WO2005117370A3 - Using address ranges to detect malicious activity - Google Patents
Using address ranges to detect malicious activity Download PDFInfo
- Publication number
- WO2005117370A3 WO2005117370A3 PCT/US2005/017685 US2005017685W WO2005117370A3 WO 2005117370 A3 WO2005117370 A3 WO 2005117370A3 US 2005017685 W US2005017685 W US 2005017685W WO 2005117370 A3 WO2005117370 A3 WO 2005117370A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- network
- address ranges
- malicious activity
- detect malicious
- addresses
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP05778923A EP1754348B1 (en) | 2004-05-19 | 2005-05-18 | Using address ranges to detect malicious activity |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US57265804P | 2004-05-19 | 2004-05-19 | |
US60/572,658 | 2004-05-19 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2005117370A2 WO2005117370A2 (en) | 2005-12-08 |
WO2005117370A3 true WO2005117370A3 (en) | 2006-01-26 |
Family
ID=35285605
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2005/017685 WO2005117370A2 (en) | 2004-05-19 | 2005-05-18 | Using address ranges to detect malicious activity |
Country Status (3)
Country | Link |
---|---|
US (1) | US20050259657A1 (en) |
EP (1) | EP1754348B1 (en) |
WO (1) | WO2005117370A2 (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060002306A1 (en) * | 2004-06-30 | 2006-01-05 | Ronald Brown | Failure detection of path information corresponding to a transmission path |
US8139521B2 (en) * | 2005-10-28 | 2012-03-20 | Interdigital Technology Corporation | Wireless nodes with active authentication and associated methods |
US20120020217A1 (en) * | 2008-12-30 | 2012-01-26 | Shaun Wakumoto | Storing network flow information |
US10091174B2 (en) | 2014-09-29 | 2018-10-02 | Dropbox, Inc. | Identifying related user accounts based on authentication data |
US10223423B2 (en) * | 2014-10-02 | 2019-03-05 | Splunk Inc. | Custom communication alerts |
US10756956B2 (en) * | 2018-03-05 | 2020-08-25 | Schweitzer Engineering Laboratories, Inc. | Trigger alarm actions and alarm-triggered network flows in software-defined networks |
US11741228B2 (en) * | 2020-08-25 | 2023-08-29 | Bank Of America Corporation | System for generating computing network segmentation and isolation schemes using dynamic and shifting classification of assets |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003050644A2 (en) * | 2001-08-14 | 2003-06-19 | Riverhead Networks Inc. | Protecting against malicious traffic |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6513122B1 (en) * | 2001-06-29 | 2003-01-28 | Networks Associates Technology, Inc. | Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities |
US7246156B2 (en) * | 2003-06-09 | 2007-07-17 | Industrial Defender, Inc. | Method and computer program product for monitoring an industrial network |
US7725545B2 (en) * | 2004-02-20 | 2010-05-25 | Sybase 365, Inc. | Dual use counters for routing loops and spam detection |
-
2005
- 2005-05-18 US US11/132,612 patent/US20050259657A1/en not_active Abandoned
- 2005-05-18 WO PCT/US2005/017685 patent/WO2005117370A2/en active Application Filing
- 2005-05-18 EP EP05778923A patent/EP1754348B1/en not_active Not-in-force
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003050644A2 (en) * | 2001-08-14 | 2003-06-19 | Riverhead Networks Inc. | Protecting against malicious traffic |
Non-Patent Citations (2)
Title |
---|
CISCO SYSTEMS: "SAFE: Worm Mitigation", CISCO SYSTEMS WHITE PAPER, 2003, XP002355058, Retrieved from the Internet <URL:http://www.cisco.com/warp/public/cc/so/neso/sqso/safr/prodlit/sawrm_wp.pdf> [retrieved on 20051118] * |
YING JIN, STEVEN WALLACE: "A Preprocessor Plugin for SNORT: IP Spoof Detector", INTERNET PUBLICATION, 22 April 2002 (2002-04-22), ADVANCED NETWORK MANAGEMENT LAB, INDIANA UNIVERSITY, XP002355057, Retrieved from the Internet <URL:http://www.cs.indiana.edu/~yinjin/anml/Automatic_Spoof_Detector_Ying.doc> [retrieved on 20051117] * |
Also Published As
Publication number | Publication date |
---|---|
US20050259657A1 (en) | 2005-11-24 |
EP1754348B1 (en) | 2012-08-01 |
WO2005117370A2 (en) | 2005-12-08 |
EP1754348A2 (en) | 2007-02-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2005117370A3 (en) | Using address ranges to detect malicious activity | |
WO2002023805A3 (en) | Monitoring network activity | |
GB2457398A (en) | Sensor node of wireless sensor networks and operating method thereof | |
WO2008067371A3 (en) | System for automatic detection of spyware | |
WO2008014272A3 (en) | Method and apparatus for monitoring wireless network access | |
WO2006091944A3 (en) | Location-based enhancements for wireless intrusion detection | |
WO2008079337A3 (en) | Systems, methods, and apparatus for communicating the state of a wireless user device in a wireless domain to an application server in an internet protocol (ip) domain | |
EP1854005A4 (en) | Method and apparatus for locating rogue access point switch ports in a wireless network | |
AU2003272797A1 (en) | Acoustic sensing device, system and method for monitoring emissions from machinery | |
WO2004050839A3 (en) | Fragmentation-based methods and systems for sequence variation detection and discovery | |
WO2008067248A3 (en) | Detection for end of service using dynamic inactivity timer thresholds | |
WO2008063343A3 (en) | Methods and apparatus for detecting unwanted traffic in one or more packet networks utilizing string analysis | |
WO2007073546A3 (en) | Installing an application from one peer to another including configuration settings | |
WO2004088477A3 (en) | Apparatus and method for network vulnerability detection and compliance assessment | |
WO2007070396A3 (en) | Medicament compliance monitoring system, method, and medicament container | |
HK1113873A1 (en) | Using a test query to determine whether a network device suffers from a software bug or design flaw | |
WO2008131371A3 (en) | Extensions to ipv6 neighbor discovery protocol for automated prefix delegation | |
GB201203406D0 (en) | Automatic address range detection for IP networks | |
WO2008052291A3 (en) | System and process for detecting anomalous network traffic | |
WO2007022364A3 (en) | Change audit method, apparatus and system | |
WO2006107560A3 (en) | Methods, systems, and computer program products for establishing trusted access to a communication network | |
WO2006133383A3 (en) | Methods, systems, and computer program products for dynamic network access device port and user device configuration for implementing device-based and user-based policies | |
WO2008012792A3 (en) | A method and system for detection of nat devices in a network | |
GB0406104D0 (en) | Connecting devices to a peer-to-peer network | |
WO2011079149A3 (en) | Systems and methods for listening policies for virtual servers of an appliance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2005778923 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2005778923 Country of ref document: EP |