Intrusion detection using secure signatures

Nelson, Trent Darnel; Haile, Jedediah

Advanced Search OptionsAdvanced Search queries use a traditional Term Search. For more info, see our FAQ.

All Fields:

Patent Title:

Abstract:

Assignee:

Inventor(s):

Patent Number:

Patent Classification (CPC):

All Classifications
A - human necessities
A01 - agriculture
A21 - baking
A22 - butchering
A23 - foods or foodstuffs
A24 - tobacco
A41 - wearing apparel
A42 - headwear
A43 - footwear
A44 - haberdashery
A45 - hand or travelling articles
A46 - brushware
A47 - furniture
A61 - medical or veterinary science
A62 - life-saving
A63 - sports
A99 - subject matter not otherwise provided for in this section
B - performing operations
B01 - physical or chemical processes or apparatus in general
B02 - crushing, pulverising, or disintegrating
B03 - separation of solid materials using liquids or using pneumatic tables or jigs
B04 - centrifugal apparatus or machines for carrying-out physical or chemical processes
B05 - spraying or atomising in general
B06 - generating or transmitting mechanical vibrations in general
B07 - separating solids from solids
B08 - cleaning
B09 - disposal of solid waste
B21 - mechanical metal-working without essentially removing material
B22 - casting
B23 - machine tools
B24 - grinding
B25 - hand tools
B26 - hand cutting tools
B27 - working or preserving wood or similar material
B28 - working cement, clay, or stone
B29 - working of plastics
B30 - presses
B31 - making articles of paper, cardboard or material worked in a manner analogous to paper
B32 - layered products
B33 - additive manufacturing technology
B41 - printing
B42 - bookbinding
B43 - writing or drawing implements
B44 - decorative arts
B60 - vehicles in general
B61 - railways
B62 - land vehicles for travelling otherwise than on rails
B63 - ships or other waterborne vessels
B64 - aircraft
B65 - conveying
B66 - hoisting
B67 - opening, closing {or cleaning} bottles, jars or similar containers
B68 - saddlery
B81 - microstructural technology
B82 - nanotechnology
B99 - subject matter not otherwise provided for in this section
C - chemistry
C01 - inorganic chemistry
C02 - treatment of water, waste water, sewage, or sludge
C03 - glass
C04 - cements
C05 - fertilisers
C06 - explosives
C07 - organic chemistry
C08 - organic macromolecular compounds
C09 - dyes
C10 - petroleum, gas or coke industries
C11 - animal or vegetable oils, fats, fatty substances or waxes
C12 - biochemistry
C13 - sugar industry
C14 - skins
C21 - metallurgy of iron
C22 - metallurgy
C23 - coating metallic material
C25 - electrolytic or electrophoretic processes
C30 - crystal growth
C40 - combinatorial technology
C99 - subject matter not otherwise provided for in this section
D - textiles
D01 - natural or man-made threads or fibres
D02 - yarns
D03 - weaving
D04 - braiding
D05 - sewing
D06 - treatment of textiles or the like
D07 - ropes
D10 - indexing scheme associated with sublasses of section d, relating to textiles
D21 - paper-making
D99 - subject matter not otherwise provided for in this section
E - fixed constructions
E01 - construction of roads, railways, or bridges
E02 - hydraulic engineering
E03 - water supply
E04 - building
E05 - locks
E06 - doors, windows, shutters, or roller blinds in general
E21 - earth drilling
E99 - subject matter not otherwise provided for in this section
F - mechanical engineering
F01 - machines or engines in general
F02 - combustion engines
F03 - machines or engines for liquids
F04 - positive - displacement machines for liquids
F05 - indexing schemes relating to engines or pumps in various subclasses of classes f01-f04
F15 - fluid-pressure actuators
F16 - engineering elements and units
F17 - storing or distributing gases or liquids
F21 - lighting
F22 - steam generation
F23 - combustion apparatus
F24 - heating
F25 - refrigeration or cooling
F26 - drying
F27 - furnaces
F28 - heat exchange in general
F41 - weapons
F42 - ammunition
F99 - subject matter not otherwise provided for in this section
G - physics
G01 - measuring
G02 - optics
G03 - photography
G04 - horology
G05 - controlling
G06 - computing
G07 - checking-devices
G08 - signalling
G09 - education
G10 - musical instruments
G11 - information storage
G12 - instrument details
G16 - information and communication technology [ict] specially adapted for specific application fields
G21 - nuclear physics
G99 - subject matter not otherwise provided for in this section
H - electricity
H01 - basic electric elements
H02 - generation
H03 - basic electronic circuitry
H04 - electric communication technique
H05 - electric techniques not otherwise provided for
H99 - subject matter not otherwise provided for in this section
Y - new / cross sectional technologies
Y02 - technologies or applications for mitigation or adaptation against climate change
Y04 - information or communication technologies having an impact on other technology areas
Y10 - technical subjects covered by former uspc

More Options ...

Title: Intrusion detection using secure signatures

Abstract

A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of the secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.

Inventors:: Nelson, Trent Darnel; Haile, Jedediah

Issue Date:: 2014-09-30

Research Org.:: Idaho National Laboratory (INL), Idaho Falls, ID (United States)

Sponsoring Org.:: USDOE

OSTI Identifier:: 1159917

Patent Number(s):: 8850583

Application Number:: 13/785,349

Assignee:: U.S. Department of Energy (Washington, DC)

Patent Classifications (CPCs):: H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION

Show more

H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
H04L63/1416 - {Event detection, e.g. attack signature detection}
H04L63/1433 - {Vulnerability analysis}

Show less

DOE Contract Number:: AC07-05ID14517

Resource Type:: Patent

Country of Publication:: United States

Language:: English

Subject:: 97 MATHEMATICS AND COMPUTING

Citation Formats


                    Nelson, Trent Darnel, and Haile, Jedediah. Intrusion detection using secure signatures.  United States: N. p., 2014. 
        Web.

