NETWORK INTRUSION PROTECTION

Improved techniques are disclosed for use in an intrusion prevention system or the like. For example, a method comprises the following steps performed by a computing element of a network. A packet of a flow is received, the flow comprising a plurality of packets, wherein the plurality of packets rep...

Full description

Saved in:
Bibliographic Details
Main Authors LAPOTIN DAVID PAUL, YU HAO, NELMS II TERRY LEE, DENNERLINE DAVID ALLEN, FRANKE HUBERTUS
Format Patent
LanguageEnglish
Korean
Published 04.08.2011
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:Improved techniques are disclosed for use in an intrusion prevention system or the like. For example, a method comprises the following steps performed by a computing element of a network. A packet of a flow is received, the flow comprising a plurality of packets, wherein the plurality of packets represents data in the network. A network intrusion analysis cost-benefit value is determined representing a benefit for analyzing the received packet for intrusions in relation to a cost for analyzing the received packet for intrusions. The method compares the network intrusion analysis cost-benefit value to a network intrusion analysis cost-benefit threshold to determine whether analyzing the received packet for intrusions before forwarding the received packet is warranted. Responsive to a determination that analyzing the received packet for intrusions before forwarding the received packet is not warranted, the received packet is forwarded, an indication is made that subsequent packets of the flow should be forwarded, and a determination is made whether the received packet indicates an intrusion after forwarding the received packet.
Bibliography:Application Number: KR20117013858