Computer security intrusion detection system for remote, on-demand users

Assignee

• International Business Machines Corporation · US

Inventors

• Christopher J. Strauss · Trabuco Canyon, US
• Sebnem Jaji · Flower Mound, US
• Ramesh V. Chitor · Fremont, US
• Nam Keung · Austin, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/55
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An intrusion detection system, and a related method and computer program product, for implementing intrusion detection in a remote, on-demand computing service environment in which one or more data processing hosts are made available to a remote on-demand user that does not have physical custody and control over the host(s). Intrusion detection entails monitoring resources defined by the on-demand user (or a third party security provider) for intrusion events that are also defined by the on-demand user (or security provider), and implementing responses according to event-action rules that are further defined by the on-demand user (or security provider). An intrusion detection system agent is associated with each of the data processing hosts, and is adapted to monitor the intrusion events and report intrusion activity. If there are plural intrusion detection system agents, they can be individually programmed to monitor and report on agent-specific sets of the intrusion events. An intrusion detection system controller is associated with one of the data processing hosts. It is adapted to manage and monitor the intrusion detection system agent(s), process agent reports of intrusion act…