Enabling network intrusion detection by representing network activity in graphical form utilizing distributed data sensors to detect and transmit activity data
US8266697B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Mar 4, 2006 |
| Grant date | Sep 11, 2012 |
| Priority date | — |
| Expiry date | Jun 21, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/14
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method, system, and computer program product for detecting and mapping activity occurring at and between devices on a computer network for utilization within an intrusion detection mechanism. An enhanced graph matching intrusion detection system (eGMIDS) utility executing on a control server provides data collection functions and data fusion techniques. The eGMIDS comprises multiple sensors and associated unique adaptors that are located at different remote devices of the network and utilized to detect specific types of activity occurring at the respective devices relevant to eGMIDS processing. The sensors convert the data into eGMIDS format and encapsulate the data in a special transmission packet that is transmitted to the control server. The eGMIDS utility converts the activity data within these packets into eGMIDS-usable format and then processes the converted data via a data fusion technique to generate a graphical representation of the network (devices) and the activity occurring at/amongst the various devices.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.