Attack impact prediction system
First Claim
1. A method for providing network security for a computer network, said method comprising:
- in response to a detection of an intrusion to a computer network, notifying an attack impact prediction (AIP) agent of said detected intrusion;
broadcasting said detected intrusion to other AIP agents within said computer network by said AIP agent;
determining an impact of said detected intrusion at each node of said computer network by each node'"'"'s respective AIP agent;
in response to a determination that an impact of said detected intrusion on a node exceeds a predetermined severity threshold, ascertaining an action to be taken by an AIP agent associated with said node; and
performing said ascertained action by said AIP agent associated with said node.
1 Assignment
0 Petitions
Accused Products
Abstract
An attack impact prediction system for providing network security for computer networks is disclosed. A computer network includes multiple attack impact prediction (AIP) agents. In response to a detection of an intrusion to a computer network, an AIP agent is notified of the intrusion. In turn, the AIP agent broadcasts the detected intrusion to other AIP agents within the computer network. An impact of the detected intrusion is then determined at each node by its respective AIP agent. In response to a determination that an impact of the detected intrusion on a node exceeds a predetermined severity threshold, then actions need to be taken by each respective AIP agent is ascertained. Finally, the ascertained actions are performed by one or more AIP agents at various points within the computer network.
-
Citations
17 Claims
-
1. A method for providing network security for a computer network, said method comprising:
-
in response to a detection of an intrusion to a computer network, notifying an attack impact prediction (AIP) agent of said detected intrusion; broadcasting said detected intrusion to other AIP agents within said computer network by said AIP agent; determining an impact of said detected intrusion at each node of said computer network by each node'"'"'s respective AIP agent; in response to a determination that an impact of said detected intrusion on a node exceeds a predetermined severity threshold, ascertaining an action to be taken by an AIP agent associated with said node; and performing said ascertained action by said AIP agent associated with said node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 11)
-
-
8. computer program product residing on a computer usable medium for providing network security for a computer network, said computer program product comprising:
-
program code means for notifying an attack impact prediction (AIP) agent of said detected intrusion, in response to a detection of an intrusion to a computer network; program code means for broadcasting said detected intrusion to other AIP agents within said computer network by said AIP agent; program code means for determining an impact of said detected intrusion at each node of said computer network by each node'"'"'s respective AIP agent; program code means for ascertaining an action to be taken by an AIP agent associated with said node, in response to a determination that an impact of said detected intrusion on a node exceeds a predetermined severity threshold; and program code means for performing said ascertained action by said AIP agent associated with said node. - View Dependent Claims (9, 10, 12)
-
-
13. A computer network having a network security, said computer system comprising:
-
means for notifying an attack impact prediction (AIP) agent of said detected intrusion, in response to a detection of an intrusion to a computer network; means for broadcasting said detected intrusion to other AIP agents within said computer network by said AIP agent; means for determining an impact of said detected intrusion at each node of said computer network by each node'"'"'s respective AIP agent; means for ascertaining an action to be taken by an AIP agent associated with said node, in response to a determination that an impact of said detected intrusion on a node exceeds a predetermined severity threshold; and means for performing said ascertained action by said AIP agent associated with said node. - View Dependent Claims (14, 15, 16, 17)
-
Specification