Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks

Goranson, Craig A.; Burnette, John R.; Greitzer, Frank L.; McMillan, Bryan H.

Advanced Search OptionsAdvanced Search queries use a traditional Term Search. For more info, see our FAQ.

All Fields:

Patent Title:

Abstract:

Assignee:

Inventor(s):

Patent Number:

Patent Classification (CPC):

All Classifications
A - human necessities
A01 - agriculture
A21 - baking
A22 - butchering
A23 - foods or foodstuffs
A24 - tobacco
A41 - wearing apparel
A42 - headwear
A43 - footwear
A44 - haberdashery
A45 - hand or travelling articles
A46 - brushware
A47 - furniture
A61 - medical or veterinary science
A62 - life-saving
A63 - sports
A99 - subject matter not otherwise provided for in this section
B - performing operations
B01 - physical or chemical processes or apparatus in general
B02 - crushing, pulverising, or disintegrating
B03 - separation of solid materials using liquids or using pneumatic tables or jigs
B04 - centrifugal apparatus or machines for carrying-out physical or chemical processes
B05 - spraying or atomising in general
B06 - generating or transmitting mechanical vibrations in general
B07 - separating solids from solids
B08 - cleaning
B09 - disposal of solid waste
B21 - mechanical metal-working without essentially removing material
B22 - casting
B23 - machine tools
B24 - grinding
B25 - hand tools
B26 - hand cutting tools
B27 - working or preserving wood or similar material
B28 - working cement, clay, or stone
B29 - working of plastics
B30 - presses
B31 - making articles of paper, cardboard or material worked in a manner analogous to paper
B32 - layered products
B33 - additive manufacturing technology
B41 - printing
B42 - bookbinding
B43 - writing or drawing implements
B44 - decorative arts
B60 - vehicles in general
B61 - railways
B62 - land vehicles for travelling otherwise than on rails
B63 - ships or other waterborne vessels
B64 - aircraft
B65 - conveying
B66 - hoisting
B67 - opening, closing {or cleaning} bottles, jars or similar containers
B68 - saddlery
B81 - microstructural technology
B82 - nanotechnology
B99 - subject matter not otherwise provided for in this section
C - chemistry
C01 - inorganic chemistry
C02 - treatment of water, waste water, sewage, or sludge
C03 - glass
C04 - cements
C05 - fertilisers
C06 - explosives
C07 - organic chemistry
C08 - organic macromolecular compounds
C09 - dyes
C10 - petroleum, gas or coke industries
C11 - animal or vegetable oils, fats, fatty substances or waxes
C12 - biochemistry
C13 - sugar industry
C14 - skins
C21 - metallurgy of iron
C22 - metallurgy
C23 - coating metallic material
C25 - electrolytic or electrophoretic processes
C30 - crystal growth
C40 - combinatorial technology
C99 - subject matter not otherwise provided for in this section
D - textiles
D01 - natural or man-made threads or fibres
D02 - yarns
D03 - weaving
D04 - braiding
D05 - sewing
D06 - treatment of textiles or the like
D07 - ropes
D10 - indexing scheme associated with sublasses of section d, relating to textiles
D21 - paper-making
D99 - subject matter not otherwise provided for in this section
E - fixed constructions
E01 - construction of roads, railways, or bridges
E02 - hydraulic engineering
E03 - water supply
E04 - building
E05 - locks
E06 - doors, windows, shutters, or roller blinds in general
E21 - earth drilling
E99 - subject matter not otherwise provided for in this section
F - mechanical engineering
F01 - machines or engines in general
F02 - combustion engines
F03 - machines or engines for liquids
F04 - positive - displacement machines for liquids
F05 - indexing schemes relating to engines or pumps in various subclasses of classes f01-f04
F15 - fluid-pressure actuators
F16 - engineering elements and units
F17 - storing or distributing gases or liquids
F21 - lighting
F22 - steam generation
F23 - combustion apparatus
F24 - heating
F25 - refrigeration or cooling
F26 - drying
F27 - furnaces
F28 - heat exchange in general
F41 - weapons
F42 - ammunition
F99 - subject matter not otherwise provided for in this section
G - physics
G01 - measuring
G02 - optics
G03 - photography
G04 - horology
G05 - controlling
G06 - computing
G07 - checking-devices
G08 - signalling
G09 - education
G10 - musical instruments
G11 - information storage
G12 - instrument details
G16 - information and communication technology [ict] specially adapted for specific application fields
G21 - nuclear physics
G99 - subject matter not otherwise provided for in this section
H - electricity
H01 - basic electric elements
H02 - generation
H03 - basic electronic circuitry
H04 - electric communication technique
H05 - electric techniques not otherwise provided for
H99 - subject matter not otherwise provided for in this section
Y - new / cross sectional technologies
Y02 - technologies or applications for mitigation or adaptation against climate change
Y04 - information or communication technologies having an impact on other technology areas
Y10 - technical subjects covered by former uspc

More Options ...

