Patent · US Active

Network intrusion detection with distributed correlation

US9560068B2 · kind B2 · utility

20Cited by

6References

20Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Igal Figlin · Redmond, US
Arthur Zavalkovsky · Netanya, IL
Lior Arzi · Givatayim, IL
Efim Hudis · Bellevue, US
Jennifer LeMond · Kirkland, US
Robert Eric Fitzgerald · Herndon, US
Khaja E. Ahmed · Bellevue, US
Jeffrey Williams · Ann Arbor, US
Edward W. Hardy · Seattle, US

Key dates

Filing date	Jul 12, 2013
Grant date	Jan 31, 2017
Priority date	—
Expiry date	Feb 11, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/205
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A network security system employing multiple levels of processing to identify security threats. Multiple host machines may each contain an agent that detects possibilities of security threats based on raw data sensed locally at that host. The hosts may share information obtained from local analysis and each host may use information generated at one or more other hosts, in combination with information generated locally, to identify a security concern, indicating with greater certainty that a security threat exists. Based on security concerns generated by multiple hosts, a security threat may be to indicated and protective action may be taken.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.