Patent 6321338 Issued on November 20, 2001. Estimated Expiration Date: November 9, 2018. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.
A method of network surveillance includes receiving network packets handled by a network entity and building at least one long-term and a least one short-term statistical profile from a measure of the network packets that monitors data transfers, errors, or network connections. A comparison of the statistical profiles is used to determine whether the difference between the statistical profiles indicates suspicious network activity.
Other References
Debar et al., "A Neural Network Component for an Intrusion Detection System,".COPYRGT. 1992 IEEE
Denning et al., "Prototype IDES: A Real-Time Intrusion-Detection Expert System," SRI Project ECU 7508, SRI International, MenloPark, California, Aug. 1987
Denning et al., "Requirements and Model For IDES--A Real-Time Intrusion-Detection Expert System," SRI Project 6169, SRI International, Menlo Park, CA, Aug. 1985
Denning, "An Intrusion-Detection Model," SRI International, Menlo Park, CA, Technical Report CSL-149, Nov. 1985
Dowell, "The Computerwatch Data Reduction Tool," AT&T Bell Laboratories, Whippany, New Jersey
Fox et al., "A Neural Network Approach Towards Intrusion Detection," Harris Corporation, Government Information Systems Division, Melbourne, FL, Jul. 2, 1990
Garvey et al., "Model-Based Intrusion Detection," Proceedings of the 14th National Computer Security Conference, Washington, DC, Oct. 1991
Ilgun et al., State Transition Analysis: A Rule-Based Intrusion Detection Approach, IEEE Transactions on Software Engineering, vol. 21, No. 3, Mar. 1995
Javitz et al., "The SRI IDES Statistical Anomaly Detector," Proceedings, 1991 IEEE Symposium on Security and Privacy, Oakland, California, May 1991
Liepins et al., "Anomaly Detection: Purpose and Framework," US DOE Office of Safeguards and Security
Lunt et al., "An Expert System to Classify and Sanitize Text," SRI International, Computer Science Laboratory, Menlo Park, CA
Lunt, "A Survey of Intrusion Detection Techniques," Computers & Security, 12 (1993) 405-418
Lunt, "Automated Audit Trail Analysis and Intrusion Detection: A Survey," Proceedings of the 11th National Computer Security Conference, Baltimore, MD, Oct. 1988
Lunt et al, "Knowledge-Based Intrusion Detection"
Lunt et al., "A Prototype Real-Time Intrusion-Detection Expert System," Proceedings of the 1988 IEEE Symposium on Security and Privacy, Apr. 1988
Porras et al., EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances, 20th NISSC--Oct. 9, 1997
Porras et al., Penetration State Transition Analysis A Rule-Based Intrusion Detection Approach, .COPYRGT. 1992 IEEE
Sebring et al., Expert Systems in Intrusion Detection: A Case Study
Shieh et al., A Pattern-Oriented Intrusion-Detection Model and Its Applications .COPYRGT. 1991 IEEE
Smaha, "Haystack: An Intrusion Detection System," .COPYRGT. 1988 IEEE Computer Society Press: Proceedings of the Fourth Aerospace Computer Security Applications Conference, 1988, pp. 37-44
Snapp, "Signature Analysis and Communication Issues in a Distributed Intrusion Detection System," Thesis 1991
Snapp et al., "DIDS (Distributed Intrusion Detection System)--Motivation, Architecture, and An Early Protoype, "Computer Security Laboratory, Division of Computer Science, Univ. of California, Davis, Davis, CA
Tener, "AI & 4GL: Automated Detection and Investigation Tools," Computer Security in the Age of Information, Proceedings of the Fifth IFIP International Conference on Computer Security, W.J. Caelli (ed.)
Teng et al., "Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns," .COPYRGT. 1990
Vacccaro et al., "Detection of Anomalous Computer Session Activity," .COPYRGT. 1989 IEEE
Weiss, "Analysis of Audit and Protocol Data using Methods from Artificial Intelligence," Siemens AG, Munich, West Germany
Winkler, "A UNIX Prototype for Intrusion and Anomaly Detection in Secure Networks," .COPYRGT. Planning Research Corp. 1990
Jarvis et al., The NIDES Statistical Component Description and Justification, SRI International Annual Report A010, Mar. 7, 1994
Debar, et al., "Towards a Taxonomy of Intrusion-Detection Systems," Computers Networks 31 (1999), 805-822
Garvey, et al., "An Inference Technique for Integrating Knowledge from Disparate Sources," Proc. IJCAI, Vancouver, B.C., Aug., 1981, 319-325
Kaven, "The Digital Doorman," PC Magazine, Nov. 16, 1999
Lindqvist, et al., "Detecting Computer and Network Misuse Through the Production-Based Expert System Toolset (P-BEST)," Oct. 25, 199
November 9, 2018. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.
