Deep Packet Scan Hacker Identification
First Claim
1. A method for securing an accessible computer system, the method comprising:
- receiving more than one data packet at a network device, each data packet including a payload portion and an attribute portion and being communicated between at least one access requestor and at least one access provider through the network device;
monitoring, at the network device, at least the payload portion of the data packets directed from at least one of the access providers to at least one of the access requestors by scanning the payload portion for at least one predetermined pattern and counting a number of data packets having payload portions that include the predetermined pattern; and
using the network device to deny communication of subsequent data packets including the predetermined pattern when a number of payload portions of the data packets are deemed to exceed a configurable threshold number.
10 Assignments
0 Petitions
Accused Products
Abstract
Securing an accessible computer system typically includes receiving a data packet that includes a payload portion and an attribute portion, where the data packet is communicated between at least one access requestor and at least one access provider. At least the payload portion of the received data packet typically is monitored, where monitoring includes scanning the payload portion for at least one predetermined pattern. When the payload portion is determined to include at least one predetermined pattern, access by the access requestor to the access provider may be controlled . Monitoring the data packet may include scanning the payload portion while handling the data packet with a switch. Controlling access may include denying access by the access requestor to the access provider.
104 Citations
1 Claim
-
1. A method for securing an accessible computer system, the method comprising:
-
receiving more than one data packet at a network device, each data packet including a payload portion and an attribute portion and being communicated between at least one access requestor and at least one access provider through the network device; monitoring, at the network device, at least the payload portion of the data packets directed from at least one of the access providers to at least one of the access requestors by scanning the payload portion for at least one predetermined pattern and counting a number of data packets having payload portions that include the predetermined pattern; and using the network device to deny communication of subsequent data packets including the predetermined pattern when a number of payload portions of the data packets are deemed to exceed a configurable threshold number.
-
Specification