×

Intrusion detection system

  • US 7,603,711 B2
  • Filed: 10/30/2003
  • Issued: 10/13/2009
  • Est. Priority Date: 10/31/2002
  • Status: Active Grant
First Claim
Patent Images

1. A computer network intrusion detection system comprising:

  • a plurality of different log analyzers for different external networks, each log analyzer being configured for detecting attacks upon a firewall in an corresponding one of the different external networks defining an edge detection network;

    an edge database log coupled to the different log analyzers logging attacks upon the different external networks;

    an intrusion detector coupled to a client network and configured to detect external attacks upon the client network;

    an analyzer coupled to said intrusion detector for analyzing each detected attack and determining a characteristic indicative thereof to classify each detected attack as a general attack or a client specific attack based upon logged attacks in the edge database log; and

    ,a filter coupled to said analyzer for generating an alert based upon characteristics of a plurality of attacks;

    a second intrusion detector for detecting external attacks upon a second computer network; and

    ,a second analyzer coupled to said second intrusion detector for analyzing each detected attack upon the second network and determining a characteristic indicative thereof, wherein said filter is further coupled to said second analyzer and further compares the attack characteristics determined by said analyzer and said second analyzer and generates a specific attack alert in response to a substantial absence of similarity in the comparison.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×