METHOD, SYSTEM AND DEVICE FOR DETECTING AN ATTEMPTED INTRUSION INTO A NETWORK
First Claim
1. A method of detecting an attempted intrusion into a network comprising:
- configuring an entrapment meter, wherein the entrapment meter receives data packets from a network, but does not transmit data packets to the network;
configuring the entrapment meter in a manner such that the entrapment meter appears vulnerable to unauthorized intrusion to the network;
detecting, using the entrapment meter, an attempted unauthorized intrusion into the network; and
monitoring the attempted unauthorized intrusion.
1 Assignment
0 Petitions
Accused Products
Abstract
Described herein are embodiments of methods, systems and devices for detecting an attempted intrusion into a network. In one aspect, the network is an advanced metering infrastructure (AMI) network. In another aspect, the network is an home area network (HAN). In accordance with one aspect, a method of detecting an attempted intrusion into a network is described. This embodiment of a method comprises configuring an entrapment meter such that it receives data packets from a network, but does not transmit data packets to the network. The entrapment meter is also configures such that the entrapment meter appears vulnerable to unauthorized intrusion to the network. The configured entrapment meter is used to detect an attempted unauthorized intrusion into the network. The attempted unauthorized intrusion is monitored.
-
Citations
23 Claims
-
1. A method of detecting an attempted intrusion into a network comprising:
-
configuring an entrapment meter, wherein the entrapment meter receives data packets from a network, but does not transmit data packets to the network; configuring the entrapment meter in a manner such that the entrapment meter appears vulnerable to unauthorized intrusion to the network; detecting, using the entrapment meter, an attempted unauthorized intrusion into the network; and monitoring the attempted unauthorized intrusion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for detecting an attempted intrusion into a network comprised of:
-
an entrapment meter, wherein the entrapment meter is configured to receive data packets from a network, but not transmit data packets to the network, and is configured in a manner such that the entrapment meter appears vulnerable to unauthorized intrusion to the network; a memory; and a processor operably connected with the memory and the entrapment meter, wherein the processor is configured to; detect an attempted unauthorized intrusion into the network; and monitor the attempted unauthorized intrusion. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A device comprised of:
-
a memory; a processor operably connected with the memory; and a network interface card that is configured to connect the device with a network, wherein the network interface card is configured to receive data packets from the network, but not transmit data packets to the network, and the network interface card is set to promiscuous mode, and wherein the processor is configured to execute at least one of a network intrusion detection system (NIDS) or a host-based intrusion detection system (HIDS), wherein the device detects an attempted unauthorized intrusion into the network by analyzing the received data packets using the NIDS or by analyzing at least a portion of the network using the host-based intrusion detection system (HIDS). - View Dependent Claims (20, 21, 22, 23)
-
Specification