Method And System For Network Intrusion Detection, Related Network And Computer Program Product
2 Assignments
0 Petitions
Accused Products
Abstract
A system for providing intrusion detection in a network wherein data flows are exchanged using associated network ports and application layer protocols. The system includes a monitoring module configured for monitoring data flows in the network, a protocol identification engine configured for detecting information on the application layer protocols involved in the monitored data flows, and an intrusion detection module configured for operating based on the information on application layer protocols detected. Intrusion detection is thus provided independently of any predefined association between the network ports and the application layer protocols.
-
Citations
77 Claims
-
1-38. -38. (canceled)
-
39. A method of providing intrusion detection in a network wherein data flows are exchanged using associated network ports and application layer protocols, comprising the steps of:
-
monitoring data flows in said network;
detecting information on said application layer protocols involved in said monitored data flows; and
providing intrusion detection on said monitored data flows based on application layer protocols detected. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 77)
-
-
57. A system for providing intrusion detection in a network wherein data flows are exchanged using associated network ports and application layer protocols, comprising:
-
a monitoring module configured for monitoring data flows in said network;
a protocol identification engine configured for detecting information on application layer protocols in said monitored data flows; and
an intrusion detection module designed for operating on said monitored data flows based on said information on application layer protocols detected. - View Dependent Claims (58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
-
Specification