WO2004070547A3 - Method and device for monitoring data traffic and preventing unauthorized access to a network - Google Patents

Method and device for monitoring data traffic and preventing unauthorized access to a network Download PDF

Info

Publication number
WO2004070547A3
WO2004070547A3 PCT/US2004/002610 US2004002610W WO2004070547A3 WO 2004070547 A3 WO2004070547 A3 WO 2004070547A3 US 2004002610 W US2004002610 W US 2004002610W WO 2004070547 A3 WO2004070547 A3 WO 2004070547A3
Authority
WO
WIPO (PCT)
Prior art keywords
network
traffic
policies
data
data packets
Prior art date
Application number
PCT/US2004/002610
Other languages
French (fr)
Other versions
WO2004070547A2 (en
Inventor
Patrick G Billquist
David M Sodman
Gene W Garbutt
Michael H Nadler
Carter Shanklin
Original Assignee
Captus Networks Corp
Patrick G Billquist
David M Sodman
Gene W Garbutt
Michael H Nadler
Carter Shanklin
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Captus Networks Corp, Patrick G Billquist, David M Sodman, Gene W Garbutt, Michael H Nadler, Carter Shanklin filed Critical Captus Networks Corp
Publication of WO2004070547A2 publication Critical patent/WO2004070547A2/en
Publication of WO2004070547A3 publication Critical patent/WO2004070547A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic

Abstract

A method of protecting a network from potentially harmful data traffic comprised of data packets traversing data ports of the network is disclosed. The method provides a means for monitoring attributes of data traffic across data ports of a network. The improved Traffic Limiting Intrusion Detection System (TLIDS) incorporates procedures for defining areas that characterize network traffic, to monitor and analyze data packets associated only within the defined area. Policies (referred to as 'policies') are defined in association with a defined area, to monitor and analyze the data packets or traffic along the network. Policies may also include triggers which, when tripped, generate predetermined responses to limit or otherwise manage traffic on the network. One or more sets of policies can be associated with a defined area, and multiple areas may be defined, each having its own associated policy or policies. Similarly, one or more responses may be triggered by each policy.
PCT/US2004/002610 2003-02-03 2004-01-30 Method and device for monitoring data traffic and preventing unauthorized access to a network WO2004070547A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US44457103P 2003-02-03 2003-02-03
US60/444,571 2003-02-03

Publications (2)

Publication Number Publication Date
WO2004070547A2 WO2004070547A2 (en) 2004-08-19
WO2004070547A3 true WO2004070547A3 (en) 2005-03-24

Family

ID=32850890

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/002610 WO2004070547A2 (en) 2003-02-03 2004-01-30 Method and device for monitoring data traffic and preventing unauthorized access to a network

Country Status (1)

Country Link
WO (1) WO2004070547A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9015324B2 (en) 2005-03-16 2015-04-21 Adaptive Computing Enterprises, Inc. System and method of brokering cloud computing resources
US9112813B2 (en) 2005-03-16 2015-08-18 Adaptive Computing Enterprises, Inc. On-demand compute environment
US9231886B2 (en) 2005-03-16 2016-01-05 Adaptive Computing Enterprises, Inc. Simple integration of an on-demand compute environment

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8782654B2 (en) 2004-03-13 2014-07-15 Adaptive Computing Enterprises, Inc. Co-allocating a reservation spanning different compute resources types
US20070266388A1 (en) 2004-06-18 2007-11-15 Cluster Resources, Inc. System and method for providing advanced reservations in a compute environment
US8176490B1 (en) 2004-08-20 2012-05-08 Adaptive Computing Enterprises, Inc. System and method of interfacing a workload manager and scheduler with an identity manager
CA2586763C (en) 2004-11-08 2013-12-17 Cluster Resources, Inc. System and method of providing system jobs within a compute environment
US8863143B2 (en) 2006-03-16 2014-10-14 Adaptive Computing Enterprises, Inc. System and method for managing a hybrid compute environment
US9075657B2 (en) 2005-04-07 2015-07-07 Adaptive Computing Enterprises, Inc. On-demand access to compute resources
US8041773B2 (en) 2007-09-24 2011-10-18 The Research Foundation Of State University Of New York Automatic clustering for self-organizing grids
US10877695B2 (en) 2009-10-30 2020-12-29 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US11720290B2 (en) 2009-10-30 2023-08-08 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
CN102571719A (en) * 2010-12-31 2012-07-11 北京启明星辰信息技术股份有限公司 Invasion detection system and detection method thereof
US8555369B2 (en) 2011-10-10 2013-10-08 International Business Machines Corporation Secure firewall rule formulation
CN111970300A (en) * 2020-08-27 2020-11-20 广东电网有限责任公司东莞供电局 Network intrusion prevention system based on behavior inspection

