Methods, systems and computer program products for monitoring user access for a server application
First Claim
1. A method of flagging a client of a server application for a computer network, the method comprising:
- (a) identifying a client;
(b) determining whether the client is in data communication with a server application over a computer network; and
(c) subsequent to step (b), flagging the client.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products are disclosed for monitoring user access for a server application in a computer network. The methods, systems, and computer program products can monitor communication data between a server application and a client. The methods, systems, and computer program products can also include applying one or more detectors to the communication data to identify a variety of predetermined activity. Further, the methods, systems, and computer program products can include generating a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria.
183 Citations
55 Claims
-
1. A method of flagging a client of a server application for a computer network, the method comprising:
-
(a) identifying a client;
(b) determining whether the client is in data communication with a server application over a computer network; and
(c) subsequent to step (b), flagging the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) identifying a client;
(b) determining whether the client is in data communication with a server application over a computer network; and
(c) subsequent to step (b), flagging the client. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for flagging a client of a server application for a computer network, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client; and
(b) a detector operable to determine whether the client is in data communication occurs between a client and a server application over a computer network, and operable to flag the client. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method of detecting an unauthorized use of a server application, the method comprising:
-
(a) designating a first address for a client as a disallowed address;
(b) determining a second address for a client in data communication with a server application;
(c) determining whether the second address matches the first address; and
(d) if the first and second addresses match, indicating that the second address is in data communication with the server application as a disallowed address. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A system for detecting an unauthorized use of a server application, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client; and
(b) a detector operable to designate a first address for a client as a disallowed address, operable to determine a second address for a client in data communication with a server application, operable to determine whether the second address matches the first address, and operable to indicate indicating that the second address is in data communication with the server application as a disallowed address, if the first and second addresses match. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46)
-
-
47. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) designating a first address for a client as a disallowed address;
(b) determining a second address for a client in data communication with a server application;
(c) determining whether the second address matches the first address; and
(d) if the first and second addresses match, indicating that the second address is in data communication with the server application as a disallowed address. - View Dependent Claims (48, 49, 50, 51, 52, 53, 54)
-
-
55. The computer program product of claim 56, wherein the communication data comprises only transmission control protocol packets.
Specification