SYSTEM AND METHOD FOR REAL-TIME ANALYSIS OF NETWORK TRAFFIC
First Claim
1. A method for detecting and intercepting at least one of fraud, security breach, intrusion or misuse of a network, comprising:
- monitoring at least one of a plurality of simultaneous live data flows that are in active transmission between a first endpoint and a second endpoint in the network prior to storage of data within the live data flows in a database;
updating prescribed detection algorithms for detecting prescribed patterns within the plurality of simultaneous live data flows with at least one of live data conditions or external data sources;
updating deduced detection algorithms for detecting deduced patterns within the plurality of simultaneous live data flows with at least one of live data conditions or the external data sources;
detecting from the live data flows at least one of the deduced and prescribed patterns that indicate occurrence of the at least one of fraud, security breach, intrusion or misuse of the network using at least one of the prescribed detection algorithms and the deduced detection algorithms; and
taking an interceptive action with respect to the live data flows responsive to the detected deduced and prescribed patterns, to control an operation of the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for detecting and intercepting at least one of fraud, security breach, intrusion or misuse of network resources monitors at least one of a plurality of simultaneous live data flows that are in active transmission between a first endpoint and a second endpoint in a network prior to the storage of data within the live data flows in a database, to take action to control the operation of a network. Prescribed detection algorithms are updated for detecting prescribed patterns and deduced detection algorithms are updated for detecting deduced patterns within the plurality of simultaneous live data flows with at least one of live data conditions and external data sources. The deduced and prescribed patterns that indicate occurrence of at least one of fraud, security breach, intrusion or misuse of the network are detected from at least one of the live data flows and the external data sources using the prescribed detection algorithms and the deduced detection algorithms. An interceptive action is taken with respect to the live data flows responsive to the detected deduced and prescribed patterns, to control the operation of the network.
-
Citations
42 Claims
-
1. A method for detecting and intercepting at least one of fraud, security breach, intrusion or misuse of a network, comprising:
-
monitoring at least one of a plurality of simultaneous live data flows that are in active transmission between a first endpoint and a second endpoint in the network prior to storage of data within the live data flows in a database; updating prescribed detection algorithms for detecting prescribed patterns within the plurality of simultaneous live data flows with at least one of live data conditions or external data sources; updating deduced detection algorithms for detecting deduced patterns within the plurality of simultaneous live data flows with at least one of live data conditions or the external data sources; detecting from the live data flows at least one of the deduced and prescribed patterns that indicate occurrence of the at least one of fraud, security breach, intrusion or misuse of the network using at least one of the prescribed detection algorithms and the deduced detection algorithms; and taking an interceptive action with respect to the live data flows responsive to the detected deduced and prescribed patterns, to control an operation of the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for detecting and intercepting at least one of fraud, security breach, intrusion or misuse of a network, comprising:
-
at least one server communicating with the network; at least one network interface card associated with the at least one server for providing access to data flow through the network; a processor within each of the at least one server, the processor implementing at least one of a first processing node or a second processing node for; monitoring at least one of a plurality of simultaneous live data flows that are in active transmission between a first endpoint and a second endpoint in the network prior to storage of data within the live data flows in a database; updating prescribed detection algorithms for detecting prescribed patterns within the plurality of simultaneous live data flows with at least one of live data conditions and external data sources; updating deduced detection algorithms for detecting deduced patterns within the plurality of simultaneous live data flows with at least one of live data conditions and the external data sources; detecting from the live data flows the deduced and prescribed patterns that indicate occurrence of the at least one of fraud, security breach, intrusion or misuse of the network using at least one of the prescribed detection algorithms and the deduced detection algorithms; and taking an interceptive action with respect to the live data flows responsive to the detected deduced and prescribed patterns, to control an operation of the network. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
Specification