Patent · US Active

Method of updating intrusion detection rules through link data packet

US7904942B2 · kind B2 · utility

6Cited by

4References

7Claims

0Family size

Assignee

INVENTEC CORPORATION · TW

Inventors

Meng Sun · Beijing, CN
Tom Chen · Taipei, TW
Win-Harn Liu · Taipei, TW

Key dates

Filing date	Feb 22, 2008
Grant date	Mar 8, 2011
Priority date	—
Expiry date	Nov 19, 2029

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method of updating intrusion detection rules through a link data packet is used to dynamically update rules storages of Snort system hosts. Firstly, an update sponsor in the network transmits a link data packet with an intrusion detection rule to the Snort system host. The Snort system host acquires the intrusion detection rule from the received link data packet, and parses an operation type of the intrusion detection rule. Then, the Snort system host verifies the validity of the intrusion detection rule. Subsequently, the rules storage is updated according to the type of the valid intrusion detection rule and a rules tree.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.