Geographical intrusion response prioritization mapping system
First Claim
Patent Images
1. A method for displaying an intrusion into a network, the method comprising:
- receiving network intrusion information indicating that a network intrusion has occurred, the network intrusion comprising an unauthorized access of a computing device connected to the network;
identifying an Internet Protocol (IP) address associated with the computing device and corresponding to a network intrusion point at which the network intrusion has occurred;
retrieving, from an Address Routing Protocol (ARP) database using the IP address, a router address corresponding to the network intrusion point;
retrieving, from a location database using the retrieved router address, geographical location information corresponding to the network intrusion point;
determining a geographical location of the network intrusion point based on the retrieved geographical location information;
generating a geographical map displaying an area including at least the geographical location of the network intrusion point; and
displaying a network intrusion symbol on the map to designate the geographical location of the network intrusion point.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for geographically mapping an intrusion into a network having one or more network points include receiving intrusion information identifying a intrusion into a point of the network, correlating the intrusion information with location information for the identified network point, and network identification information for the identified network point, and generating a map displaying a geographical location of the intrusion.
-
Citations
42 Claims
-
1. A method for displaying an intrusion into a network, the method comprising:
-
receiving network intrusion information indicating that a network intrusion has occurred, the network intrusion comprising an unauthorized access of a computing device connected to the network; identifying an Internet Protocol (IP) address associated with the computing device and corresponding to a network intrusion point at which the network intrusion has occurred; retrieving, from an Address Routing Protocol (ARP) database using the IP address, a router address corresponding to the network intrusion point; retrieving, from a location database using the retrieved router address, geographical location information corresponding to the network intrusion point; determining a geographical location of the network intrusion point based on the retrieved geographical location information; generating a geographical map displaying an area including at least the geographical location of the network intrusion point; and displaying a network intrusion symbol on the map to designate the geographical location of the network intrusion point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory computer-readable storage medium containing instructions, which, when executed, perform a method for displaying an intrusion into a network, the method comprising:
-
receiving network intrusion information indicating that a network intrusion has occurred, the network intrusion comprising an unauthorized access of a computing device connected to the network; identifying an Internet Protocol (IP) address associated with the computing device and corresponding to a network intrusion point at which the network intrusion has occurred; retrieving from an Address Routing Protocol (ARP) database using the IP address, a router address corresponding to the network intrusion point; retrieving from a location database using the retrieved router address, geographical location information corresponding to the network intrusion point; determining a geographical location of the network intrusion point based on the retrieved geographical location information; generating a geographical map displaying an area including at least the geographical location of the network intrusion point; and displaying a network intrusion symbol on the map to designate the geographical location of the network intrusion point. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for geographically mapping an intrusion into a network, the system comprising:
-
a map database storing map information; an Address Routing Protocol (ARP) database storing network location information; a location database storing location information; a computer in electronic communication with the map database and configured to; receive network intrusion information indicating that a network intrusion has occurred, the network intrusion comprising an unauthorized access of a computing device connected to the network; identify an Internet Protocol (IP) address associated with the computing device and corresponding to a network intrusion point at which the network intrusion has occurred; retrieve, from the ARP database using the IP address, a router address corresponding to the network intrusion point; retrieve, from the location database using the retrieved router address, geographical location information corresponding to the network intrusion point; determine a geographical location of the network intrusion point based on the retrieved geographical location information; generate a geographical map of an area including at least the determined geographical location of the network intrusion point; displaying on the map a network intrusion symbol to designate the determined geographical location of the network intrusion point; and a display device in electronic communication with the computer for displaying the generated map. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for geographically mapping an intrusion into a network, the system comprising:
-
map database means for storing map information; Address Routing Protocol (ARP) database means for storing network location information; location database means for storing geographical location information; computing means, in electronic communication with the map database, for; receiving network intrusion information indicating that a network intrusion has occurred, the network intrusion comprising an unauthorized access of a computing device connected to the network; identifying an Internet Protocol (IP) address associated with the computing device and corresponding to a network intrusion point at which the network intrusion has occurred; retrieving, from the ARP database using the IP address, a router address corresponding to the network intrusion point; retrieving, from the location database using the retrieved router address, geographical location information corresponding to the network intrusion point; determining a geographical location of the network intrusion point based on the retrieved geographical location information; generating a geographical map of an area including at least the determined geographical location of the network intrusion point; displaying on the map a network intrusion symbol to designate the determined geographical location of the network intrusion point; and display means in electronic communication with the computer for displaying the generated map. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A method for displaying an intrusion into a network, the method comprising:
-
receiving network intrusion information indicating that a network intrusion has occurred, the network intrusion comprising an unauthorized access of a computing device connected to the network; identifying an Internet Protocol (IP) address associated with the computing device and corresponding to a network intrusion point at which the network intrusion has occurred; retrieving, from an Address Routing Protocol (ARP) database using the IP address, a router address corresponding to the network intrusion point; retrieving, from a location database using the retrieved router address, geographical location information corresponding to the network intrusion point; determining a geographical location of the network intrusion point based on the retrieved geographical location information; generating a geographical map displaying an area including at least the geographical location of the network intrusion point; displaying a network intrusion symbol on the map to designate the geographical location of the network intrusion point; correlating the received network intrusion information, the IP address of the computing device, the retrieved router address, and the retrieved geographical location information; generating a network intrusion record for the intrusion based on the correlated information; and storing the network intrusion record in an intrusion database. - View Dependent Claims (42)
-
Specification