Patent · US Active

System, method and program for identifying and preventing malicious intrusions

US8931099B2 · kind B2 · utility

1Cited by

8References

6Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Jeffrey S. Lahann · Queen Creek, US
Frederic G. Thiele · Niwot, US
Michael Walter · Atlanta, US

Key dates

Filing date	Aug 13, 2013
Grant date	Jan 6, 2015
Priority date	—
Expiry date	Aug 13, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Computer system, method and program product for identifying a malicious intrusion. A first number of different destination IP addresses, a second number of different destination ports and a third number of different signatures of messages, are identified from a source IP address during a predetermined period. A determination is made that in one or more other such predetermined periods the source IP address sent messages having the first number of different destination IP addresses, the second number of different destination ports and the third number of different signatures. Based on the determination that in the one or more other such predetermined periods the source IP address sent messages having the first number of different destination IP addresses, the second number of different destination ports and the third number of different signatures, a determination is made that the messages are characteristic of a malicious intrusion.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.