×

Integrated network intrusion detection

  • US 8,752,173 B2
  • Filed: 12/29/2009
  • Issued: 06/10/2014
  • Est. Priority Date: 02/01/2002
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving a request for access to network services from an invoked application;

    loading an application-specific network policy associated with the invoked application, the application-specific network policy comprising permissive and restrictive rules to designate the received request as authorized or unauthorized, respectively;

    integrating firewall and intrusion detection to check whether the received request violates the application-specific network policy and to designate the received request as authorized or unauthorized as a function of the application-specific network policy;

    monitoring network packets for the invoked application based on the designation of the received request;

    blocking network packets corresponding to the received request in response to the received request being designated as unauthorized;

    analyzing, on an intrusion detection system component, blocked network packets to detect a network intrusion;

    determining whether the invoked application is behaving abnormally;

    loading application-specific monitoring parameters for the invoked application in response to a determination that the invoked application is behaving abnormally; and

    checking network packets both to and from the invoked application based on the loaded application-specific monitoring parameters.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×