Method and system for interfacing an intrusion detection system to a central alarm system
First Claim
Patent Images
1. An alarm interface system comprising:
- a receiver for receiving intrusion alarm messages from an intrusion detection system;
a sequencer for organizing the intrusion alarm messages into a sequential group based on temporal data associated with the intrusion alarm messages;
a priority module for selecting a highest priority alarm message from the sequential group of intrusion alarm messages; and
a translator for translating locale information on a security event or an attack, defined by the selected highest priority alarm message, from raw locale information to refined locale information for incorporation into a central station-compatible data message.
2 Assignments
0 Petitions
Accused Products
Abstract
An alarm interface system and method receives intrusion alarm messages from an intrusion detection system. The alarm interface system organizes a group of the intrusion alarm messages into a time sequence. A highest priority alarm message is selected from the group. An analyzer analyzes the highest priority alarm message to extract raw locale information. The raw locale information is translated into refined locale information (e.g., a zone identifier) for inclusion in a central station-compatible data message.
-
Citations
35 Claims
-
1. An alarm interface system comprising:
-
a receiver for receiving intrusion alarm messages from an intrusion detection system;
a sequencer for organizing the intrusion alarm messages into a sequential group based on temporal data associated with the intrusion alarm messages;
a priority module for selecting a highest priority alarm message from the sequential group of intrusion alarm messages; and
a translator for translating locale information on a security event or an attack, defined by the selected highest priority alarm message, from raw locale information to refined locale information for incorporation into a central station-compatible data message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An alarm interface system comprising:
-
a receiver for receiving intrusion alarm messages from an intrusion detection system;
a sequencer for organizing the intrusion alarm messages into a sequential group;
a priority module for selecting a highest priority alarm message from the sequential group;
a translator for translating locale information on a security event, defined by the selected highest priority alarm message, from raw locale information to refined locale information for incorporation into a central station-compatible data message; and
an analyzer for assigning a probability indicator to the highest priority alarm message to indicate a false alarm rate.
-
-
10. An integrated alarm system comprising:
-
a protected computer coupled to a communications network;
an intrusion detection system for detecting a security event or an attack associated with the protected computer and outputting one or more intrusion alarm messages in response to the detection of the security event;
an alarm system for presenting an alarm at a user console based on an input of a detection message; and
an alarm interface system for filtering and converting the intrusion alarm messages into central-station compatible data messages compatible with presentation to a user via the user console. - View Dependent Claims (11, 12, 13, 14)
a firewall associated with the protected computer to protect the protected computer from unauthorized traffic, the intrusion detection system outputting intrusion alarm messages that include security-related events affiliated with the firewall.
-
-
15. A method for interfacing an alarm system, the method comprising the steps of:
-
receiving intrusion alarm messages from an intrusion detection system;
organizing a sequential group of the alarm messages based on temporal data associated with the intrusion alarm messages;
selecting a highest priority alarm message from the sequential group; and
translating raw locale information of a security event or an attack, described by the selected highest priority alarm message, into corresponding refined locale information for an alarm system. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method for interfacing an alarm system, the method comprising the steps of:
-
receiving intrusion alarm messages from an intrusion detection system;
organizing a sequential group of the alarm messages based on temporal data associated with the intrusion alarm messages;
selecting a highest priority alarm message from the sequential group;
translating raw locale information of a security event or an attack, described by the selected highest priority alarm message, into corresponding refined locale information for an alarm system; and
assigning a probability indicator to the highest priority alarm message to indicate a false alarm rate.
-
-
25. An alarm interface system comprising:
-
a receiver for receiving intrusion alarm messages from an intrusion detection system;
a sequencer for organizing the intrusion alarm messages into a sequential group based on temporal data associated with the intrusion alarm messages; and
a filter for filtering the intrusion alarm messages in the sequential group based on at least one of a confidence level associated with the intrusion alarm messages and a danger posed by an identified attack described in the intrusion alarm messages. - View Dependent Claims (26, 27, 28, 29)
-
-
30. A method for managing alarm messages, the method comprising:
-
receiving intrusion alarm messages from an intrusion detection system;
organizing the intrusion alarm messages into a sequential group based on temporal data associated with the intrusion alarm messages;
filtering the intrusion alarm messages in the sequential group based on at least one of a confidence level associated with the intrusion alarm messages and a danger posed by an identified attack described in the intrusion alarm messages. - View Dependent Claims (31, 32, 33, 34, 35)
-
Specification