INTRUSION DETECTION
First Claim
Patent Images
1. A method of detecting intrusions on a system or network, the method comprising:
- identifying a plurality of instance types in which each instance type includes an instance;
identifying a compromised instance from the plurality of instance types; and
traversing a link between instance types from the compromised instance to discover an additional compromised instance.
1 Assignment
0 Petitions
Accused Products
Abstract
A process to detect intrusions with an intrusion detection system is disclosed. The intrusion detection system identifies instance types, and each instance type includes an instance. A know compromised instance is identified from the plurality of instances. A link between the plurality instance types is traversed from the compromised instance to discover an additional compromised instance.
-
Citations
20 Claims
-
1. A method of detecting intrusions on a system or network, the method comprising:
-
identifying a plurality of instance types in which each instance type includes an instance; identifying a compromised instance from the plurality of instance types; and traversing a link between instance types from the compromised instance to discover an additional compromised instance. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer readable storage device, which is not a transitory propagating signal, to store computer executable instructions to control a processor to:
-
identify a plurality of instance types in which each instance type includes an instance; identify a compromised instance from the plurality of instance types; and traverse a link between instance types from the compromised instance to discover an additional compromised instance. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system, comprising:
-
a memory device to store a set of instructions; and a processor to execute the set of instructions to; identify a plurality of instance types in which each instance type includes an instance; identify a compromised instance from the plurality of instance types; and traverse a link between instance types from the compromised instance to discover an additional compromised instance. - View Dependent Claims (18, 19, 20)
-
Specification