System and method for detection of aberrant network behavior by clients of a network access gateway

Number of patents in Portfolio can not be more than 2000

United States of America Patent

PATENT NO 7590728
APP PUB NO 20050204169A1
SERIAL NO

11076652

Stats

ATTORNEY / AGENT: (SPONSORED)

Importance

Loading Importance Indicators... loading....

Abstract

See full text

A system and method for detecting aberrant network behavior. One embodiment provides a system of detecting aberrant network behavior behind a network access gateway comprising a processor, a first network interface coupled to the processor, a second network interface coupled to the processor, a storage media accessible by the processor and a set of computer instructions executable by the processor. The computer instructions can be executable to observe network communications arriving at the first network interface from multiple clients and determine when the traffic of a particular client is indicative of malware infection or other hostile network activity. If the suspicious network communication is determined to be of a sufficient volume, type, or duration the computer instructions can be executable to log such activity to storage media, or to notify an administrative entity via either the first network interface or second network interface, or to make the computer instructions be executable to perform other configured actions related to the functioning of the network access gateway.

Loading the Abstract Image... loading....

First Claim

See full text

Family

Loading Family data... loading....

Patent Owner(s)

Patent OwnerAddressTotal Patents
OpenTV, Inc.SAN FRANCISCO, CA256

International Classification(s)

  • [Classification Symbol]
  • [Patents Count]

Inventor(s)

Inventor Name Address # of filed Patents Total Citations
Tonnesen, Steven D Cedar Park , US 6 74

Cited Art Landscape

Patent Info (Count) # Cites Year
 
Other [Check patent profile for assignment information] (3)
2001/0039,576 Network policy transmission method from policy server to network node 52 2000
2003/0217,126 System and method for automatically configuring remote computer 99 2002
2005/0193,103 Method and apparatus for automatic configuration and management of a virtual private network 200 2003
 
RAMOT AT TEL-AVIV UNIVERSITY LTD. (1)
5748901 Flow control algorithm for high speed networks 72 1996
 
SECURIFY, INC. (1)
2003/0061,506 System and method for security policy 201 2001
 
PROMPTU SYSTEMS CORPORATION (1)
7324947 Global speech user interface 160 2002
 
EMC IP HOLDING COMPANY LLC (1)
6502131 Directory enabled policy management tool for intelligent traffic management 792 1998
 
BIGBAND NETWORKS BAS, INC. (1)
2003/0069,956 Object oriented SNMP agent 26 2001
 
ShareWave, Inc. (1)
2002/0133,589 DYNAMIC BANDWIDTH NEGOTIATION SCHEME FOR WIRELESS COMPUTER NETWORKS 50 1999
 
TELEDATA NETWORKS LTD (1)
2005/0195,854 Service connection method and architecture 21 2004
 
ORACLE AMERICA, INC. (2)
5878231 System for packet filtering of data packets at a computer network interface 103 1997
6157953 Authentication and access control in a management console program for managing services in a computer network 196 1998
 
AT&T INTELLECTUAL PROPERTY I, L.P. (1)
2007/0186,113 Methods, DSL modems, and computer program products for provisioning DSL service using downloaded username/password 18 2006
 
ZARBAÑA DIGITAL FUND LLC (1)
6085241 Internet user-bandwidth management and control tool 122 1998
 
ORACLE INTERNATIONAL CORPORATION (1)
2003/0163,603 System and method for XML data binding 143 2002
 
RSTAR CORPORATION (1)
2002/0055,968 Distributed application interface and authentication process 36 2001
 
UNWIRED PLANET, LLC (1)
2002/0123,335 Method and apparatus for provisioning a mobile station over a wireless network 191 2001
 
SBC KNOWLEDGE VENTURES, L.P. (1)
2008/0066,096 Method and apparatus for sending stored advertising data from an internet protocol television end user network interface device 36 2006
 
Felsher, David (1)
7181017 System and method for secure three-party communications 534 2002
 
KABUSHIKI KAISHA TOSHIBA (1)
2004/0179,822 Information storage medium, information playback apparatus, and information playback method 17 2004
 
CYBERTEK HOLDINGS., INC. (1)
2004/0015,719 Intelligent security engine and intelligent and integrated security system using the same 124 2002
 
ICP ELECTRONICS INC. (1)
2005/0149,721 METHOD OF SPEEDING UP PACKET FILTERING 18 2004
 
DIGEO, INC. (1)
2003/0041,104 System and method to provide local content and corresponding applications via carousel transmission to thin-client interactive television terminals 53 2002
 
