Tiered network flow analysis
US8510821B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 29, 2010 |
| Grant date | Aug 13, 2013 |
| Priority date | — |
| Expiry date | Sep 27, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F11/3072
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
The effects on networking systems of attacks on vulnerabilities, such as vulnerable modules in a webserver, SYN flooding, etc, can be devastating to a network environment. In various embodiments, a first, quick, or inexpensive analysis is performed on incoming network flows. If an intrusion issue or other problem is suspected based on the first, rapid, or an inexpensive analysis, then the flow can be flagged for redirection to another process, virtual machine, or physical computer module that will perform a deeper, more expensive analysis on the network flow. If there are no issues detected in the second, deeper analysis, then the network flow can be forwarded to its intended recipient. If an issue is detected in the second, deeper analysis, then the network flow can be throttled, quarantined, ignored, sent to an un-trusted portion of the system, sent for more analysis, or otherwise handled or flagged.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.