SYSTEMS AND METHOD FOR DISTRIBUTED NETWORK PROTECTION
First Claim
Patent Images
1. A network protection system, the system comprising:
- an external intrusion detection system that detects an external possible unauthorized access attempt into a communications network being protected, and including,an external intrusion detection module, anda external communications management module coupled to the external intrusion detection module;
an internal intrusion detection system that detects an internal possible unauthorized access attempt within the communications network being protected, and including,an internal intrusion detection module, andan internal communications management module coupled to the internal intrusion detection module; and
an analysis system coupled to the external intrusion detection system and the internal intrusion detection system, and including,a database for storing at least one of profile of information related to one or more hackers, unauthorized access attempt origin information, information that can aid the intrusion analysis system in determining accuracy of a detected unauthorized access attempt,an intrusion analysis module coupled to the database, andan intrusion reaction coordination module coupled to the intrusion analysis module and the database,wherein the external and internal communications management modules are coupled to the intrusion analysis module and forward to the intrusion analysis module respective information regarding the respective detected possible unauthorized access attempt,the intrusion analysis module determines based on the respective information regarding the respective detected possible unauthorized access attempt whether or not the respective detected possible unauthorized access attempt is authorized and communicates with the internal and external intrusion detection modules via the external and internal communications management modules whether or not the respective detected possible unauthorized access attempt is authorized, andthe intrusion reaction coordination module determines an appropriate action to take if the intrusion analysis module determines that the respective detected possible unauthorized access attempt is unauthorized.
1 Assignment
0 Petitions
Accused Products
Abstract
Through the use of an intermediate party, a first party is given the ability to communicate with a second party, with the communication appearing as if it originated with the intermediate party. Specifically, in a protected network system, the protected network is capable of acting as a conduit through which an entity, such as law enforcement, can communicate with an entity attempting an unauthorized access attempt unbeknownst to the entity attempting the unauthorized access attempt. This allows, for example, the detection and identification of the entity attempting the unauthorized access attempt.
29 Citations
18 Claims
-
1. A network protection system, the system comprising:
-
an external intrusion detection system that detects an external possible unauthorized access attempt into a communications network being protected, and including, an external intrusion detection module, and a external communications management module coupled to the external intrusion detection module; an internal intrusion detection system that detects an internal possible unauthorized access attempt within the communications network being protected, and including, an internal intrusion detection module, and an internal communications management module coupled to the internal intrusion detection module; and an analysis system coupled to the external intrusion detection system and the internal intrusion detection system, and including, a database for storing at least one of profile of information related to one or more hackers, unauthorized access attempt origin information, information that can aid the intrusion analysis system in determining accuracy of a detected unauthorized access attempt, an intrusion analysis module coupled to the database, and an intrusion reaction coordination module coupled to the intrusion analysis module and the database, wherein the external and internal communications management modules are coupled to the intrusion analysis module and forward to the intrusion analysis module respective information regarding the respective detected possible unauthorized access attempt, the intrusion analysis module determines based on the respective information regarding the respective detected possible unauthorized access attempt whether or not the respective detected possible unauthorized access attempt is authorized and communicates with the internal and external intrusion detection modules via the external and internal communications management modules whether or not the respective detected possible unauthorized access attempt is authorized, and the intrusion reaction coordination module determines an appropriate action to take if the intrusion analysis module determines that the respective detected possible unauthorized access attempt is unauthorized. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network protection method, the method comprising:
-
detecting via an external intrusion detection system an external possible unauthorized access attempt into a communications network being protected, the external intrusion detection system including, an external intrusion detection module, and a external communications management module coupled to the external intrusion detection module; detecting via an internal intrusion detection system an internal possible unauthorized access attempt within the communications network being protected, the internal intrusion detection system including, an internal intrusion detection module, and an internal communications management module coupled to the internal intrusion detection module; wherein an analysis system coupled to the external intrusion detection system and the internal intrusion detection system, the analysis system including, a database for storing at least one of profile of information related to one or more hackers, unauthorized access attempt origin information, information that can aid the intrusion analysis system in determining accuracy of a detected unauthorized access attempt, an intrusion analysis module coupled to the database, and an intrusion reaction coordination module coupled to the intrusion analysis module and the database; forwarding via the external and internal communications management modules coupled to the intrusion analysis module respective information regarding the respective detected possible unauthorized access attempt; determining via the intrusion analysis module based on the respective information regarding the respective detected possible unauthorized access attempt whether or not the respective detected possible unauthorized access attempt is authorized, and communicating with the internal and external intrusion detection modules via the external and internal communications management modules whether or not the respective detected possible unauthorized access attempt is authorized, and determining via the intrusion reaction coordination module an appropriate action to take if the intrusion analysis module determines that the respective detected possible unauthorized access attempt is unauthorized. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product for network protection, including one or more computer readable instructions embedded on a computer readable medium and configured to cease one or more computer processors to perform the steps of:
-
detecting via an external intrusion detection system an external possible unauthorized access attempt into a communications network being protected, the external intrusion detection system including, an external intrusion detection module, and a external communications management module coupled to the external intrusion detection module; detecting via an internal intrusion detection system an internal possible unauthorized access attempt within the communications network being protected, the internal intrusion detection system including, an internal intrusion detection module, and an internal communications management module coupled to the internal intrusion detection module; wherein an analysis system coupled to the external intrusion detection system and the internal intrusion detection system, the analysis system including, a database for storing at least one of profile of information related to one or more hackers, unauthorized access attempt origin information, information that can aid the intrusion analysis system in determining accuracy of a detected unauthorized access attempt, an intrusion analysis module coupled to the database, and an intrusion reaction coordination module coupled to the intrusion analysis module and the database; forwarding via the external and internal communications management modules coupled to the intrusion analysis module respective information regarding the respective detected possible unauthorized access attempt; determining via the intrusion analysis module based on the respective information regarding the respective detected possible unauthorized access attempt whether or not the respective detected possible unauthorized access attempt is authorized, and communicating with the internal and external intrusion detection modules via the external and internal communications management modules whether or not the respective detected possible unauthorized access attempt is authorized, and determining via the intrusion reaction coordination module an appropriate action to take if the intrusion analysis module determines that the respective detected possible unauthorized access attempt is unauthorized. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification