WO2002027443A3 - Global computer network intrusion detection system - Google Patents
Global computer network intrusion detection system Download PDFInfo
- Publication number
- WO2002027443A3 WO2002027443A3 PCT/US2001/022624 US0122624W WO0227443A3 WO 2002027443 A3 WO2002027443 A3 WO 2002027443A3 US 0122624 W US0122624 W US 0122624W WO 0227443 A3 WO0227443 A3 WO 0227443A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- detection system
- intrusion detection
- computer network
- global computer
- network intrusion
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
A method and system for enabling detection of concerted intrusion efforts by collecting data from various local sensors resident in intrusion detection system log files, firewalls, and routers across multiple network sites and normalizing, correlating and processing ('integrating') the sensor data from multiple different sensors resident on the multiple network sites.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2001288222A AU2001288222A1 (en) | 2000-09-25 | 2001-08-24 | Global computer network intrusion detection system |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US66833800A | 2000-09-25 | 2000-09-25 | |
| US09/668,338 | 2000-09-25 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2002027443A2 WO2002027443A2 (en) | 2002-04-04 |
| WO2002027443A3 true WO2002027443A3 (en) | 2003-01-23 |
Family
ID=24681939
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2001/022624 WO2002027443A2 (en) | 2000-09-25 | 2001-08-24 | Global computer network intrusion detection system |
Country Status (2)
| Country | Link |
|---|---|
| AU (1) | AU2001288222A1 (en) |
| WO (1) | WO2002027443A2 (en) |
Families Citing this family (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6957348B1 (en) | 2000-01-10 | 2005-10-18 | Ncircle Network Security, Inc. | Interoperability of vulnerability and intrusion detection systems |
| US7181769B1 (en) * | 2000-08-25 | 2007-02-20 | Ncircle Network Security, Inc. | Network security system having a device profiler communicatively coupled to a traffic monitor |
| US7444679B2 (en) | 2001-10-31 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Network, method and computer readable medium for distributing security updates to select nodes on a network |
| GB2387681A (en) * | 2002-04-18 | 2003-10-22 | Isis Innovation | Intrusion detection system with inductive logic means for suggesting new general rules |
| US7886365B2 (en) * | 2002-06-11 | 2011-02-08 | Panasonic Corporation | Content-log analyzing system and data-communication controlling device |
| US7325002B2 (en) | 2003-04-04 | 2008-01-29 | Juniper Networks, Inc. | Detection of network security breaches based on analysis of network record logs |
| WO2005069578A1 (en) * | 2004-01-05 | 2005-07-28 | Corrent Corporation | Method and apparatus for network intrusion detection system |
| US7599301B2 (en) * | 2005-07-01 | 2009-10-06 | Net Optics, Inc. | Communications network tap with heartbeat monitor |
| US7937344B2 (en) | 2005-07-25 | 2011-05-03 | Splunk Inc. | Machine data web |
| KR101266267B1 (en) | 2006-10-05 | 2013-05-23 | 스플렁크 인코퍼레이티드 | Time Series Search Engine |
| TWI331868B (en) * | 2007-06-11 | 2010-10-11 | Univ Nat Pingtung Sci & Tech | Detecting method of network invasion |
| US8365190B2 (en) | 2008-06-16 | 2013-01-29 | International Business Machines Corporation | Correlated message identifiers for events |
| IT1396756B1 (en) * | 2009-05-06 | 2012-12-14 | Univ Degli Studi Genova | METHOD OF DETECTION OF ANOMALIES IN A COMMUNICATION NETWORK AND NETWORK DEVICE THAT IMPLEMENTS THIS METHOD |
| CN103618689A (en) * | 2013-09-12 | 2014-03-05 | 天脉聚源(北京)传媒科技有限公司 | Method, device and system for network intrusion detection |
| US9660930B2 (en) | 2014-03-17 | 2017-05-23 | Splunk Inc. | Dynamic data server nodes |
| US9838346B2 (en) | 2014-03-17 | 2017-12-05 | Splunk Inc. | Alerting on dual-queue systems |
| US9753818B2 (en) | 2014-09-19 | 2017-09-05 | Splunk Inc. | Data forwarding using multiple data pipelines |
| CN104392173A (en) * | 2014-11-13 | 2015-03-04 | 普华基础软件股份有限公司 | Auditing system and audit detecting method |
| US9922037B2 (en) | 2015-01-30 | 2018-03-20 | Splunk Inc. | Index time, delimiter based extractions and previewing for use in indexing |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001084270A2 (en) * | 2000-04-28 | 2001-11-08 | Internet Security Systems, Inc. | Method and system for intrusion detection in a computer network |
-
2001
- 2001-08-24 WO PCT/US2001/022624 patent/WO2002027443A2/en active Application Filing
- 2001-08-24 AU AU2001288222A patent/AU2001288222A1/en not_active Abandoned
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001084270A2 (en) * | 2000-04-28 | 2001-11-08 | Internet Security Systems, Inc. | Method and system for intrusion detection in a computer network |
Non-Patent Citations (1)
| Title |
|---|
| MNSMAN S ET AL: "System or security managers adaptive response tool", DARPA INFORMATION SURVIVABILITY CONFERENCE AND EXPOSITION, 2000. DISCEX '00. PROCEEDINGS HILTON HEAD, SC, USA 25-27 JAN. 2000, LAS ALAMITOS, CA, USA,IEEE COMPUT. SOC, US, 25 January 2000 (2000-01-25), pages 56 - 68, XP010371127, ISBN: 0-7695-0490-6 * |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2002027443A2 (en) | 2002-04-04 |
| AU2001288222A1 (en) | 2002-04-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2002027443A3 (en) | Global computer network intrusion detection system | |
| WO2003054747A3 (en) | Method and apparatus for managing components in an it system | |
| AU2001238672A1 (en) | Method and system for extracting, analyzing, storing, comparing and reporting on data stored in web and/or other network repositories and apparatus to detect, prevent and obfuscate information removal from information servers | |
| AU5999201A (en) | Continuously updated data processing system and method for measuring and reporting on value creation performance | |
| EP1494427A3 (en) | Signature extraction system and method | |
| EP0920155A3 (en) | Method for monitoring a computer system | |
| EP1189185A3 (en) | Trusted system | |
| WO2002063898A8 (en) | Presence and availability management system | |
| WO2005043286A3 (en) | System and method for incident reporting, information gathering, reconstructing and alerting | |
| AU2001247351A1 (en) | Method and system for dynamic network intrusion monitoring, detection and response | |
| EP1289317A4 (en) | Method for posting three-dimensional image data and system for creating three-dimensional image | |
| AU2035600A (en) | Development tool, method, and system for client server appications | |
| WO2001077785A3 (en) | Network portal system, apparatus and method | |
| AU4970600A (en) | Apparatus, systems and methods for detecting and transmitting sensory data over a computer network | |
| WO2000068838A3 (en) | Method and apparatus for finding mirrored hosts by analyzing urls | |
| WO2004088952A3 (en) | Intelligent integrated network security device | |
| DE69933153D1 (en) | Electronic device, data processing method and system, and computer-readable storage medium | |
| AU2001255641A1 (en) | Method and system for intrusion detection in a computer network | |
| WO2004086185A3 (en) | Rules-based deployment of computing components | |
| WO2000058870A3 (en) | Handling a request for information provided by a network site | |
| NO994490L (en) | Seismic detection apparatus, and associated method | |
| WO2003032011A3 (en) | System and method for scanning individuals for illicit objects | |
| WO2002046973A3 (en) | System and method for monitoring conditions to which an object is subjected | |
| EP1475922A3 (en) | Data processing device, data processing system, data processing method, data processing program and recording medium storing the program | |
| WO2003023614A3 (en) | System and method to automatically obtain a service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
| 122 | Ep: pct application non-entry in european phase | ||
| NENP | Non-entry into the national phase |
Ref country code: JP |