The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 04, 2005
Filed:
Mar. 04, 1999
Wayne A. Campbell, Plattsmouth, NE (US);
Jeffrey H. Walker, Papillon, NE (US);
Wayne A. Campbell, Plattsmouth, NE (US);
Jeffrey H. Walker, Papillon, NE (US);
PRC, Inc., McLean, VA (US);
Abstract
Disclosed is a Security Indications and Warning (SI&W) Engine usable in conjunction with an audit agent. The audit agent forwards normalized audits to the SI&W Engine. The SI&W Engine groups the normalized audits into related groupings. Gauges are used to count the number of occurrences of audited events. A statistical engine provides statistical representations of the number of events per user, per session and per node. A predetermined number of criteria are defined a particular gauge or gauge pair. There may be many criteria for a particular network. When a predetermined number of criteria within a criteria set are triggered, an indicator is triggered. More complex indicators can use combinations of lower level indicators to provide further indications of potential security threads. Thus, a hierarchical system of gauges, criteria and indicators is used to measure boundary violations and breaches of different barriers. Advantageously, because there are no predefined scenarios or profiles that must be performed by a potential misuser or intruder, the SI&W Engine of the present invention is capable of indicating that a potential security threat exists in near-real time.