Distributed threat management

No: 7373666
Nr. solicitare: 10185008
Data depunerii: 2002-07-01
Data eliberarii: 2008-05-13
Tip: B2
Revendicari: 51
Schite: 11
Rezumat: A method and system are provided for managing a security threat in a distributed system. A distributed element of the system detects and reports suspicious activity to a threat management agent. The threat management agent determines whether an attack is taking place and deploys a countermeasure to the attack when the attack is determined to be taking place. Another method and system are also provided for managing a security threat in a distributed system. A threat management agent reviews reported suspicious activity including suspicious activity reported from at least one distributed element of the system, determines, based on the reports, whether a pattern characteristic of an attack occurred, and predicts when a next attack is likely to occur. Deployment of a countermeasure to the predicted next attack is directed in a time window based on when the next attack is predicted to occur.
Inventatori:
	Kaler Christopher G. (15)
	Della-Libera Giovanni Moises (1)
	Shewchuk John P. (13)
Examinator principal: Sheikh Ayaz
Examinator secundar: Chai Longbit
Mandatari:
	Birch, Stewart, Kolasch & Birch, LLP} (ORG) (8319)
Cesionari:
	Microsoft Corporation} (ORG) (5533)
Domeniu de cautare:

Alte referinte:
	Box, Don. “A Brief History of SOAP” (Apr. 4, 2001) xml.com : http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html.
	Barrus et al.; “A Distributed Autonomous-Agent Network-Intrusion Detection and Response System”. (Jun. 1998) NEC Research Index, Proceedings of the 1998 Command and Control Research and Technology Symposium.
	P.A. Porras, P.G. Neumann. “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Distrubances” (1997) Proc. 20th NIST-NCSC National Information Systems Security Conference.
	E.A. Fisch “Intrusion Damage Control and Assessment: A Taxonomy and Implementation fo Automated Responses to Intrusive Behavior” (May 1996) PhD Thesis, Texas A&M University. Chapters I-III.
	The Honeynet Project “Know Your Enemy: Statistics” (Jul. 22, 2001). Avaliable online at http://www.chguy.net/news/jul01/attack-stats.html.
	J. Yuill, S.F. Wu, F. Gong, M. Huang. “Intrusion Detection for an On-Going Attack” (1999) Recent Advances in Intrusion Detection.
Referinte:
	6324656
	6408391

Distributed threat management

No:

Nr. solicitare:

Data depunerii:

Data eliberarii:

Tip:

Revendicari:

Schite:

Rezumat:

Inventatori:

Kaler Christopher G. (15)

Della-Libera Giovanni Moises (1)

Shewchuk John P. (13)

Examinator principal:

Examinator secundar:

Mandatari:

Birch, Stewart, Kolasch & Birch, LLP} (ORG) (8319)

Cesionari:

Microsoft Corporation} (ORG) (5533)

Domeniu de cautare:

Alte referinte:

Box, Don. “A Brief History of SOAP” (Apr. 4, 2001) xml.com : http://webservices.xml.com/pub/a/ws/2001/04/04/soap.html.

Barrus et al.; “A Distributed Autonomous-Agent Network-Intrusion Detection and Response System”. (Jun. 1998) NEC Research Index, Proceedings of the 1998 Command and Control Research and Technology Symposium.

P.A. Porras, P.G. Neumann. “EMERALD: Event Monitoring Enabling Responses to Anomalous Live Distrubances” (1997) Proc. 20th NIST-NCSC National Information Systems Security Conference.

E.A. Fisch “Intrusion Damage Control and Assessment: A Taxonomy and Implementation fo Automated Responses to Intrusive Behavior” (May 1996) PhD Thesis, Texas A&M University. Chapters I-III.

The Honeynet Project “Know Your Enemy: Statistics” (Jul. 22, 2001). Avaliable online at http://www.chguy.net/news/jul01/attack-stats.html.

J. Yuill, S.F. Wu, F. Gong, M. Huang. “Intrusion Detection for an On-Going Attack” (1999) Recent Advances in Intrusion Detection.

Referinte:

6324656

6408391