Handling information security incidents

Methods, systems, computer-readable media, and apparatuses for handling information security incidents are presented. In some embodiments, a computing device may receive information indicating that a network address is associated with an information security incident. Subsequently, the computing dev...

Full description

Saved in:
Bibliographic Details
Main Authors SHNOWSKE DANIEL P, METZGER TIMOTHY C, RAMCHARRAN RONALD, DEMIRMEN OKAN
Format Patent
LanguageEnglish
Published 03.03.2015
Subjects
ALARM SYSTEMS
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
ORDER TELEGRAPHS
PHYSICS
SIGNALLING
SIGNALLING OR CALLING SYSTEMS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:Methods, systems, computer-readable media, and apparatuses for handling information security incidents are presented. In some embodiments, a computing device may receive information indicating that a network address is associated with an information security incident. Subsequently, the computing device may monitor activity associated with the network address. Based on the monitoring, the computing device may determine whether the network address represents an information security threat. In response to determining that the network address represents an information security threat, the computing device may cause one or more remediation actions to be performed. In some arrangements, the information security incident may be a denial of service attack. In additional or alternative arrangements, the network address may be located in a particular net block, and the computing device may evaluate one or more remediation criteria, which may include analyzing network activity for one or more other addresses that are located within the net block.
Bibliography:Application Number: US201313827200