Methods, systems and computer program products for monitoring protocol responses for a server application
First Claim
1. A method of monitoring protocol response codes for a server application, the method comprising:
- (a) monitoring protocol response codes in communication data between a server application and a client during a session;
(b) determining a number of protocol response codes during the session; and
(c) comparing the number of protocol response codes to a predetermined number.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products are disclosed for monitoring protocol responses for a server application in a computer network. The methods, systems, and computer program products can monitor communication data between a server application and a client. The methods, systems, and computer program products can also include applying one or more detectors to the communication data to identify a variety of predetermined activity. Further, the methods, systems, and computer program products can include generating a threat score associated with the predetermined activity by comparing the identified predetermined activity with a security threshold criteria.
283 Citations
207 Claims
-
1. A method of monitoring protocol response codes for a server application, the method comprising:
-
(a) monitoring protocol response codes in communication data between a server application and a client during a session;
(b) determining a number of protocol response codes during the session; and
(c) comparing the number of protocol response codes to a predetermined number. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for monitoring protocol response codes for a server application, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client during a session; and
(b) a detector operable to determine a number of protocol response codes during the session, and operable to compare the number of protocol response codes to a predetermined number. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring protocol response codes in communication data between a server application and a client during a session;
(b) determining a number of protocol response codes during the session; and
(c) comparing the number of protocol response codes to a predetermined number. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method of monitoring protocol response codes for a server application, the method comprising:
-
(a) monitoring protocol response codes in communication data between a server application and a client associated with server data;
(b) determining a number of protocol response codes for the server data; and
(c) comparing the number of protocol response codes to a predetermined number. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A system for monitoring protocol response codes for a server application, the method comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client during a session; and
(b) a detector operable to determine a number of protocol response codes for the server data, and operable to compare the number of protocol response codes to a predetermined number. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63)
-
-
64. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring protocol response codes in communication data between a server application and a client associated with server data;
(b) determining a number of protocol response codes for the server data; and
(c) comparing the number of protocol response codes to a predetermined number. - View Dependent Claims (65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
-
-
77. A method of monitoring an application protocol for a server application, the method comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) monitoring errors in the application protocol; and
(c) comparing the errors in the application protocol to a predetermined criteria. - View Dependent Claims (78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90)
-
-
91. A system for monitoring an application protocol for a server application, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client during a session; and
(b) a detector operable to monitor errors in the application protocol, and operable to compare the errors in the application protocol to a predetermined criteria. - View Dependent Claims (92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103)
-
-
104. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) monitoring errors in the application protocol; and
(c) comparing the errors in the application protocol to a predetermined criteria. - View Dependent Claims (105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117)
-
-
118. A method of monitoring an application protocol for a server application, the method comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) detecting a first protocol method utilized by the application protocol; and
(c) comparing the first protocol method to a predetermined protocol method. - View Dependent Claims (119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129)
-
-
130. A system for monitoring an application protocol for a server application, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client during a session; and
(b) a detector operable to detect a first protocol method utilized by the application protocol, and operable to compare the first protocol method to a predetermined protocol method. - View Dependent Claims (131, 132, 133, 134, 135, 136, 137, 138, 139, 140)
-
-
141. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) detecting a first protocol method utilized by the application protocol; and
(c) comparing the first protocol method to a predetermined protocol method. - View Dependent Claims (142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152)
-
-
153. A method of monitoring an application protocol for a server application, the method comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) detecting a first protocol version of the application protocol; and
(c) comparing the first version to a predetermined protocol version. - View Dependent Claims (154, 155, 156, 157, 158, 159, 160, 161, 162, 163)
-
-
164. A system for monitoring an application protocol for a server application, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client during a session; and
(b) a detector operable to detect a first protocol version of the application protocol, and operable to compare the first version to a predetermined protocol version. - View Dependent Claims (165, 166, 167, 168, 169, 170, 171, 172, 173)
-
-
174. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) detecting a first protocol version of the application protocol; and
(c) comparing the first version to a predetermined protocol version. - View Dependent Claims (175, 176, 177, 178, 179, 180, 181, 182, 183, 184)
-
-
185. A method of monitoring an application protocol for a server application, the method comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) determining whether the application protocol is a valid protocol for the server application; and
(c) if the application protocol is not valid, generating an alert. - View Dependent Claims (186, 187, 188, 189, 190, 191, 192)
-
-
193. A system for monitoring an application protocol for a server application, the system comprising:
-
(a) a network interface operable to monitor communication data between a server application and a client during a session; and
(b) a detector operable to determine whether the application protocol is a valid protocol for the server application, and operable to generate an alert if the application protocol is not valid. - View Dependent Claims (194, 195, 196, 197, 198, 199)
-
-
200. A computer program product comprising computer-executable instructions embodied in a computer-readable medium for performing steps comprising:
-
(a) monitoring an application protocol in communication data between a server application and a client;
(b) determining whether the application protocol is a valid protocol for the server application; and
(c) if the application protocol is not valid, generating an alert. - View Dependent Claims (201, 202, 203, 204, 205, 206, 207)
-
Specification