren und Vorrichtung zur Überprüfung von Gegenständen
DE60119567D1 (de) Verfahren und vorrichtung zur erkennung und klassifikation von störungen in einem rf-modulierten netzwerk
DE69926010D1 (de) Verfahren und vorrichtung zur erfassung seismischer daten
DE69935760D1 (de) Gerät und verfahren zur impedanzdetektion
DE69630480D1 (de) Verfahren, Vorrichtung und Datenstrukturen zur Objektverwaltung
DE69712105D1 (de) Verfahren und vorrichtung zur dokumentverarbeitung
DE69906037D1 (de) Verfahren und Vorrichtung zur Datenverschlüsselung
DE69927457D1 (de) Verfahren und Vorrichtung zur Cache-Speicherung von Informationen im Netzwerk
DE60000380T2 (de) Verfahren und Vorrichtung zur Datenkompression
DE69932768D1 (de) Verfahren und Vorrichtung zur Kollisionsüberprüfung von Objekten in Computersystemen
DE69924827D1 (de) Verfahren und Vorrichtung zur Verarbeitung von Bilddaten
DE19983717T1 (de) Vorrichtung und Verfahren zur Ausrichtung
DE69942295D1 (de) Vorrichtung und verfahren zur informationsverarbeitung
DE69932011D1 (de) Informationsverarbeitungsvorrichtung und Verfahren dazu
DE69834695D1 (de) Verfahren und Vorrichtung zur Datenkompression
DE69719934T2 (de) Verfahren und Vorrichtung zur schnellen und sicheren Datensammlung
DE60031062D1 (de) Vorrichtung, verfahren und system zur informationsverarbeitung
DE69730894D1 (de) Verfahren und Vorrichtung zur Fehlererkennung
DE60135125D1 (de) Elektronischer kommerz in einem informationsverarbeitungssystem und verfahren

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8320 Willingness to grant licences declared (paragraph 23)
8328 Change in the person/name/address of the agent

Representative=s name: DUSCHER, R., DIPL.-PHYS. DR.RER.NAT., PAT.-ANW., 7