×

Inter-arrival time intrusion-detection technique to provide enhanced cybersecurity

  • US 10,015,139 B2
  • Filed: 02/03/2016
  • Issued: 07/03/2018
  • Est. Priority Date: 02/03/2016
  • Status: Active Grant
First Claim
Patent Images

1. A method for performing an intrusion-detection technique to differentiate between packets received from malicious remote users and legitimate local users in a networked computer system, comprising:

  • determining arrival times for incoming packets at a node in the networked computer system;

    determining inter-arrival times between the incoming packets from the arrival times;

    determining a mean cumulative function (MCF) for the inter-arrival times by computing a cumulative sum of the inter-arrival times;

    monitoring a piecewise continuous digitized inter-arrival time MCF fingerprinting for all authenticated users;

    in response to detecting a change in a slope of the MCF, generating an alarm to indicate that a malicious remote user is generating some of the incoming packets; and

    wherein generating the alarm additionally comprises terminating the traffic of the malicious remote user.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×