Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Proactive network security systems to protect against hackers

a network security and proactive technology, applied in the field of proactive network security systems to protect against hackers, can solve the problems of long design, development and release cycles, network administrators are plagued by the issue of unauthorized users (hackers) who gain entry to the network, and the risk of attack on the network, so as to reduce the risk of attack and be easily managed

Inactive Publication Date: 2008-01-03
NETCLARITY
View PDF16 Cites 65 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0008] The software engine may securely and dynamically update one or all components of the INFOSEC ENGINE and / or all INFOSEC ENGINE PLUGINs as well as other key security components. The software engine acts as a gateway between users, personal computers, servers, services and the computer network (internet, intranet, extranet, wide area network, wireless network or local area network). An Information Security (INFOSEC) software component may plug into the INFOSEC engine to, from time to time, expand the INFOSEC capabilities. Sample PLUGINs may include Firewalls (FW), virtual private networks (VPNs) AntiVirus Servers (AVS), Anti Distributed Denial of Service (Anti-DDoS), Certificate Authorities (CA), Content Filtering and Application Caching (PROXY), Encryption Acceleration and Secure Sockets Layer (SSL), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Vulnerability Assessment (VA), Vulnerability Remediation (VR), and Wireless Security (802.11b) using Wireless Encryption Protocol (WEP), Clustering and High Availability (HA). The system may also include an operating system that has been hardened against known weaknesses and attack methodologies of hackers. In a further optional embodiment, the system may include a software component that enables the INFOSEC Engine to be deployed on more than one system that can act as a single INFOSEC Engine through a computer network. An optional software component “heart-beat” monitor may exchange heartbeat signals between two or more INFOSEC appliances and enables one appliance to takeover for another should the other malfunction. The systems and methods described herein can be operated on conventional hardware platforms including Personal Computer (PC) or generic server appliances that run the Windows or Linux operating systems. Optionally, the systems may employ a client-server modular based software structure for secure, authenticated an non-repudiable communications between the Proactive Network Security system and a traditional Countermeasures System to increase the probability that a hacker will not be able to break into the existing network infrastructure through automated vulnerability assessment, reporting, and remediation.
[0019] Another object is to provide a proactive network security system to protect against hackers that can perform numerous INFOSEC functions in one “open box” appliance that scales in physical size from a small PC to a large generic server appliance. Should these INFOSEC functions exist in another network security appliance, the systems described herein shall be able to communicate with said INFOSEC countermeasure through a well-defined and secure communication interface to enable more proactive network security through automation.

Problems solved by technology

For years, network administrators have been plagued by the issue of unauthorized users (hackers) who gain entry to the network by probing for weaknesses or misrepresenting their intentions when asking to use certain network services, such as asking for a network user to read an email message.
The main problem with conventional anti hacker security system are they are not designed to stop hackers, instead they are countermeasures that react to threats.
Thus, today's security systems still leave the network vulnerable to attack, although they are capable of addressing certain attacks once the attack is identified.
Another problem with conventional anti hacker security systems is that they are typically built as proprietary systems, resulting in long design, development and release cycles.
This of course can be problematic as hackers release new attacks quite frequently, and because of the Internet, these many of today's attacks spread with breathtaking speed from one network to another.
Unfortunately, most of today's INFOSEC solutions are hard to upgrade and manage.
In fact, many INFOSEC systems today are “hard wired” with one or more network adapter interface for a 10 megabits per second network and if the network performance requirements move to 100 megabits per second or a gigabit per second, these INFOSEC appliances become bottlenecks to network performance and therefore detract from user productivity.
Still another problem with conventional anti hacker security system are that each INFOSEC appliance has a completely different and unique administrative interface.
After deploying more than a few of these appliances, it becomes extremely difficult for System Administrators (SYSADMINs) to manage these systems.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Proactive network security systems to protect against hackers
  • Proactive network security systems to protect against hackers
  • Proactive network security systems to protect against hackers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The system and methods described herein include, among other things, security systems that provide proactive automated defense against hackers by automatically finding, reporting, communicating with countermeasures about and removing the common vulnerabilities and exposures (CVEs) that they exploit. Accordingly, the systems described herein provide for proactive security by determining the components that exist on a network system and generating a list of network assets.

[0033] In one embodiment, the invention provides a security method that can be executed on a wired and / or wireless network. As part of the security method, in a first step the network is scanned and / or probed for any and all attached equipment and related assets, herein referred to as “network-based” assets. The method will dynamically detect and map changes to LAN and WAN connected equipment including searching for equipment which may be deemed as rogue and creating a network-based assets list, wherein the l...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A proactive network security system to protect against hackers for the proactive automated defense against hackers by automatically finding, reporting, communicating with countermeasures about and removing the common vulnerabilities and exposures (CVEs) that they exploit.

Description

RELATED APPLICATIONS [0001] This application claims priority to U.S. Provisional Application No. 60 / 489,982, filed Jul. 25, 2003, the specification of which is incorporated herein by reference in its entirety.BACKGROUND [0002] For years, network administrators have been plagued by the issue of unauthorized users (hackers) who gain entry to the network by probing for weaknesses or misrepresenting their intentions when asking to use certain network services, such as asking for a network user to read an email message. As such, it can be appreciated that anti hacker security system have been in use for years. Typically, anti hacker security systems are comprised of information security (INFOSEC) appliances that protect computers and computer-based networks against attacks from hackers. These appliances are typically sold as point-solutions and countermeasures ranging from Firewalls (FW), virtual private networks (VPNS) AntiVirus Servers (AVS), Anti Distributed Denial of Service (Anti-DD...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): G06F11/00G06F17/00G06F9/00G06F11/30H04L29/06
CPCH04L63/1433H04L63/0272
Inventor MILIEFSKY, GARY
Owner NETCLARITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products