×

System and method for dynamic distribution of intrusion signatures

  • US 8,347,375 B2
  • Filed: 10/01/2004
  • Issued: 01/01/2013
  • Est. Priority Date: 10/03/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method for the dynamic distribution of intrusion signatures to one or more switches and/or routers of a network system, wherein the one or more switches and/or routers include an intrusion detection system library including intrusion signatures and are interconnection devices having packet forwarding functionality and wherein the network system provides network services, the method comprising the steps of:

  • a. configuring at least one of the one or more switches and/or routers to monitor received network traffic for distribution triggering conditions, wherein the primary function of the configured at least one of the one or more switches and/or routers is packet forwarding;

    b. detecting and identifying one or more of the distribution triggering conditions;

    c. reporting information relating to the detection of the one or more distribution triggering conditions to a network security management module;

    d. employing an intrusion signature deployment algorithm of the at least one of the one or more configured switches to enable the automatic transmission of intrusion signature information to a portion of the one or more configured switches and/or routers;

    e. adjusting one or more priorities of at least one of the one or more configured switches and/or routers as a function of the detected triggering condition by employing the intrusion signature deployment algorithm to monitor received packets for patterns matching one or more intrusion signatures based on how recently the distribution triggering condition was detected, the severity of the potential harm to the network system, the least lost performance impact at the one or more of the one or more configured switches and/or routers, or randomness; and

    f. providing to a central repository the status of the monitoring priority adjustments made.

View all claims
  • 13 Assignments
Timeline View
Assignment View
    ×
    ×