Method and apparatus for facilitating detection of network intrusion
Number of patents in Portfolio can not be more than 2000
United States of America Patent
Stats
-
N/A
Issued Date -
Dec 25, 2003
app pub date -
Jun 21, 2002
filing date -
Jun 21, 2002
priority date (Note) -
Abandoned
status (Latency Note)
Importance
Abstract
System for facilitating detection of network intrusion. Through continuous accumulation of network traffic parameter information, data for a particular session is reduced to a single metric that represents the threat potential of the session as compared to normal network traffic. An analysis station accumulates and maintains the historical data and defines a point for each specific session within a distribution. The dimensions in the distribution space take into account various network traffic parameters useful in identifying an attack. The distance between a session's point and the centroid of the distribution represents the threat metric. The analysis station can display the threat metric as a point or points on a display. The intensity of the point is an indication of the threat potential. The easy-to-read display calls anomalous traffic to the attention of an operator and facilitates discrimination among ambiguous cases.
First Claim
Family
International Classification(s)
Cited Art Landscape
Patent Citation Ranking
Advertisement
Advertisement
Advertisement
Recipient Email Address
Recipient Email Address
Comment
Recipient Email Address
Add to Portfolio(s)
To add this patent to one, or more, of your portfolios, simply click the add button.
This Patent is in these Portfolios:
Add to additional portfolios:
Last Refreshed On:
Changes done successfully