Security intrusion mitigation system and method
First Claim
Patent Images
1. A security intrusion mitigation method comprising:
- utilizing network spanning tree configuration information to determine an action for mitigating diffusion of intrusive attacks between components associated with a network, wherein said spanning tree information includes an indication of a first internal diffusion risk and a second internal diffusion risk, wherein said first internal diffusion risk is a risk of a first attack diffusing from a first component associated with said network to a second component associated with said network and said second internal diffusion risk is a risk of a second attack diffusing from a third component associated with said network to said second component;
using said internal diffusion risks to determine that there is a higher risk of said first attack diffusing from said first component to said second component than said second attack diffusing from said third component to said second component; and
using said network spanning tree configuration information to perform said action for mitigating diffusion of intrusive attacks automatically at least in part by mitigating said first attack before mitigating said second attack, wherein said action for mitigating includes compensation for functional support of an application associated with said second component that has priority over another application.
5 Assignments
0 Petitions
Accused Products
Abstract
A security intrusion mitigation system and method are presented. In one embodiment a security intrusion mitigation method includes utilizing network spanning tree configuration information to determine an action for mitigating diffusion of intrusive attacks. The spanning tree information can include an indication of an internal diffusion risks. An action for mitigating diffusion of intrusive attacks is automatically performed. The action for mitigating diffusion of the intrusive attacks includes compensation for functional support of prioritized applications.
14 Citations
20 Claims
-
1. A security intrusion mitigation method comprising:
-
utilizing network spanning tree configuration information to determine an action for mitigating diffusion of intrusive attacks between components associated with a network, wherein said spanning tree information includes an indication of a first internal diffusion risk and a second internal diffusion risk, wherein said first internal diffusion risk is a risk of a first attack diffusing from a first component associated with said network to a second component associated with said network and said second internal diffusion risk is a risk of a second attack diffusing from a third component associated with said network to said second component; using said internal diffusion risks to determine that there is a higher risk of said first attack diffusing from said first component to said second component than said second attack diffusing from said third component to said second component; and using said network spanning tree configuration information to perform said action for mitigating diffusion of intrusive attacks automatically at least in part by mitigating said first attack before mitigating said second attack, wherein said action for mitigating includes compensation for functional support of an application associated with said second component that has priority over another application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A security intrusion mitigation system comprising:
-
a means for communicating information; a means for processing information including instructions for determining a highest risk path that has the highest risk of an attack spreading between network components included in said highest risk path in comparison to risks of attacks spreading between network components associated with other risk paths and automatically mitigating said attack from spreading between said network components included in said highest risk path; and a means for storing said information, including instructions for storing information describing said highest risk path. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computer usable storage medium having computer readable program code embodied therein for causing a computer system to implement security intrusion mitigation instructions comprising:
-
a component risk determination module for determining that a first risk of a first attack spreading from a first component to a second component is higher than a second risk of a second attack spreading from a third component to a fourth component, wherein said first, second, third and fourth components are included in a network; and an attack spreading response module for responding to said first risk before responding to said second risk. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification