Method and apparatus for the detection and prevention of intrusions, computer worms, and denial of service attacks
First Claim
1. A method for using a security apparatus to provide security for a computer system, comprising:
- dynamically loading into the security apparatus information permitting detection of vulnerabilities and exposures for an application and information on how the security apparatus is to prevent exploitation of the vulnerabilities and exposures on the computer system;
using the security apparatus to intercept data traffic entering the computer system; and
using the dynamically loaded information to process the intercepted data to prevent exploitation of the vulnerabilities and exposures on the computer system, wherein the using of the dynamically loaded information further comprises using, by the security apparatus, new information on vulnerabilities and exposures to handle new application sessions for the application and continuing to use old information on vulnerabilities and exposures to handle existing application sessions for the application.
3 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for the detection and prevention of intrusions, DOS attacks, and computer worms comprising of: 1) dynamically loading information about vulnerabilities and exposures 2) intercepting application data 3) using information about vulnerabilities and exposures to detect their exploitation 4) taking custom action to stop the exploitation. Invention also includes an apparatus and method for reducing time it takes to capture information about vulnerabilities and exposures for the purpose of detecting their exploitation and stopping it. Invention further includes an apparatus and method to convert information about vulnerabilities and exposures into an intermediate form that optimizes the processing speed of the method and apparatus for stopping intrusions, DOS attacks, and computer worms.
-
Citations
15 Claims
-
1. A method for using a security apparatus to provide security for a computer system, comprising:
-
dynamically loading into the security apparatus information permitting detection of vulnerabilities and exposures for an application and information on how the security apparatus is to prevent exploitation of the vulnerabilities and exposures on the computer system; using the security apparatus to intercept data traffic entering the computer system; and using the dynamically loaded information to process the intercepted data to prevent exploitation of the vulnerabilities and exposures on the computer system, wherein the using of the dynamically loaded information further comprises using, by the security apparatus, new information on vulnerabilities and exposures to handle new application sessions for the application and continuing to use old information on vulnerabilities and exposures to handle existing application sessions for the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
Specification