Patent•
Method and system of monitoring vulnerabilities
07 Mar 2002-
TL;DR: In this article, a system to monitor the vulnerability of a computer system is provided, which consists of an configuration information storing unit to store the configuration information on the computer system to be monitored, a manager information storage unit to register the information on a system manager who does the vulnerability management work for the computer systems.
Abstract: A system to monitor the vulnerability of a computer system is provided. The system comprises an configuration information storing unit to store the configuration information on the computer system to be monitored, a manager information storing unit to register the information on the system manager who does the vulnerability management work for the computer system to be monitored, a vulnerability information storing unit to store various types of vulnerability information, a vulnerability information offering unit to retrieve from the aforementioned vulnerability information storing unit the vulnerability information to be applied to the computer system to be monitored based on the aforementioned configuration information and to offer it to the aforementioned system manager, and a vulnerability measure information submission unit to generate vulnerability measure information based on the work log of the vulnerability modification measures that the system manager has taken and to submit this to the supervisor of the system manager who has done the aforementioned vulnerability modification work.
Citations
More filters
Patent•
10 Feb 2012TL;DR: In this article, a system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers.
Abstract: A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
658 citations
Patent•
12 Jul 2006TL;DR: In this article, the authors present a system and methods for detecting unsolicited and threatening communications and communicating threat information related thereto, where the received threat information is reduced into a canonical form and features are extracted from the reduced threat information in conjunction with configuration data such as goals.
Abstract: The present invention is directed to systems and methods for detecting unsolicited and threatening communications and communicating threat information related thereto. Threat information is received from one or more sources; such sources can include external security databases and threat information data from one or more application and/or network layer security systems. The received threat information is reduced into a canonical form. Features are extracted from the reduced threat information; these features in conjunction with configuration data such as goals are used to produce rules. In some embodiments, these rules are tested against one or more sets of test data and compared against the same or different goals; if one or more tests fail, the rules are refined until the tests succeed within an acceptable margin of error. The rules are then propagated to one or more application layer security systems.
486 citations
Patent•
09 Oct 2008
TL;DR: In this article, a system (120) detects transmission of potentially unwanted e-mail messages by generating hash values based on one or more portions of the e-mails and then determining whether the generated hash values match hash values associated with prior e-email messages.
Abstract: A system ( 120 ) detects transmission of potentially unwanted e-mail messages. The system ( 120 ) may receive e-mail messages and generate hash values based on one or more portions of the e-mail messages. The system ( 120 ) may then determine whether the generated hash values match hash values associated with prior e-mail messages. The system ( 120 ) may determine that one of the e-mail messages is a potentially unwanted e-mail message when one or more of the generated hash values associated with the e-mail message match one or more of the hash values associated with the prior e-mail messages.
300 citations
Patent•
03 Apr 2009TL;DR: In this article, a plurality of data streams are prioritized based on a classification associated with the data packets associated with each of the plurality of the data streams, respectively, and the priority associated with those respective lesser priority data streams.
Abstract: Methods and systems for operation upon one or more data processors for prioritizing transmission among a plurality of data streams based upon a classification associated with the data packets associated with each of the plurality of data streams, respectively. Systems and methods can operate to allocate bandwidth to priority data streams first and recursively allocate remaining bandwidth to lesser priority data streams based upon the priority associated with those respective lesser priority data streams.
295 citations
Patent•
06 Mar 2003TL;DR: In this article, an electronic communication related to an application is received and stored and one or more risk assessments are made with respect to the received communication thereby generating a risk profile associated with the communication.
Abstract: Systems and methods for enhancing electronic security (190) are provided. An electronic communication related to an application (120) is received and stored. One or more risk assessments are made with respect to the received communication thereby generating a risk profile associated with the communication. The risk profile is analyzed with respect to data (210) associated with previously received communications to determine if the received communication is anomalous. If the received communication is determined to be anomalous, an anomaly indicator signal is output.
293 citations
References
More filters
Patent•
12 Sep 1996
TL;DR: In this article, a system and method is described for detecting security vulnerabilities in a computer network. The system includes an IP spoofing attack detector, a stealth port service map generator, a source port verifier, source routing verifiers, an RPC service detector and a Socks configuration verifier.
Abstract: A system and method is disclosed for detecting security vulnerabilities in a computer network. The system includes an IP spoofing attack detector, a stealth port service map generator, a source port verifier, source routing verifier, an RPC service detector and a Socks configuration verifier. Each of these verifiers may be operated separately or as a group to detect security vulnerabilities on a network. Each verifier may be programmed to exhaustively test all ports of all computers on a network to detect susceptibility to IP spoofing attacks, access to services with little or no authorization checks or misconfigured routers or Socks servers. The detected vulnerabilities or the location of services having little or no authorization checks may be stored in a table for reference by a network administrator. The service map generated by the stealth service map generator may be used to identify all service ports on a network to facilitate the operation of the other verifiers which send service command messages to service ports to detect their accessibility. A graphic user interface (GUI) may be used to provide input and control by a user to the security verifiers and to present options and display information to the user.
386 citations
Patent•
12 Oct 1994TL;DR: In this paper, a system and method for the secure transfer of data between a workstation connected to a private network and a remote computer connected to an unsecured network is presented.
Abstract: A system and method for the secure transfer of data between a workstation connected to a private network and a remote computer connected to an unsecured network. A secure computer is inserted into the private network to serve as the gateway to the unsecured network and a client subsystem is added to the workstation in order to control the transfer of data from the workstation to the secure computer. The secure computer includes a private network interface connected to the private network, an unsecured network interface connected to the unsecured network, wherein the unsecured network interface includes means for encrypting data to be transferred from the first workstation to the remote computer, a server function for transferring data between the private network interface and the unsecured network interface and a filter function for filtering data transferred between the remote computer and the workstation.
334 citations
Patent•
30 Jun 1998TL;DR: In this paper, a rules-driven multi-phase network vulnerability assessment method is described, which comprises pinging devices on a network to discover devices with a connection to the network.
Abstract: In one aspect of the invention, a computer implemented method for rules-driven multi-phase network vulnerability assessment is disclosed. The method comprises pinging devices on a network to discover devices with a connection to the network. Port scans are performed on the discovered devices and banners are collected. Information from the collected banners are stored as entries in a first database. Analysis is performed on the entries by comparing the entries with a rule set to determine potential vulnerabilities. The results of the analysis are stored in a second database.
271 citations