Information security analysis system

US 6,269,447 B1
Filed: 07/19/1999
Issued: 07/31/2001
Est. Priority Date: 07/21/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for analyzing and graphically displaying information from a data communications network, comprising:

gathering information on the types of code including the language of the code for a plurality of computer programs;

generating a knowledge base of information gathered on the types of computer code;

parsing the information in the generated knowledge base to generate data in selected categories in a readable format;

analyzing the data in selected categories for functional alteration between two or more codes for similar computer programs; and

visualizing the analyzed data for graphical analysis and comparison of two or more computer programs to determine the degree of functional alteration.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The analysis system is a collection, configuration and integration of software programs that reside on multiple interconnected computer platforms. The software, less computer operating systems, is a combination of sensor, analysis, data conversion, and visualization programs. The hardware platforms consist of several different types of interconnected computers, which share the software programs, data files, and visualization programs via a Local Area Network (LAN). This collection and integration of software and the migration to a single computer platform results in an approach to LAN/WAN monitoring in either a passive and/or active mode. The architecture permits digital data input from external sensors for analysis, display and correlation with data and displays derived from four major software concept groups. These are: Virus Computer Code Detection; Analysis of Computer Source and Executable Code; Dynamic Monitoring of Data Communication Networks; 3-D Visualization and Animation of Data.

194 Citations

21 Claims

1. A method for analyzing and graphically displaying information from a data communications network, comprising:
- gathering information on the types of code including the language of the code for a plurality of computer programs;
  
  generating a knowledge base of information gathered on the types of computer code;
  
  parsing the information in the generated knowledge base to generate data in selected categories in a readable format;
  
  analyzing the data in selected categories for functional alteration between two or more codes for similar computer programs; and
  
  visualizing the analyzed data for graphical analysis and comparison of two or more computer programs to determine the degree of functional alteration.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method for analyzing and graphically displaying as set forth in claim 1 wherein analyzing the data comprises sorting computer code by language;
    - and visualizing the analyzed data comprises displaying the results of analyzing in a graphical functional format.
  - 3. The method for analyzing and graphically displaying as set forth in claim 1 wherein visualizing the analyzed data comprises graphically displaying the comparison of two or more similar codes in multi-dimensional space to determine if the code has undergone single or multiple functional alterations.
  - 4. The method for analyzing and graphically displaying as set forth in claim 1 wherein visualizing the analyzed data comprises code sequencing for comparison of two or more similar codes for computer programs.
  - 5. The method for analyzing and graphically displaying as set forth in claim 1 further comprising appending to the generated information user definable symbols.
  - 6. The method for analyzing and graphically displaying as set forth in claim 1 wherein analyzing the data includes identifying user computer identifiers and host computer identifiers.
  - 7. The method for analyzing and graphically displaying as set forth in claim 1 wherein gathering information comprises passively collecting data and collecting data from external sensors.

8. A method for analyzing and visualizing a data communications network, comprising:
- gathering information on types of computer code;
  
  generating a knowledge base of the information gathered on the types of computer code;
  
  parsing the information in the generated knowledge base to generate data in selected categories in readable format;
  
  analyzing the data in the selected categories for functional alteration between two or more similar codes for computer programs; and
  
  visualizing the analyzed data for comparison of two or more similar codes for computer programs to determine the degree of functional alteration.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method for analyzing and visualizing as set forth in claim 8 wherein generating a knowledge base includes documenting and organizing the code in a functional relationship.
  - 10. The method for analyzing and visualizing as set forth in claim 8 wherein analyzing the data comprises sorting code by language;
    - and visualizing the analyzed data comprises displaying the results of analyzing in a graphical functional format.
  - 11. The method for analyzing and visualizing as set forth in claim 8 wherein visualizing the analyzed data comprises graphically displaying the comparison of two or more similar codes in multi-dimensional space to determine if the code has undergone single or multiple functional alterations.
  - 12. The method for analyzing and visualizing as set forth in claim 8 wherein visualizing the analyzed data comprises code sequencing for comparison of two or more similar codes for computer programs.
  - 13. The method for analyzing and visualizing as set forth in claim 8 further comprising appending to the generated information user definable symbols.
  - 14. The method for analyzing and visualizing as set forth in claim 8 wherein analyzing the data includes identifying user computer identifiers and host computer identifiers.
  - 15. The method for analyzing and visualizing as set forth in claim 8 wherein gathering information comprises passively collecting data and collecting data from external sensors.

16. A method for analyzing and graphically displaying information from a data communications network, comprising:
- gathering information including structure of the network, operation of the network and network users;
  
  generating a knowledge base of the information gathered and related to the network;
  
  parsing the information in the generated knowledge base to generate data in selected categories in readable format;
  
  analyzing the data in selected categories for preparation of visualizing diagrams; and
  
  displaying the analyzed data for graphical analysis of the gathered information for animation of network traffic and structure.
- View Dependent Claims (17)
- - 17. The method for analyzing and graphically displaying as set forth in claim 16 wherein analyzing the data comprises sorting the codes by language;
    - and displaying the analyzed data comprises displaying the sorted code by language in a graphical, functional format.

18. A method for analyzing and graphically displaying information from a data communications network, comprising:
- gathering information including traffic on the network to monitor network code;
  
  analyzing the gathered information on network traffic to determine differences occurring within the various codes on the network; and
  
  displaying the analyzed information graphically as a three-dimensional virtual view of the network.
- View Dependent Claims (19, 20, 21)
- - 19. The method for analyzing and graphically displaying as set forth in claim 18, wherein analyzing the gathered information comprises preparation and converting codes on the network into vector-based nodal diagrams.
  - 20. The method for analyzing and graphically displaying as set forth in claim 18, wherein gathering traffic on a network comprises gathering structure information of the network, operation of the network, and network users.
  - 21. The method for analyzing and graphically displaying as set forth in claim 18, wherein analyzing the gathered information on the network comprises analyzing the gathered information to relate session data, packet data and alert data to content of traffic on the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Raytheon Company (Rtx Corporation)
Inventors
Suit, John M., Woodus, Francis M., Maloney, Michael P., Rubel, Rich
Primary Examiner(s)
Beausoleil, Robert
Assistant Examiner(s)
Bonzo, Bryce P.

Application Number

US09/358,131
Time in Patent Office

743 Days
Field of Search

713/201, 709/223, 709/224, 717/4
US Class Current

726/25
CPC Class Codes

G06F 3/14   Digital output to display d...

G06Q 10/06   Resources, workflows, human...

G09G 2370/10   Use of a protocol of commun...

G09G 5/00   Control arrangements or cir...

H04L 63/1408   by monitoring network traff...

Information security analysis system

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

194 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Information security analysis system

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

194 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links