Title: Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks

Abstract

A method for providing security to a network having a data stream with a plurality of portions of data, each having differing levels of sensitivity. The data stream is interrogated to determine the presence of predetermined characteristics associated with at least one of the portions of data within the data stream. At least one of the portions of data is then characterized, based upon the portion of data exhibiting a predetermined combination of characteristics, wherein the predetermined combination of characteristics is related to the sensitivity of the portion of data. The portions of the data stream are then distributed into a plurality of different channels, each of the channels associated with different level of sensitivity.

Inventors:: Goranson, Craig A.; Burnette, John R.; Greitzer, Frank L.; McMillan, Bryan H.

Issue Date:: Tue Oct 15 00:00:00 EDT 2013

Research Org.:: Pacific Northwest National Laboratory (PNNL), Richland, WA (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1176531

Patent Number(s):: 8561189

Application Number:: 11/473,634

Assignee:: Battelle Memorial Institute (Richland, WA)

Patent Classifications (CPCs):: H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION

Show more

H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
H04L63/0218 - {Distributed architectures, e.g. distributed firewalls}
H04L63/1416 - {Event detection, e.g. attack signature detection}

Show less

DOE Contract Number:: AC06-76RL01830

Resource Type:: Patent

Resource Relation:: Patent File Date: 2006 Jun 23

Country of Publication:: United States

Language:: English

Subject:: 97 MATHEMATICS AND COMPUTING

Citation Formats


                    Goranson, Craig A., Burnette, John R., Greitzer, Frank L., and McMillan, Bryan H. Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks.  United States: N. p., 2013. 
        Web.

Copy to clipboard


                    Goranson, Craig A., Burnette, John R., Greitzer, Frank L., & McMillan, Bryan H. Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks.  United States.

Copy to clipboard


                    Goranson, Craig A., Burnette, John R., Greitzer, Frank L., and McMillan, Bryan H. Tue .  
        "Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks".  United States.  https://www.osti.gov/servlets/purl/1176531.

Copy to clipboard


                    
@article{osti_1176531,

  title        = {Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks},

  author       = {Goranson, Craig A. and Burnette, John R. and Greitzer, Frank L. and McMillan, Bryan H.},

  abstractNote = {A method for providing security to a network having a data stream with a plurality of portions of data, each having differing levels of sensitivity. The data stream is interrogated to determine the presence of predetermined characteristics associated with at least one of the portions of data within the data stream. At least one of the portions of data is then characterized, based upon the portion of data exhibiting a predetermined combination of characteristics, wherein the predetermined combination of characteristics is related to the sensitivity of the portion of data. The portions of the data stream are then distributed into a plurality of different channels, each of the channels associated with different level of sensitivity.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {Tue Oct 15 00:00:00 EDT 2013},

  month        = {Tue Oct 15 00:00:00 EDT 2013}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Intelligent network security device and method
patent, October 2001

Shipley, Peter M.
US Patent Document 6,304,975
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/6304975

Methods and apparatus for heuristic firewall
patent, February 2003

Joyce, James B.
US Patent Document 6,519,703
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/6519703

Use of a programmable network processor to observe a flow of packets
patent, October 2007

Lingafelt, Charles S.; Strole, Norman C.
US Patent Document 7,278,162
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7278162

Distributed traffic scanning through data stream security tagging
patent, November 2009

Newstadt, Keith; Lin, David; Guavin, William J.
US Patent Document 7,620,974
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7620974

Antiviral network system
patent, June 2010

Dettinger, Richard D.; Kulack, Frederick A.
US Patent Document 7,739,739
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7739739

System and method for threat detection and response
patent, December 2008

Mualem, Hezi I.; Black, Nick; Molnar, John
US Patent Document 7,463,590
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7463590

Dynamic signature inspection-based network intrusion detection
patent, August 2001

Vaidya, Vimal
US Patent Document 6,279,113
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/6279113

Method and system for virus detection using pattern matching techniques
patent, June 2009

Phillips, Thomas G.; Schoppa, Christopher; Westerinen, William J.
US Patent Document 7,546,471
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7546471

System and method for assessing the security posture of a network and having a graphical user interface
patent, March 2003

Fox, Kevin L.; Henning, Ronda R.; Farrell, John T.
US Patent Document 6,535,227
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/6535227

Virtual intrusion detection system and method of using same
patent, August 2008

Gupta, Ramesh; Jain, Parveen; Amidon, Keith E.
US Patent Document 7,409,714
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7409714

