Intrusion prevention system
First Claim
Patent Images
1. A method for detecting unauthorized intrusion in a network system, comprising the steps of:
- receiving packet level activity information from the network;
sorting port specific activity information from the received packet level activity information;
monitoring the port specific activity information; and
executing at least one of a blocking action or a tracking action based upon the monitored port specific activity information.
6 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a method and system for monitoring a computer network and determining whether the network faces a threat from users. In the event that the existence of a threat is determined, the system in accordance with the invention provides a real-time assessment of the threat to the network and responds to prevent damage to the network.
-
Citations
31 Claims
-
1. A method for detecting unauthorized intrusion in a network system, comprising the steps of:
-
receiving packet level activity information from the network;
sorting port specific activity information from the received packet level activity information;
monitoring the port specific activity information; and
executing at least one of a blocking action or a tracking action based upon the monitored port specific activity information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
12. A system for preventing unauthorized intrusion in a network system, comprising:
-
a traffic sorter;
an activity monitor operatively coupled to the traffic sorter;
an inter-port fusion module operatively coupled to the activity monitor; and
an outcome director operatively coupled to the inter-port fusion monitor.
-
-
30. A system for detecting unauthorized intrusion in a network system, comprising:
-
sorting means for sorting port specific activity from incoming packet level activity;
monitoring means operatively coupled to the sorting means for monitoring the sorted port specific activity; and
assessing means operatively coupled to the monitoring means for generating an assessment.
-
-
31. A computer program product, comprising:
a computer usable medium having computer readable code embodied therein for preventing unauthorized intrusion into a computer network, the computer program product comprising;
computer readable program code configured to cause the computer to sort port specific activity information from packet level activity information received by the computer network;
computer readable program code configured to cause the computer to monitor port specific activity information; and
computer readable program code configured to cause the computer to execute at least one of a blocking action or a tracking action based upon the monitored port specific activity information.
Specification