Dectection of invalid port accesses in port-scrambling-based networks
First Claim
1. A system comprising:
- a plurality of computers connected to a network, wherein each computer retaining a replica of a whitelist of programs, wherein the selective scrambling of ports is performed based on the whitelist wherein each computer is configured to selectively scramble ports of outgoing communications transmitted over the network, wherein each computer is configured to descramble ports of incoming communications received from the network; and
a server connected to the network, wherein said server is configured to monitor for an invalid port access, wherein the invalid port access is a communication transmitted over the network being directed at a port, wherein an unscrambled port obtained after descrambling the port is an invalid port, wherein said server is configured to log the invalid port access.
1 Assignment
0 Petitions
Accused Products
Abstract
Method, system and product for detection of invalid port accesses in port-scrambling-based networks. The network may comprise a plurality of computers, each of which is configured to selectively scramble port of outgoing communications transmitted over the network and to descramble ports of incoming communications received from the network. The selective scrambling of ports may be based on a whitelist of programs. Invalid port accesses are monitored for. Invalid port accesses may be a communication transmitted over the network directing at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port. Invalid port accesses may be logged and actions may be taken to mitigate potential security risk represented thereby.
-
Citations
20 Claims
-
1. A system comprising:
-
a plurality of computers connected to a network, wherein each computer retaining a replica of a whitelist of programs, wherein the selective scrambling of ports is performed based on the whitelist wherein each computer is configured to selectively scramble ports of outgoing communications transmitted over the network, wherein each computer is configured to descramble ports of incoming communications received from the network; and a server connected to the network, wherein said server is configured to monitor for an invalid port access, wherein the invalid port access is a communication transmitted over the network being directed at a port, wherein an unscrambled port obtained after descrambling the port is an invalid port, wherein said server is configured to log the invalid port access. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer program product comprising a non-transitory computer readable medium retaining program instructions which program instructions when read by a processor, cause the processor to perform a method carried out in a computer network environment comprising a plurality of computers, each of which being configured for selectively scrambling ports of outgoing communications and for descrambling ports of incoming communications, the method comprising:
-
monitoring communications in the network; identifying an invalid port access attempt, wherein the invalid port access attempt is a communication that is directed at a port, wherein an unscrambled port obtained after descrambling the port, is an invalid port; and logging the invalid port access attempt. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A server comprising:
-
a processor and a coupled memory, wherein the server is connected to a network, wherein a plurality of computers are connected to the network, wherein each computer is configured to selectively scramble ports of outgoing communications transmitted over the network, wherein each computer is configured to descramble ports of incoming communications received from the network, wherein each computer retaining a whitelist of programs, wherein the selective scrambling of ports is performed based on the whitelist; and wherein said server is configured to monitor for an invalid port access, wherein the invalid port access is a communication transmitted over the network having directing at a port, wherein an unscrambled port obtained after descrambling the port is an invalid port, wherein said server is configured to log the invalid port access. - View Dependent Claims (19, 20)
-
Specification