skip to main content
DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Intrusion detection using secure signatures

Abstract

A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of the secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.

Inventors:
;
Issue Date:
Research Org.:
Idaho National Lab. (INL), Idaho Falls, ID (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1159917
Patent Number(s):
8,850,583
Application Number:
13/785,349
Assignee:
U.S. Department of Energy (Washington, DC)
DOE Contract Number:  
AC07-05ID14517
Resource Type:
Patent
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Nelson, Trent Darnel, and Haile, Jedediah. Intrusion detection using secure signatures. United States: N. p., 2014. Web.
Nelson, Trent Darnel, & Haile, Jedediah. Intrusion detection using secure signatures. United States.
Nelson, Trent Darnel, and Haile, Jedediah. Tue . "Intrusion detection using secure signatures". United States. https://www.osti.gov/servlets/purl/1159917.
@article{osti_1159917,
title = {Intrusion detection using secure signatures},
author = {Nelson, Trent Darnel and Haile, Jedediah},
abstractNote = {A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of the secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2014},
month = {9}
}

Patent:

Save / Share: