Application-layer anomaly and misuse detection
First Claim
Patent Images
1. A method comprising:
- in a server, hosting an intrusion detection process that provides intrusion detection services; and
integrating the intrusion detection process with a server process.
5 Assignments
0 Petitions
Accused Products
Abstract
A method includes passing a request for data received by a first server process executing in a first server to a detection process that includes packing a subset of the data into an analysis format and passing the subset to an analysis process.
80 Citations
34 Claims
-
1. A method comprising:
-
in a server, hosting an intrusion detection process that provides intrusion detection services; and
integrating the intrusion detection process with a server process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising:
passing a request for data received by a first server process executing in a first server to a detection process that includes;
packing a subset of the data into an analysis format; and
passing the subset to an analysis process. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
25. A system comprising:
-
a web server process having an application programming interface (API); and
an intrusion detection process linked to the API. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A computer program product residing on a computer readable medium having instructions stored thereon which, when executed by the processor, cause the processor to:
-
receive a request for data;
pack a subset of the data into a common analysis format;
pass the subset to an analysis process; and
analyze the subset in an analysis process.
-
-
32. A processor and a memory configured to:
-
receive a request for data;
pack a subset of the data into a common analysis format;
pass the subset to an analysis process; and
analyze the subset in an analysis process.
-
-
33. A computer program product residing on a computer readable medium having instructions stored thereon which, when executed by the processor, cause the processor to:
integrate an intrusion detection process with a server process.
-
34. A processor and memory configured to:
integrate an intrusion detection process with a server process.
Specification