Similar Records in DOE Patents and OSTI.GOV collections:

Method and apparatus for providing high bandwidth, low noise mechanical I/O for computer systems

Patent Rosenberg, Louis B [Pleasanton, CA]

A method and apparatus for providing high bandwidth and low noise mechanical input and output for computer systems. A gimbal mechanism provides two revolute degrees of freedom to an object about two axes of rotation. A linear axis member is coupled to the gimbal mechanism at the intersection of the two axes of rotation. The linear axis member is capable of being translated along a third axis to provide a third degree of freedom. The user object is coupled to the linear axis member and is thus translatable along the third axis so that the object can be moved alongmore » « less
Full Text Available
Apparatus and method for fusion of compute and switching functions of exascale system into a single component by using configurable network-on-chip fabric with distributed dual mode input-output ports and programmable network interfaces

Patent Khare, Surhud; Somasekhar, Dinesh; More, Ankit; ...

Described is an apparatus which comprises: a Network-On-Chip fabric using crossbar switches, having distributed ingress and egress ports; and a dual-mode network interface coupled to at least one crossbar switch, the dual-mode network interface is to include: a dual-mode circuitry; a controller operable to: configure the dual-mode circuitry to transmit and receive differential signals via the egress and ingress ports, respectively, and configure the dual-mode circuitry to transmit and receive signal-ended signals via the egress and ingress ports, respectively.
Full Text Available
Co-scheduling of network resource provisioning and host-to-host bandwidth reservation on high-performance network and storage systems

Patent Yu, Dantong; Katramatos, Dimitrios; Sim, Alexander; ...

A cross-domain network resource reservation scheduler configured to schedule a path from at least one end-site includes a management plane device configured to monitor and provide information representing at least one of functionality, performance, faults, and fault recovery associated with a network resource; a control plane device configured to at least one of schedule the network resource, provision local area network quality of service, provision local area network bandwidth, and provision wide area network bandwidth; and a service plane device configured to interface with the control plane device to reserve the network resource based on a reservation request and themore » « less
Full Text Available
System, apparatus and methods to implement high-speed network analyzers

Patent Ezick, James; Lethin, Richard; Ros-Giralt, Jordi; ...

Systems, apparatus and methods for the implementation of high-speed network analyzers are provided. A set of high-level specifications is used to define the behavior of the network analyzer emitted by a compiler. An optimized inline workflow to process regular expressions is presented without sacrificing the semantic capabilities of the processing engine. An optimized packet dispatcher implements a subset of the functions implemented by the network analyzer, providing a fast and slow path workflow used to accelerate specific processing units. Such dispatcher facility can also be used as a cache of policies, wherein if a policy is found, then packet manipulationsmore » « less
Full Text Available
Method and apparatus for routing data in an inter-nodal communications lattice of a massively parallel computer system by employing bandwidth shells at areas of overutilization

Patent Archer, Charles Jens; Musselman, Roy Glenn; Peters, Amanda; ...

A massively parallel computer system contains an inter-nodal communications network of node-to-node links. An automated routing strategy routes packets through one or more intermediate nodes of the network to reach a final destination. The default routing strategy is altered responsive to detection of overutilization of a particular path of one or more links, and at least some traffic is re-routed by distributing the traffic among multiple paths (which may include the default path). An alternative path may require a greater number of link traversals to reach the destination node.
Full Text Available

Similar Records

Title: Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks

Abstract

Citation Formats

Intelligent network security device and method patent, October 2001

Methods and apparatus for heuristic firewall patent, February 2003

Use of a programmable network processor to observe a flow of packets patent, October 2007

Distributed traffic scanning through data stream security tagging patent, November 2009

Antiviral network system patent, June 2010

System and method for threat detection and response patent, December 2008

Dynamic signature inspection-based network intrusion detection patent, August 2001

Method and system for virus detection using pattern matching techniques patent, June 2009

System and method for assessing the security posture of a network and having a graphical user interface patent, March 2003

Virtual intrusion detection system and method of using same patent, August 2008

Intelligent network security device and method
patent, October 2001

Methods and apparatus for heuristic firewall
patent, February 2003

Use of a programmable network processor to observe a flow of packets
patent, October 2007

Distributed traffic scanning through data stream security tagging
patent, November 2009

Antiviral network system
patent, June 2010

System and method for threat detection and response
patent, December 2008

Dynamic signature inspection-based network intrusion detection
patent, August 2001

Method and system for virus detection using pattern matching techniques
patent, June 2009

System and method for assessing the security posture of a network and having a graphical user interface
patent, March 2003

Virtual intrusion detection system and method of using same
patent, August 2008