Apparatus for verifying the integrity of computer networks and implementation of countermeasures

US 7,424,743 B2
Filed: 12/29/2006
Issued: 09/09/2008
Est. Priority Date: 01/25/2001
Status: Expired due to Term

First Claim

Patent Images

1. A security system for a computer network, the network having a plurality of devices connected thereto, the security system comprising:

(a) a security subsystem connected to at least some of the devices in the network, the security subsystem configured to monitor activities of the at least some devices on the network and detect attacks on the at least some devices;

(b) a master system which monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem;

(c) a first secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the information pertaining to the attacks through the first secure link; and

(d) a second secure link connected between the master system and the network which enables data communication from the master system to the network for issuing instructions to the network devices, wherein the instructions are issued if the first secure link is severed or compromised.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security system for a computer network that has a plurality of devices connected thereto comprises a security subsystem, a master system and a secure link. The security subsystem is connected to at least some of the devices in the network. The security subsystem is configured to monitor activities of the at least some devices on the network and detect attacks on the at least some devices. The master system monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem. The secure link is connected between the security subsystem and the master system. The master system monitors the integrity of the security subsystem and receives the information pertaining to the attacks through the secure link.

Citations

16 Claims

1. A security system for a computer network, the network having a plurality of devices connected thereto, the security system comprising:
- (a) a security subsystem connected to at least some of the devices in the network, the security subsystem configured to monitor activities of the at least some devices on the network and detect attacks on the at least some devices;
  
  (b) a master system which monitors the integrity of the security subsystem and registers information pertaining to attacks detected by the security subsystem;
  
  (c) a first secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the information pertaining to the attacks through the first secure link; and
  
  (d) a second secure link connected between the master system and the network which enables data communication from the master system to the network for issuing instructions to the network devices, wherein the instructions are issued if the first secure link is severed or compromised.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 1 wherein the master system does not take direction from the security subsystem.
  - 10. The system of claim 1 wherein the master system is hierarchically independent from the security subsystem.
  - 11. The system of claim 1 wherein the security subsystem is hierarchically subordinate to the master system.
  - 12. The system of claim 1 wherein the first secure link is defined by a virtual private network (VPN) tunnel.
  - 13. The system of claim 1 wherein the master system further comprises a pseudo-attack generator which generates attacks on the network, the security subsystem detecting such attacks and sending expected replies to the master system when its integrity is intact, the master system detecting whether the expected replies are received in response to a pseudo-attack to determine whether the integrity of the subsystem has been compromised.

2. A security system for a computer network, the network having a plurality of devices connected thereto, at least some of the devices having security-related functions, the security system comprising:
- (a) a security subsystem associated with at least some of the devices in the network which tests the integrity of the security-related functions;
  
  (b) a master system which monitors the integrity of the security subsystem and receives and stores results of the integrity testing of the devices having security-related functions; and
  
  (c) a secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the results of the integrity testing of the devices having security-related functions through the secure link, wherein the security subsystem tests the integrity of the security-related functions by generating pseudo-attacks on the devices having security-related functions.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 2 wherein the secure link is defined by a virtual private network (VPN) tunnel.
  - 7. The system of claim 2 wherein at least one of the devices having security-related functions is a firewall.
  - 8. The system of claim 2 wherein at least one of the devices having security-related functions is a network intrusion detection system.

3. A security system for a computer network, the network having a plurality of devices connected thereto, at least some of the devices having security-related functions, the security system comprising:
- (a) a security subsystem associated with at least some of the devices in the network which tests the integrity of the security-related functions;
  
  (b) a master system which monitors the integrity of the security subsystem and receives and stores results of the integrity testing of the devices having security-related functions; and
  
  (c) a secure link connected between the security subsystem and the master system, the master system monitoring the integrity of the security subsystem and receiving the results of the integrity testing of the devices having security-related functions through the secure link, wherein the security subsystem or the master system initiates countermeasures upon detecting that the integrity of a device having security-related functions has been compromised.
- View Dependent Claims (4, 5, 14, 15, 16)
- - 4. The system of claim 3 wherein the countermeasures include restricting or disabling access to the network or a device in the network.
  - 5. The system of claim 3 wherein the master system further comprises a pseudo-attack generator which generates attacks on the network, the security subsystem detecting such attacks when functioning properly, the master system comparing the pseudo-attacks made on the network to the attacks actually detected by the subsystem, the master system thereby determining whether the integrity of the subsystem has been compromised.
  - 14. The system of claim 3 wherein the secure link is defined by a virtual private network (VPN) tunnel.
  - 15. The system of claim 3 wherein at least one of the devices having security-related functions is a firewall.
  - 16. The system of claim 3 wherein at least one of the devices having security-related functions is a network intrusion detection system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NTT Security (US) Inc. (Nippon Telegraph and Telephone Corporation)
Original Assignee
Solutionary, Inc (Nippon Telegraph and Telephone Corporation)
Inventors
Hrabik, Michael, Beaver, Edward “Mac”, Guilfoyle, Jeffrey J.
Primary Examiner(s)
Kincaid; Kristine
Assistant Examiner(s)
Jackson; Jenise E

Application Number

US11/647,660
Publication Number

US 20070113283A1
Time in Patent Office

620 Days
Field of Search

726 22- 25
US Class Current

726/22
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

Apparatus for verifying the integrity of computer networks and implementation of countermeasures

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus for verifying the integrity of computer networks and implementation of countermeasures

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links