Patent · US Active

Method and apparatus for port scan detection in a network

US8516573B1 · kind B1 · utility

23Cited by

3References

20Claims

0Family size

Assignee

AT&T Intellectual Property I, L.P. · US

Inventors

Philip E. Brown · Westfield, US
Jeanette LaRosa · Kingston, US
Chaim Spielman · Spring Valley, US

Key dates

Filing date	Dec 22, 2005
Grant date	Aug 20, 2013
Priority date	—
Expiry date	Nov 3, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Method and apparatus for port sweep detection in a network is described. In one example, log data is obtained for a period of time. The log data is associated with a plurality of devices in the network. The log data is processed to identify connection requests from a source key for a port at a number of target internet protocol (IP) addresses. An alarm is generated if the number of target IP addresses associated with the connection requests from the source key exceeds a threshold.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.