Patent · US Active

Kernel-based intrusion detection using bloom filters

US7900194B1 · kind B1 · utility

19Cited by

2References

29Claims

0Family size

Assignees

VERIZON CORPORATE SERVICES GROUP INC. · US
RAYTHEON BBN TECHNOLOGIES CORP. · US

Inventor

David Patrick Mankins · Cambridge, US

Key dates

Filing date	Mar 23, 2005
Grant date	Mar 1, 2011
Priority date	—
Expiry date	Jan 5, 2028

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Kernel-based intrusion detection using Bloom filters is disclosed. In one of many possible embodiments for detecting an intrusion attack, a Bloom filter is provided and used to generate a Bloom filter data object. The Bloom filter data object contains data representative of expected system-call behavior associated with a computer program. The Bloom filter data object is embedded in an operating system (“OS”) kernel upon an invocation of the computer program. Actual system-call behavior is compared with the data in the Bloom filter data object.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.