-
公开(公告)号:US20080077989A1
公开(公告)日:2008-03-27
申请号:US11841214
申请日:2007-08-20
IPC分类号: G06F21/00
CPC分类号: H04L63/1408 , G06F21/55 , G06F2221/2101 , H04L63/1458
摘要: A method of operating an intrusion detection system. The system determines occurrence of a signature event indicative of a denial of service intrusion on a protected device. A value of a signature event counter is increased. The value of the signature event counter is adjusted to not include a count of signature events past a sliding window. The value of the signature event counter is determined to exceed a signature threshold quantity, followed by generation of an alert at a time subsequently recorded in a log. The log is cleared of entries past a permissible age. A present alert generation rate is determined as a ratio of the total number of timestamps in the log to the permissible age. The present alert generation rate is ascertained to exceed an alert generation rate threshold. A selected element of the signature set is altered to decrease the alert generation rate.
摘要翻译: 一种操作入侵检测系统的方法。 该系统确定在被保护设备上指示拒绝服务入侵的签名事件的发生。 签名事件计数器的值增加。 签名事件计数器的值被调整为不包括通过滑动窗口的签名事件的计数。 签名事件计数器的值被确定为超过签名阈值量,随后在随后记录在日志中的时间生成警报。 日志清除超过许可年龄的条目。 当前的警报生成速率被确定为日志中的时间戳的总数与允许的年龄之间的比率。 确定当前警报生成速率超过警报生成速率阈值。 更改签名集的选定元素以降低警报生成速率。
-
2.发明申请Control of port based authentication protocols and process to support transfer of connection information 失效控制基于端口的认证协议和流程来支持传输连接信息公开(公告)号:US20070038866A1
公开(公告)日:2007-02-15
申请号:US11200762
申请日:2005-08-09
IPC分类号: H04L9/00
CPC分类号: H04L63/0272 , H04L63/08 , H04L63/0892
摘要: Method, system, and program product for port based authentication protocols where addresses are dynamically assigned within a network environment, and more particularly to port based authentication in the network environment, where connection information is captured and stored. This facilitates administrator access to information created as a result of protocol exchanges involved in dynamic address assignment, authentication, and connection.
摘要翻译: 用于基于端口的认证协议的方法,系统和程序产品,其中在网络环境内动态地分配地址,更具体地,涉及在网络环境中基于端口的认证,其中捕获并存储连接信息。 这有助于管理员访问由于动态地址分配,认证和连接所涉及的协议交换而创建的信息。
-
公开(公告)号:US20070157308A1
公开(公告)日:2007-07-05
申请号:US11324868
申请日:2006-01-03
IPC分类号: G06F15/16
摘要: An authenticator is configured with intelligence for the purpose of providing a “failsafe” mode for port-based authentication (802.1x). This failsafe mode enables end users to access a network when communication between the authenticator and the authentication server has temporarily failed, but keeps security measures in place so that unauthorized users cannot gain network access. An 802.1x access control point (e.g., a switch) is enabled to continue to authenticate certain users onto the network during periods of temporary communication failure with the authentication server, by locally storing alternative authentication information limited to historical authentication information of clients that have previously accessed the network via the authentication server. Subsequent revalidation of specific users using the primary authentication information follows restoration of communication with the authentication server.
摘要翻译: 认证器配置有智能,目的是为基于端口的认证(802.1x)提供“故障安全”模式。 这种故障安全模式使最终用户能够在认证器和认证服务器之间的通信暂时失败时访问网络,但保持安全措施,使得未经授权的用户无法获得网络访问。 802.1x访问控制点(例如,交换机)能够通过本地存储限于先前已经存在的客户端的历史认证信息的替代认证信息,在认证服务器发生临时通信故障期间,继续将特定用户认证到网络上 通过认证服务器访问网络。 使用主认证信息对特定用户的后续重新验证与恢复与认证服务器的通信恢复。
-
4.发明申请Systems, methods and computer program products for administration of computer security threat countermeasures to a computer system 有权用于管理计算机安全威胁的系统,方法和计算机程序产品对计算机系统的对策公开(公告)号:US20050039046A1
公开(公告)日:2005-02-17
申请号:US10624158
申请日:2003-07-22
申请人: Jeffrey Bardsley , Ashley Brock , Charles Davis , Nathaniel Kim , John McKenna , Carlos Villegas
发明人: Jeffrey Bardsley , Ashley Brock , Charles Davis , Nathaniel Kim , John McKenna , Carlos Villegas
CPC分类号: G06F21/577 , G06F21/552
摘要: A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat. The received TMV may be mutated to a format for processing of the countermeasure.