INTERNATIONAL BUSINESS MACHINES CORPORATION (3)
5896499 Embedded security processor 237 1997
5996013 Method and apparatus for resource allocation with guarantees 199 1997
6176883 System and method for generating unsupported network information indicators 44 1997
 
ADAPTIVE MEDIA TECHNOLOGIES (1)
5953506 Method and apparatus that provides a scalable media delivery system 348 1996
 
JUMPTAP, INC. (1)
2007/0073,718 MOBILE SEARCH SERVICE INSTANT ACTIVATION 178 2006
 
NTT DOCOMO DCMR COMMUNICATIONS LABORATORIES USA, INC. (1)
2002/0075,844 Integrating public and private network resources for optimized broadband wireless access and method 495 2001
 
EXTREME NETWORKS, INC. (2)
2004/0122,956 Wireless local area communication network system and method 38 2002
2006/0036,723 Method and apparatus for converting network management protocol to markup language 16 2004
 
LSI LOGIC CORPORATION (1)
6473801 System and method for arbitrating bandwidth on segmented network topologies 15 1999
 
LUCENT TECHNOLOGIES INC. (1)
7146639 Method and apparatus for managing a firewall 29 2003
 
CISCO TECHNOLOGY, INC. (8)
6463474 Local authentication of a client at a network device 324 1999
6539431 Support IP pool-based configuration 68 1999
6823385 Allocating access across a shared communications medium to user classes 63 2001
6917622 Allocating access across a shared communications medium in a carrier network 40 2001
7185368 Flow-based detection of network intrusions 123 2001
7143283 Simplifying the selection of network paths for implementing and managing security policies on a network 20 2002
7266754 Detecting network denial of service attacks 125 2003
2006/0168,229 System and method for network management using extensible markup language 19 2004
 
SECURE COMPUTING CORPORATION (1)
2003/0172,167 Systems and methods for secure communication delivery 125 2003
 
KONINKLIJKE KPN N.V. (1)
2007/0268,878 Nomadic Internet 24 2007
 
Sprint Spectrum L.P. (1)
2003/0212,800 Method and system for allowing multiple service providers to serve users via a common access network 71 2001
 
Center 7, Inc. (1)
2002/0091,944 Reporting and maintenance systems for enterprise management from a central location 39 2002
 
Bluesocket, Inc. (1)
2002/0136,226 Methods and systems for enabling seamless roaming of mobile devices among wireless networks 231 2002
 
AT&T INTELLECTUAL PROPERTY II, L.P. (1)
2002/0112,186 Authentication and authorization for access to remote production devices 116 2001
 
FUJI XEROX CO., LTD. (1)
5987134 Device and method for authenticating user's access rights to resources 168 1997
 
Digital Envoy, Inc. (1)
6757740 Systems and methods for determining collecting and using geographic locations of internet users 355 2000
 
THE TRUSTEES OF THE UNIVERSITY OF PENNSYLVANIA (1)
6185567 Authenticated access to internet based research and data services 185 1998
 
INTEL CORPORATION (2)
5673393 Managing bandwidth over a computer network having a management computer that allocates bandwidth to client computers upon request 43 1996
2004/0047,356 Network traffic monitoring 184 2002
 
IRDETO USA, INC. (1)
7120934 System, method and apparatus for detecting, identifying and responding to fraudulent requests on a network 31 2001
 
SYMANTEC CORPORATION (1)
2002/0165,990 Method and system for adapting short-range wireless access points for participation in a coordinated networked environment 27 2001
 
NORTEL NETWORKS LIMITED (1)
2002/0138,762 Management of log archival and reporting for data network security systems 165 2001
 
Equifax, Inc. (1)
6321339 System and method for authentication of network users and issuing a digital certificate 227 1999
 
WI-LAN INC. (1)
6785252 Method and apparatus for a self-correcting bandwidth request/grant protocol in a wireless communication system 155 2000
 
Telsima Inc. (1)
2002/0059,408 Dynamic traffic management on a shared medium 48 2001
 
HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP (1)
6108782 Distributed remote monitoring (dRMON) for networks 349 1997
 
SRI INTERNATIONAL (1)
* 6708212 Network surveillance 142 2003
 
JUNIPER NETWORKS, INC. (1)
2003/0154,399 Multi-method gateway-based network security systems and methods 259 2002
 
