logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8621629 B1

PDFFull Text
Date of Patent:
Dec. 31, 2013

Filed:

Aug. 31, 2010

System, method, and computer software code for detecting a computer network intrusion in an infrastructure element of a high value target

Applicants:

Scott Charles Evans, Burnt Hills, NY (US);

Yogesh Kesrinath Potdar, Niskayuna, NY (US);

Michael Joseph Dell'anno, Niskayuna, NY (US);

Thomas Stephen Markham, Niskayuna, NY (US);

Adam Edgar Klingbeil, Ballston Lake, NY (US);

Robert Boring, Greenville, SC (US);

Bruce Gordon Barnett, Troy, NY (US);

Inventors:

Scott Charles Evans, Burnt Hills, NY (US);

Yogesh Kesrinath Potdar, Niskayuna, NY (US);

Michael Joseph Dell'Anno, Niskayuna, NY (US);

Thomas Stephen Markham, Niskayuna, NY (US);

Adam Edgar Klingbeil, Ballston Lake, NY (US);

Robert Boring, Greenville, SC (US);

Bruce Gordon Barnett, Troy, NY (US);

Assignee:

General Electric Company, Schenectady, NY (US);

Attorney:

General Electric Company Global Research

Primary Examiner:

Gilberto Barron, Jr

Assistant Examiner:

David Le

Int. Cl.
CPC ...
H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
Abstract

An intrusion detection system for detecting and defeating unauthorized intrusion within a computer network of an infrastructure element of a high value target, the system including a pre-processor configured to receive data from a computer network of an infrastructure element of a high value target and to output filtered data, a grammar applicator configured to apply grammars produced using a grammar based compression and learning algorithm to the filtered data, a decision making device configured to provide a recommendation based on an input from the grammar applicator as to whether the data in the computer network constitutes an unauthorized intrusion, and an emulator in communication with the decision making device configured to expand a sampling of the filtered data using a polymorphic transformation to allow the decision making device to further analyze the sampled data to determine an unauthorized intrusion. A method and a computer software code are also disclosed.

Find Patent Forward Citations

Loading…