摘要翻译: 通过建立与威胁管理向量(TMV)兼容的计算机系统的操作或应用程序系统类型以及操作或应用程序系统发布级别来管理对计算机系统的计算机安全威胁的对策。 然后接收TMV,其中包括提供受计算机安全威胁影响的至少一个操作系统类型的标识的第一字段,提供操作系统类型的操作系统释放级别的标识的第二字段,以及 第三字段,其提供对操作系统类型和操作系统释放级别的一组可能的对策的标识。 如果TMV将计算机系统的操作系统类型和操作系统发行级别识别为受计算机安全威胁影响,则会处理TMV中识别的对策。 所接收的TMV可以被突变成用于处理对策的格式。
-
5.发明申请Domain controlling systems, methods and computer program products for administration of computer security threat countermeasures to a domain of target computer systems 有权域控制系统,方法和计算机程序产品,用于管理计算机安全威胁对策到目标计算机系统的一个领域公开(公告)号:US20050198520A1
公开(公告)日:2005-09-08
申请号:US10791560
申请日:2004-03-02
申请人: Jeffrey Bardsley , Ashley Brock , Charles Davis , Nathaniel Kim , John McKenna , Carlos Villegas
发明人: Jeffrey Bardsley , Ashley Brock , Charles Davis , Nathaniel Kim , John McKenna , Carlos Villegas
IPC分类号: H04L9/00
CPC分类号: G06F21/577 , G06F2221/2101 , G06F2221/2149 , G06F2221/2151 , H04L63/1433
摘要: A threat management domain controller is responsive to a computer-actionable threat management vector that includes a first computer-readable field that provides identification of at least one system type that is affected by a computer security threat, a second computer-readable field that provides identification of a release level for the system type and a third computer-readable field that provides identification of a set of possible countermeasures for a system type and release level. The threat management domain controller processes a threat management vector that is received for use by a domain of target computer systems, and transmits the threat management vector that has been processed to at least one of the target computer systems in the domain of target computer systems.
摘要翻译: 威胁管理域控制器响应于计算机可执行的威胁管理向量,其包括提供对受计算机安全威胁影响的至少一种系统类型的标识的第一计算机可读字段,提供识别的第二计算机可读域 的系统类型的释放级别和第三计算机可读字段,其提供用于系统类型和释放级别的一组可能的对策的标识。 威胁管理域控制器处理被接收以供目标计算机系统的域使用的威胁管理向量,并将已处理的威胁管理向量传输到目标计算机系统域中的至少一个目标计算机系统。
-
6.发明申请Systems, methods and data structures for generating computer-actionable computer security threat management information 审中-公开用于生成计算机可执行计算机安全威胁管理信息的系统,方法和数据结构公开(公告)号:US20050022021A1
公开(公告)日:2005-01-27
申请号:US10624344
申请日:2003-07-22
申请人: Jeffrey Bardsley , Ashley Brock , Charles Davis , Nathaniel Kim , John McKenna , Carlos Villegas
发明人: Jeffrey Bardsley , Ashley Brock , Charles Davis , Nathaniel Kim , John McKenna , Carlos Villegas
CPC分类号: G06F21/577
摘要: Computer security threat management information is generated upon receiving notification of a computer security threat, by generating a computer-actionable Threat Management Vector (TMV) from the notification that was received. The TMV includes a first computer-readable field that provides identification of at least one system type that is affected by the security threat, a second computer-readable field that provides identification of a release level for the system type, and a third computer-readable field that provides identification of a set of possible countermeasures for a system type and a release level. The TMV that is generated is transmitted to target systems for processing.
摘要翻译: 计算机安全威胁管理信息是在收到计算机安全威胁的通知后生成的,通过从收到的通知生成计算机可执行的威胁管理向量(TMV)。 TMV包括提供对受安全威胁影响的至少一种系统类型的标识的第一计算机可读字段,提供用于系统类型的发布级别的标识的第二计算机可读字段和第三计算机可读字段 字段,其提供用于系统类型和释放级别的一组可能的对策的标识。 生成的TMV被传送到目标系统进行处理。
-
公开(公告)号:US20080046211A1
公开(公告)日:2008-02-21
申请号:US11854290
申请日:2007-09-12
申请人: Nathaniel Kim , Charles Lingafelt
发明人: Nathaniel Kim , Charles Lingafelt
CPC分类号: G05B19/4184 , G05B2219/31034 , H04L41/0816 , H04L41/0889 , H04L41/12 , Y02P90/04 , Y02P90/10 , Y02P90/14 , Y02P90/18 , Y04S40/162 , Y04S40/164
摘要: In general, the present invention provides a method and system for calibrating an electrical device that utilizes a data networking protocol (e.g., 802.1X) over a power delivery network. Specifically, the present invention leverages information gathered and stored during the authentication and operation of the electrical device to determine whether the electrical device should be calibrated. In general, the present invention makes this determination based on time elapsed since a previous calibration and/or cumulative usage of the device.
摘要翻译: 通常,本发明提供了一种用于校准在功率传递网络上利用数据网络协议(例如,802.1X)的电气设备的方法和系统。 具体地,本发明利用在电气设备的认证和操作期间收集和存储的信息来确定电气设备是否应被校准。 通常,本发明基于从先前的校准和/或设备的累积使用起经过的时间来进行该确定。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.016 秒)