GENERAL INSTRUMENT CORPORATION (1)
2003/0126,608 Methods and systems for providing streaming media content in existing video delivery systems 61 2001
 
NOKIA TECHNOLOGIES OY (1)
7013331 Automated bulk configuration of network devices 61 2002
 
SONUS NETWORKS, INC. (1)
2003/0159,072 Single sign-on for multiple network -based services 106 2003
 
IDENTITY VERIFICATION SOLUTIONS LLC (1)
5706427 Authentication method for networks 194 1996
 
OL SECURITY LIMITED LIABILITY COMPANY (1)
5901148 Ring domains for bandwidth sharing 28 1997
 
COX COMMUNICATIONS, INC. (2)
6233607 Modular storage server architecture with dynamic data management 73 1999
2006/0184,618 Methods and systems for providing self-registration of communication services 14 2006
 
NEC CORPORATION (3)
6173331 Network node for sharing a common buffer among multiple connections while ensuring minimum bandwidth for each connection 31 1998
6421319 Network traffic monitoring system 33 1998
2005/0091,303 Flow control system and method therefor 25 2004
 
JPMORGAN CHASE BANK, N.A. (2)
6473793 Method and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users 218 1999
2002/0046,264 Method and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users 54 2001
 
MICROSOFT TECHNOLOGY LICENSING, LLC (8)
6735691 System and method for the automated migration of configuration information 180 2000
7325042 Systems and methods to manage information pulls 24 2002
2004/0064,836 Systems and methods for generating a walled garden program for substantially optimized bandwidth delivery 27 2002
2004/0073,941 Systems and methods for dynamic conversion of web content to an interactive walled garden program 38 2002
2004/0103,426 Tracking end-user content viewing and navigation 30 2002
2004/0268,234 XSD inference 21 2003
2005/0138,416 Object model for managing firewall services 66 2003
2008/0120,661 Systems and Methods for Dynamic Conversion of Web Content to an Interactive Walled Garden Program 28 2008
 
INTELLECTUAL VENTURES II LLC (1)
6324648 Secure gateway having user identification and password authentication 206 1999
 
STEELTORCH SOFTWARE, INC. (1)
2002/0152,284 System and method for performing real time monitoring and control of an interactive network 86 2001
 
GOOGLE TECHNOLOGY HOLDINGS LLC (2)
6404743 Enhanced simple network management protocol (SNMP) for network and systems management 70 1998
6275693 Method and apparatus for performing bearer independent wireless application service provisioning 95 1999
 
PREVENTION TECHNOLOGIES LIMITED (1)
2002/0042,883 Method and system for controlling access by clients to servers over an internet protocol network 31 2001
 
LG ELECTRONICS INC. (1)
2004/0181,816 Method for processing connection request of a disk player 18 2003
 
AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. (1)
7420956 Distributed storage and aggregation of multimedia information via a broadband access gateway 40 2005
 
BCE INC. (1)
2008/0276,305 Systems, Methods and Computer-Readable Media for Regulating Remote Access to a Data Network 32 2005
 
MICRO FOCUS SOFTWARE INC. (1)
6092200 Method and apparatus for providing a virtual private network 120 1997
 
VERIZON PATENT AND LICENSING INC. (1)
6088451 Security system and method for network element access 423 1996
 
AT HOME BONDHOLDERS' LIQUIDATING TRUST (3)
6678733 Method and system for authorizing and authenticating users 153 1999
6732179 Method and system for restricting access to user resources 183 1999
7406530 Method and system for restricting access to user resources 32 2004
 
SECURITY, INC. (1)
* 7272646 Network monitor internals description 75 2001
 
NTT Data Corporation (1)
2004/0085,906 Packet tracing system 24 2003
 
GOOD TECHNOLOGY CORPORATION (1)
6131116 System and method for globally accessing computer services 389 1996
 
TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) (1)
2007/0208,936 Means and Method for Single Sign-On Access to a Service Network Through an Access Network 53 2003
 
ALCATEL LUCENT (2)
2005/0021,686 Automated transformation of specifications for devices into executable modules 14 2003
2008/0147,840 REMOTE ACTIVATION OF HOME DEVICES 14 2007
 
Network Engineering Software, Inc. (1)
6804783 Firewall providing enhanced network security and user transparency 121 2000
 
4THPASS INC. (1)
2002/0131,404 Method and system for maintaining and distributing wireless applications 428 2001
 
