Distributed peer attack alerting
First Claim
Patent Images
1. A computer implemented method for distributed peer attack alerting comprising:
- accessing a peer community, said peer community comprising a plurality of nodes comprising a network wherein at least one of said plurality of nodes comprises access to an attack identifier;
identifying an attack at a first one of said plurality of nodes comprising access to said attack identifier;
transmitting an alert petition to others of said plurality of nodes, said alert petition comprising information associated with said attack;
automatically configuring at least one attack detection system associated with one of said plurality of nodes in response to said alert petition;
determining, by a second one of said plurality of nodes, whether said alert petition has expired;
transmitting, from said second one of said plurality of nodes, an indication of an expiration of said alert petition to others of said plurality of nodes to invalidate said alert petition when said alert petition is determined to have expired;
determining, by said second one of said plurality of nodes, whether a threshold value has been reached; and
creating and transmitting a command, based at least partially on said alert petition, to a second plurality of nodes instructing the second plurality of nodes to protect themselves from said attack when said threshold value is determined to have been reached.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for distributed peer attack alerting is disclosed. The method includes accessing a peer community wherein the peer community comprises a plurality of nodes comprising a network and wherein at least one of the plurality of nodes comprises an attack identifier. The method further includes identifying an attack at one of the plurality of nodes. In addition, the method includes transmitting an alert to the plurality of nodes, the alert comprising information associated with the attack and automatically configuring at least one attack identifier associated with one of the plurality of nodes in response to the alert.
-
Citations
20 Claims
-
1. A computer implemented method for distributed peer attack alerting comprising:
-
accessing a peer community, said peer community comprising a plurality of nodes comprising a network wherein at least one of said plurality of nodes comprises access to an attack identifier; identifying an attack at a first one of said plurality of nodes comprising access to said attack identifier; transmitting an alert petition to others of said plurality of nodes, said alert petition comprising information associated with said attack; automatically configuring at least one attack detection system associated with one of said plurality of nodes in response to said alert petition; determining, by a second one of said plurality of nodes, whether said alert petition has expired; transmitting, from said second one of said plurality of nodes, an indication of an expiration of said alert petition to others of said plurality of nodes to invalidate said alert petition when said alert petition is determined to have expired; determining, by said second one of said plurality of nodes, whether a threshold value has been reached; and creating and transmitting a command, based at least partially on said alert petition, to a second plurality of nodes instructing the second plurality of nodes to protect themselves from said attack when said threshold value is determined to have been reached. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A storage device having instructions recorded therein, such that when the instructions are executed, a computer system performs a method for distributed peer attack alerting, said computer-implemented method comprising:
-
identifying an attack at one of a plurality of nodes of a network, said one of said plurality of nodes comprising access to an attack detector; generating an alert petition associated with said attack, said alert petition comprising information associated with said attack; automatically configuring at least one attack detector associated with one of said plurality of nodes in response to said alert petition; determining whether a threshold value associated with said alert petition has been reached; creating and circulating a command, based at least partially on said alert petition, to a second plurality of nodes instructing the second plurality of nodes to protect themselves from said attack when said threshold value is determined to have been reached; and changing said threshold value based on surrounding environmental conditions, wherein the storage device is one of a computer-usable volatile memory, a computer-usable non-volatile memory, a peripheral computer readable medium, or a data storage unit. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for distributed peer attack alerting comprising:
-
a first node of a plurality of nodes of a network, said first node being configured for detecting an attack at said first node and for transmitting an alert petition to others of said plurality of nodes in response to detection of said attack, said alert petition comprising information associated with said attack, and said alert petition being a petition for proposing to take an action on said detected attack, wherein; at least one of said plurality of nodes has an associated attack detection system which is further configured in response to said alert petition, and said first node is further configured to avoid transmitting a duplicate alert petition by checking whether said first node is about to generate an alert petition with duplicate properties with respect to said transmitted alert petition; wherein each of said plurality of nodes comprises at least one microprocessor. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification