DETECTING AND DEFENDING AGAINST MAN-IN-THE-MIDDLE ATTACKS
First Claim
Patent Images
1. A system for defending against man in the middle (MITM) attacks directed at a target server, comprising:
- an activity recording system that records an incoming IP address, userid, and time of each session occurring with the target server;
an activity analysis system that identifies suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and
a countermeasure system for taking action against suspect IP addresses.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method and program product for defending against man in the middle (MITM) attacks directed at a target server. A system is provided that includes an activity recording system that records an incoming IP address, userid, and time of each session occurring with the target server; an activity analysis system that identifies suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and a countermeasure system for taking action against suspect IP addresses.
118 Citations
22 Claims
-
1. A system for defending against man in the middle (MITM) attacks directed at a target server, comprising:
-
an activity recording system that records an incoming IP address, userid, and time of each session occurring with the target server; an activity analysis system that identifies suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and a countermeasure system for taking action against suspect IP addresses. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product stored on a computer readable medium, which when executed includes program instructions for defending against man in the middle (MITM) attacks directed at a target server, the program product comprising:
-
program instructions for recording an incoming IP address, userid, and time of each session occurring with the target server; program instructions for identifying suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and program instructions for taking defensive action against suspect IP addresses. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for defending against man in the middle (MITM) attacks directed at a target server, comprising:
-
recording an incoming IP address, userid, and time of each session occurring with the target server; identifying suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and taking defensive action against suspect IP addresses. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A method for deploying a system for defending against man in the middle (MITM) attacks directed at a target server, comprising:
providing a computer infrastructure being operable to; record an incoming IP address, userid, and time of each session occurring with the target server; identify suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and take defensive action against suspect IP addresses.
Specification