METHODS AND SYSTEMS FOR PROVIDING NETWORK PROTECTION BY PROGRESSIVE DEGRADATION OF SERVICE
First Claim
Patent Images
1. A method for protecting a device with a self-defending intrusion prevention system (IPS) comprising the following steps:
- monitoring the data packets to detect a pattern of activity indicating a potential attack that originates within the device;
detecting a threat originating from within the protected device; and
initiating, upon detection of the threat, a countermeasure or progressive degradation of network services available on the devices on a selected basis to controllably reduce performance of data communication of the device.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for protecting a defense with a self defending intrusion system. Data packets may be monitored to detect a pattern of activity indicating a potential attack. Upon detection of a threat, a countermeasure or progressive degradation of network services may be initiated on a selected basis so controllable reduce performance of data communication of the device.
-
Citations
22 Claims
-
1. A method for protecting a device with a self-defending intrusion prevention system (IPS) comprising the following steps:
-
monitoring the data packets to detect a pattern of activity indicating a potential attack that originates within the device; detecting a threat originating from within the protected device; and initiating, upon detection of the threat, a countermeasure or progressive degradation of network services available on the devices on a selected basis to controllably reduce performance of data communication of the device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for providing device protection comprising the following steps:
-
receiving a data packet at a network device; reading information, with aid of a processor, from the data packet; and analyzing, with aid of the processor, whether to discard or deliver the data packet to destination based on the information, wherein said analysis considers information of the data packets that originates within the device, and selectively discarding the data packets that originate from a rogue application within the device. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A device for providing network protection, said device comprising:
-
a network interface configured to permit receipt of a data packet from a network external to the device; a network stack in communication with the network interface; one or more applications capable of sending and receiving the data packet; and an self-defending intrusion protection service module in communication with the network stack programmed to analyze the data packet that originates from the one or more applications within the device and determine whether the data packet is to be delivered to destinations or to be discarded to protect the device from the intrusion threat. - View Dependent Claims (19, 20, 21, 22)
-
Specification