Attack signature generation

Inactive Publication Date: 2007-04-26
IBM CORP
View PDF2 Cites 65 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0007] In accordance with the present invention, there is now provided a method for generating from requests on a first data network attack signatures for use in a second data network, the method comprising a reception step for receiving data traffic from the first data network addressed to a number of unassigned addresses in a third data network; an inspection step for inspecting several incidents of the data traffic that has been received in the previous step, for a common data pattern, and upon finding a the

Problems solved by technology

This attack signature generation method makes use of the idea that network traffic directed against an u

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack signature generation
  • Attack signature generation
  • Attack signature generation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] Referring first to FIG. 1, a data processing system comprises a CPU 10, an I / O subsystem 20, and a memory subsystem 40, all interconnected by a bus subsystem 30. The memory subsystem 40 may comprise random access memory (RAM), read only memory (ROM), and one or more data storage devices such as hard disk drives, optical disk drives, and the like. The I / O subsystem 20 may comprise: a display; a printer; a keyboard; a pointing device such as a mouse, tracker ball, or the like; and one or more network connections permitting communication between the data processing system and one or more similar systems and / or peripheral devices via a data network. The combination of such systems and devices interconnected by such a network may itself form a distributed data processing system. Such distributed systems may be themselves interconnected by additional data networks.

[0042] In the memory subsystem 40 is stored data 60 and computer program code 50 executable by the CPU 10. The program...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a method for generating from requests from a first data network attack signatures for use in a second data network having a plurality of addresses assigned to data processing systems, the method comprising receiving data traffic from the first data network addressed to a number of unassigned addresses in a third data network; inspecting several incidents of the received data traffic for a common data pattern, upon finding a said data pattern, determining from the corresponding data traffic the attack signature for use in detecting attacks for the second data network. The invention also provides an apparatus for generating from requests on a first data network attack signatures for use in a second data network having a plurality of addresses assigned to data processing systems. The present invention further extends to a computer program element comprising computer program code means which, when loaded in a processor of a data processing system, configures the processor to perform a method for detecting attacks on a data network as hereinbefore described. The present invention further extends to a method of supporting an entity in the handling of a detected attack.

Description

TECHNICAL FIELD [0001] The present invention generally relates to the generation of attack signatures for the use in detecting network attacks and particularly relates to methods, apparatus, and computer program elements for generating attack signatures on a data network. BACKGROUND OF THE INVENTION [0002] The Internet is a wide area data network formed from a plurality of interconnected data networks. In operation, the Internet facilitates data communication between a range of remotely situated data processing systems. Such data processing systems each typically comprise a central processing unit (CPU), a memory subsystem, and input / output (I / O) subsystem, and computer program code stored in the memory subsystem for execution by the CPU. Typically, end user data processing systems connected to the Internet are referred to as client data processing systems or simply clients. Similarly, data processing systems hosting web sites and services for access by clients via the Internet are ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F12/14H04L12/14H04L29/06H04L29/12
CPCH04L12/14H04L29/12009H04L61/00H04L63/1491H04L63/1425H04L63/1458H04L63/1416G06F15/00G06F15/16
Inventor JULISCH, KLAUSRIORDAN, JAMES F.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap