Intrusion detection system
First Claim
Patent Images
1. A computer network intrusion detection system comprising:
- an intrusion detector for detecting external attacks upon a computer network;
an analyzer coupled to said intrusion detector for analyzing each detected attack and determining a characteristic indicative thereof; and
a filter coupled to said analyzer for generating an alert based upon characteristics of a plurality of attacks.
1 Assignment
0 Petitions
Accused Products
Abstract
An intrusion detection system monitors the rate and characteristics of Internet attacks on a computer network and filters attack alerts based upon various rates and frequencies of the attacks. The intrusion detection system monitors attacks on other hosts and determines if the attacks are random or general attacks or attacks directed towards a specific computer network and generates a corresponding signal. The intrusion detections system also tests a computer network'"'"'s vulnerability to attacks detected on the other monitored hosts.
179 Citations
20 Claims
-
1. A computer network intrusion detection system comprising:
-
an intrusion detector for detecting external attacks upon a computer network;
an analyzer coupled to said intrusion detector for analyzing each detected attack and determining a characteristic indicative thereof; and
a filter coupled to said analyzer for generating an alert based upon characteristics of a plurality of attacks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of generating a network intrusion alert for a first network coupled to a multiple client network system comprising the steps of:
-
determining a characteristic of an attack upon the first network;
determining if the characteristic matches a characteristic of an attack upon a second client coupled to the multiple client network system; and
generating a first alert in response to an absence of the match. - View Dependent Claims (13, 14, 15)
-
-
16. A method of preempting an intrusion comprising the steps of:
-
determining characteristics of an attack upon a first host; and
testing a second host for a susceptibility to an attack of the determined characteristics. - View Dependent Claims (17, 18, 19, 20)
-
Specification