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6044402A (en) * 1997-07-02 2000-03-28 Iowa State University Research Foundation Network connection blocker, method, and computer readable memory for monitoring connections in a computer network and blocking the unwanted connections
US20020032880A1 (en) * 2000-09-07 2002-03-14 Poletto Massimiliano Antonio Monitoring network traffic denial of service attacks
US6453345B2 (en) * 1996-11-06 2002-09-17 Datadirect Networks, Inc. Network security and surveillance system
US20020133586A1 (en) * 2001-01-16 2002-09-19 Carter Shanklin Method and device for monitoring data traffic and preventing unauthorized access to a network
US6484203B1 (en) * 1998-11-09 2002-11-19 Sri International, Inc. Hierarchical event monitoring and analysis
US6499107B1 (en) * 1998-12-29 2002-12-24 Cisco Technology, Inc. Method and system for adaptive network security using intelligent packet analysis

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6453345B2 (en) * 1996-11-06 2002-09-17 Datadirect Networks, Inc. Network security and surveillance system
US6044402A (en) * 1997-07-02 2000-03-28 Iowa State University Research Foundation Network connection blocker, method, and computer readable memory for monitoring connections in a computer network and blocking the unwanted connections
US6484203B1 (en) * 1998-11-09 2002-11-19 Sri International, Inc. Hierarchical event monitoring and analysis
US6499107B1 (en) * 1998-12-29 2002-12-24 Cisco Technology, Inc. Method and system for adaptive network security using intelligent packet analysis
US20020032880A1 (en) * 2000-09-07 2002-03-14 Poletto Massimiliano Antonio Monitoring network traffic denial of service attacks
US20020133586A1 (en) * 2001-01-16 2002-09-19 Carter Shanklin Method and device for monitoring data traffic and preventing unauthorized access to a network

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9015324B2 (en) 2005-03-16 2015-04-21 Adaptive Computing Enterprises, Inc. System and method of brokering cloud computing resources
US9112813B2 (en) 2005-03-16 2015-08-18 Adaptive Computing Enterprises, Inc. On-demand compute environment
US9231886B2 (en) 2005-03-16 2016-01-05 Adaptive Computing Enterprises, Inc. Simple integration of an on-demand compute environment

Also Published As

Publication number Publication date
WO2004070547A2 (en) 2004-08-19

Similar Documents

Publication Publication Date Title
WO2004070547A3 (en) Method and device for monitoring data traffic and preventing unauthorized access to a network
WO2003067847A3 (en) Integrated network intrusion detection
US20050216956A1 (en) Method and system for authentication event security policy generation
WO2001052496A3 (en) A declarative language for specifying a security policy
WO2005057233A3 (en) Method and system for monitoring a selected region of an airspace associated with local area networks of computing devices
WO2006073837A3 (en) Method and apparatus of adaptive network policy management for wireless mobile computers
CN102369532B (en) Managing security in a network
WO2000041542A3 (en) System for allocating resources in a communication system
WO2002057935A8 (en) Method and device for monitoring data traffic and preventing unauthorized access to a network
WO2005050364A3 (en) Distributed intrusion response system
WO2009031453A1 (en) Network security monitor apparatus and network security monitor system
CN107733878A (en) A kind of safety device of industrial control system
CN107276983A (en) A kind of the traffic security control method and system synchronous with cloud based on DPI
CN106559399A (en) A kind of the Internet mobile terminal synthesis managing and control system
KR100466798B1 (en) Public network and private network combination security system and method thereof
WO2001093531A3 (en) Systems and methods for distributed network protection
KR20140078329A (en) Method and apparatus for defensing local network attacks
CN109428881B (en) Network security protection method, network element equipment, system and computer storage medium
CN103139056A (en) Secure gateway and network data interactive method
Cisco Managing Sensors with CSPM
Cisco Introduction
Raju et al. Network Intrusion Detection System Using KMP Pattern Matching Algorithm
CN100484019C (en) Active virus detecting protecting system and protecting method thereof
US20060026273A1 (en) System and method for detection of reconnaissance activity in networks
Rizvi et al. A review on intrusion detection system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC (COMMUNICATION DATED 23-01-2006, EPO FORM 1205A)

122 Ep: pct application non-entry in european phase