RPX CLEARINGHOUSE LLC (1)
6516417 Virtual private networks 62 1998
 
SURGIENT NETWORKS, INC. (2)
2002/0174,227 Systems and methods for prioritization in information management environments 264 2001
2002/0120,741 Systems and methods for using distributed interconnects in information management enviroments 262 2001
 
WHITE, ERIC (1)
2005/0204,022 System and method for network management XML architectural abstraction 28 2005
 
RPX CORPORATION (9)
6212558 Method and apparatus for configuring and managing firewalls and security devices 230 1997
6243815 Method and apparatus for reconfiguring and managing firewalls and security devices 116 1997
2004/0177,276 System and method for providing access control 58 2003
2004/0199,635 System and method for dynamic bandwidth provisioning 50 2003
2005/0044,350 System and method for providing a secure connection between networked computers 55 2004
2005/0204,031 System and method for comprehensive code generation for system management 13 2005
2005/0204,050 Method and system for controlling network access 29 2005
2005/0204,168 System and method for double-capture/double-redirect to a different location 31 2005
2005/0204,402 System and method for behavior-based firewall modeling 20 2005
 
UNITED PAN-EUROPE COMMUNICATIONS N.V. (1)
2003/0070,170 Method and apparatus providing an improved electronic program guide in a cable television system 57 2002
 
FACEBOOK, INC. (2)
6336133 Regulating users of online forums 83 1998
6535879 Access control via properties system 42 2000
 
NOMADIX, INC. (5)
5936542 Convention ID badge system 120 1995
6194992 Mobile web 68 1997
6130892 Nomadic translator or router 271 1998
6636894 Systems and methods for redirecting users having transparent computer access to a network using a gateway device having redirection capability 274 1999
6789110 Information and control console for use with a network gateway interface 100 2000
 
AT&T CORP. (3)
6295294 Technique for limiting network congestion 51 1997
2002/0013,844 Service selection in a shared access network supporting quality of service 62 2001
2002/0023,160 Service selection in a shared access network providing access control 58 2001
* Cited By Examiner

Patent Citation Ranking

Forward Cite Landscape

Patent Info (Count) # Cites Year
 
OpenTV, Inc. (4)
8019866 System and method for detection of aberrant network behavior by clients of a network access gateway 4 2009
8060607 System and method for detection of aberrant network behavior by clients of a network access gateway 2 2010
* 2010/0191,850 SYSTEM AND METHOD FOR DETECTION OF ABERRANT NETWORK BEHAVIOR BY CLIENTS OF A NETWORK ACCESS GATEWAY 2 2010
8543693 System and method for detection of aberrant network behavior by clients of a network access gateway 0 2011
 
RPX CORPORATION (12)
8117639 System and method for providing access control 16 2003
8543710 Method and system for controlling network access 1 2005
8032933 Dynamically adaptive network firewalls and method, system and computer program product implementing same 19 2009
* 2010/0037,310 DYNAMICALLY ADAPTIVE NETWORK FIREWALLS AND METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT IMPLEMENTING SAME 12 2009
8108915 System and method for providing a secure connection between networked computers 8 2009
* 2010/0058,458 SYSTEM AND METHOD FOR PROVIDING A SECURE CONNECTION BETWEEN NETWORKED COMPUTERS 2 2009
8356336 System and method for double-capture/double-redirect to a different location 122 2009
* 2010/0064,356 SYSTEM AND METHOD FOR DOUBLE-CAPTURE/DOUBLE-REDIRECT TO A DIFFERENT LOCATION 12 2009
8397282 Dynamically adaptive network firewalls and method, system and computer program product implementing same 4 2011
8429725 System and method for providing a secure connection between networked computers 1 2011
8381273 System and method for providing a secure connection between networked computers 1 2011
8484695 System and method for providing access control 0 2012
 
WHITE, ERIE (1)
8661153 System and method for dynamic bandwidth provisioning 5 2009
 
AT&T INTELLECTUAL PROPERTY II, L.P. (1)
* 8117655 Detecting anomalous web proxy activity 6 2009
* Cited By Examiner

Maintenance Fees

Fee Large entity fee small entity fee micro entity fee due date
11.5 Year Payment $7400.00 $3700.00 $1850.00 Mar 15, 2021
Fee Large entity fee small entity fee micro entity fee
Surcharge - 11.5 year - Late payment within 6 months $160.00 $80.00 $40.00
Surcharge after expiration - Late payment is unavoidable $700.00 $350.00 $175.00
Surcharge after expiration - Late payment is unintentional $1,640.00 $820.00 $410.00