System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment
First Claim
1. A system for real-time insertion of data into a multi-dimensional database, comprising:
- a multi-dimensional database;
a user interface operable to access and provide views into the multi-dimensional database, wherein the views comprise any of a slice, a pivot or a zoom view; and
a data insertion engine coupled to and operable to access the multi-dimensional database;
the data insertion engine further operable to receive a real-time data feed provided by a network intrusion detection system, to process the real-time data feed and to insert data into the multi-dimensional database responsive to processing of the real-time data feed.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method are disclosed for real-time insertion of data into a multi-dimensional database. The system includes a multi-dimensional database and a user interface operable to access and provide views into the multi-dimensional database. A data insertion engine is coupled to and operable to access the multi-dimensional database. The data insertion engine is further operable to receive and process a real-time data feed and to insert data into the multi-dimensional database responsive to processing of the real-time data feed. In one embodiment, the real-time data feed can represent exploited network vulnerabilities, and the system can be used for network intrusion detection and vulnerability assessment. The method includes receiving a real-time data feed representing detection of an event and processing the event against the multi-dimensional database. Cells associated with the event are identified in the multi-dimensional database and appropriate vectors to the identified cells are created. Data representing the event is then inserted at the identified cells. Visibility to the inserted data is provided through a user interface to the multi-dimensional database. In one embodiment, the event can be an exploited network vulnerability, and the method can be used for intrusion detection and vulnerability assessment.
-
Citations
25 Claims
-
1. A system for real-time insertion of data into a multi-dimensional database, comprising:
-
a multi-dimensional database;
a user interface operable to access and provide views into the multi-dimensional database, wherein the views comprise any of a slice, a pivot or a zoom view; and
a data insertion engine coupled to and operable to access the multi-dimensional database;
the data insertion engine further operable to receive a real-time data feed provided by a network intrusion detection system, to process the real-time data feed and to insert data into the multi-dimensional database responsive to processing of the real-time data feed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for real-time insertion of data into a multi-dimensional database, comprising:
-
receiving a real-time data feed representing detection of an event, the real-time data feed being provided by a network intrusion detection system;
processing the event against the multi-dimensional database;
identifying cells in the multi-dimensional database that are associated with the event;
creating appropriate vectors to the identified cells;
inserting data representing the event at the identified cells; and
providing visibility to the inserted data through a user interface, wherein providing visibility includes providing views that comprise any of a slice, a pivot or a zoom view. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for real-time insertion of data into a multi-dimensional database, comprising:
-
a storage device;
an application stored on the storage device, the application operable to;
receive a real-time data feed representing detection of an event, the real-time data feed being provided by a network intrusion detection system;
process the event against the multi-dimensional database;
identify cells in the multi-dimensional database that are associated with the event;
create appropriate vectors to the identified cells;
insert data representing the event at the identified cells; and
provide visibility to the inserted data through a user interface, wherein providing visibility includes providing views that comprise any of a slice, a pivot or a zoom view. - View Dependent Claims (19, 20, 21)
-
-
22. A system for real-time insertion of data into a multi-dimensional database, comprising:
-
means for receiving a real-time data feed representing detection of an event, the real-time data feed being provided by a network intrusion detection system;
means for processing the event against the multi-dimensional database;
means for identifying cells in the multi-dimensional database that are associated with the event;
means for creating appropriate vectors to the identified cells;
means for inserting data representing the event at the identified cells; and
means for providing visibility to the inserted data through a user interface, wherein providing visibility includes providing views that comprise any of a slice, a pivot or a zoom view. - View Dependent Claims (23, 24, 25)
-
Specification