Flow-based detection of network intrusions

H - Electricity – 04 – L

Patent

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Flow-based detection of network intrusions Flow-based detection of network intrusions

: H - Electricity
: 04
: L

: H04L 29/06 (2006.01) G06F 1/00 (2006.01) G06F 21/00 (2006.01)
: Patent
: CA 2430571
: A flow-based intrusion detection system for detecting intrusions in computer communication networks. Data packets representing communications between hosts in a computer-to-computer communication network are processed and assigned to various client/server flows. Statistics are collected for each flow. Then, the flow statistics are analyzed to determine if the flow appears to be legitimate traffic or possible suspicious activity. A concern index value is assigned to each flow that appears suspicious. By assigning a value to each flow that appears suspicious and adding that value to the total concern index of the responsible host, it is possible to identify hosts that are engaged in intrusion activity. When the concern index value of a host exceeds a preset alarm value, an alert is issued and appropriate action can be taken.

La présente invention concerne un système de détection basée sur le débit permettant de détecter des intrusions au sein de réseaux informatiques. On effectue un traitement de paquets de données représentatifs de communications entre utilisateurs dans un réseau de communications d'ordinateur à ordinateur et on les attribue à divers flux client/serveur. On recueille des statistiques pour chaque flux. Ensuite on effectue une analyse des statistiques des flux afin de déterminer si le flux semble constituer un trafic légitime ou une activité suspecte possible. On attribue une valeur-indice d'inquiétude à chaque flux qui présente un aspect suspect. Par l'attribution d'une valeur à chaque flux présentant un aspect suspect et par l'addition de cette valeur à la valeur-indice totale d'inquiétude, il est possible d'identifier les clients impliqués dans une activité d'intrusion. Lorsque la valeur-indice de référence d'un client dépasse une valeur d'avertissement prédéterminée, on délivre un avertissement et on peut prendre des mesures appropriées.

Affiliated with

Copeland John A. III

H - Electricity – 01 – L

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Finlayson & Singlehurst

F - Mech Eng,Light,Heat,Weapons – 22 – B

Agent

[ 0.00 ] – not rated yet Voters 0 Comments 0

Lancope Inc.

G - Physics – 06 – F

Owner

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for Canadian inventors and patents. Rate them and share your experience with other people.

Rating

Flow-based detection of network intrusions does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Flow-based detection of network intrusions, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Flow-based detection of network intrusions will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFCA-PAI-O-1747851

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure