Patent · US Active

Reduction of false positive detection of signature matches in intrusion detection systems

US7802094B2 · kind B2 · utility

3Cited by

6References

11Claims

0Family size

Assignee

Hewlett-Packard Company, L.P. · US

Inventors

Peter Furlong · Dublin, IE
Andrew Davy · Kings Langley, GB
Gareth E Allwright · Maulden, GB
Jerome Nolan · Newcastle West, IE

Key dates

Filing date	Feb 22, 2005
Grant date	Sep 21, 2010
Priority date	—
Expiry date	Apr 6, 2028

Classification

Technology area (CPC H)Electricity
CPC primaryH04L47/2441
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Detection of a signature in a data packet comprises performing a pre-classification of the packet, using header information and particularly a 5-tuple access control list, into one of a multiplicity of flows and directing the payload of the packet to a respective one of a multiplicity of deterministic finite state machines each of which stores a plurality of signatures as a sequence of states and acts only on the respective flow.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.