Copy to clipboard


                    Nelson, Trent Darnel, & Haile, Jedediah. Intrusion detection using secure signatures.  United States.

Copy to clipboard


                    Nelson, Trent Darnel, and Haile, Jedediah. Tue .  
        "Intrusion detection using secure signatures".  United States.  https://www.osti.gov/servlets/purl/1159917.

Copy to clipboard


                    
@article{osti_1159917,

  title        = {Intrusion detection using secure signatures},

  author       = {Nelson, Trent Darnel and Haile, Jedediah},

  abstractNote = {A method and device for intrusion detection using secure signatures comprising capturing network data. A search hash value, value employing at least one one-way function, is generated from the captured network data using a first hash function. The presence of a search hash value match in a secure signature table comprising search hash values and an encrypted rule is determined. After determining a search hash value match, a decryption key is generated from the captured network data using a second hash function, a hash function different form the first hash function. One or more of the encrypted rules of the secure signatures table having a hash value equal to the generated search hash value are then decrypted using the generated decryption key. The one or more decrypted secure signature rules are then processed for a match and one or more user notifications are deployed if a match is identified.},

  doi          = {},

  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2014},

  month        = {9}

}

Copy to clipboard

Patent:

Save / Share:

Export Metadata

Save to My Library

Works referenced in this record:

Efficient signature packing for an intrusion detection system
patent, November 2009

Wilhelm, Jeffrey
US Patent Document 7,624,446
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7624446

Detecting public network attacks using signatures and fast content analysis
patent-application, October 2005

Singh, Sumeet; Varghese, George; Estan, Cristi
US Patent Application 10/822226; 20050229254
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20050229254

Prioritizing intrusion detection logs
patent-application, October 2005

Gassoway, Paul A.
US Patent Application 10/832692; 20050240781
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20050240781

Real-time stateful packet inspection method and apparatus
patent-application, December 2007

Yoon, Seung Yong; Oh, Jin Tae; Jang, Jong Soo
US Patent Application 11/633174; 20070297410
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20070297410

Apparatus and Method for High Throughput Network Security Systems
patent-application, March 2008

Tan, Teewoon; Place, Anthony; Williams, Darren
US Patent Application 11/859530; 20080077793
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20080077793

Detection of Heavy Users of Network Resources
patent-application, April 2011

Martin, Cecilia; Huber, John; Wang, Mei
US Patent Application 12/971358; 20110087779
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20110087779

Cloud-Based Gateway Security Scanning
patent-application, July 2013

Dubrovsky, Aleksandr; Cheetancheri, Senthilkumar G.; Yanovsky, Boris
US Patent Application 13/626777; 20130191914
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/20130191914

Works referencing / citing this record:

Detection of privilege escalation vulnerabilities using bag of words
patent, October 2016

Alamuri, Naga Venkata Sunil
US Patent Document 9,467,467
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9467467

Network security using encrypted subfields
patent, March 2016

McGrew, David
US Patent Document 9,288,186
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9288186

Filtering network traffic using protected filtering mechanisms
patent, December 2015

Amoroso, Edward G.; Chandran, Nishanth; Vahlis, Evgene
US Patent Document 9,219,747
URL: https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/9219747

Similar Records in DOE Patents and OSTI.GOV collections:

Systems and methods for intrusion detection using GHz beams

Patent Russell, John L.; Prather, Dennis; Schuetz, Christopher

The present disclosure is directed to systems and methods that use 1 GHz to 1000 GHz sources and sensors to create an intrusion detection array that does not have the physical limitations of an Active IR sensor. The array is created by a plurality of wave sources and sensor pairs that form a plane of wave break beams. The plane detects an intruder as he/she passes through the beams.
Full Text Available
Narrow bandwidth detection of vibration signature using fiber lasers

Patent Moore, Sean; Soh, Daniel B.S.

The various technologies presented herein relate to extracting a portion of each pulse in a series of pulses reflected from a target to facilitate determination of a Doppler-shifted frequency for each pulse and, subsequently, a vibration frequency for the series of pulses. Each pulse can have a square-wave configuration, whereby each pulse can be time-gated to facilitate discarding the leading edge and the trailing edge (and associated non-linear effects) of each pulse and accordingly, capture of the central portion of the pulse from which the Doppler-shifted frequency, and ultimately, the vibration frequency of the target can be determined. Determination ofmore » « less
Full Text Available
Neutron interrogation system using high gamma ray signature to detect contraband special nuclear materials in cargo

Patent Slaughter, Dennis R [Oakland, CA]; Pohl, Bertram A [Berkeley, CA]; Dougan, Arden D [San Ramon, CA]; ...

A system for inspecting cargo for the presence of special nuclear material. The cargo is irradiated with neutrons. The neutrons produce fission products in the special nuclear material which generate gamma rays. The gamma rays are detecting indicating the presence of the special nuclear material.
Full Text Available
In-situ trainable intrusion detection system

Patent Symons, Christopher T.; Beaver, Justin M.; Gillen, Rob; ...

A computer implemented method detects intrusions using a computer by analyzing network traffic. The method includes a semi-supervised learning module connected to a network node. The learning module uses labeled and unlabeled data to train a semi-supervised machine learning sensor. The method records events that include a feature set made up of unauthorized intrusions and benign computer requests. The method identifies at least some of the benign computer requests that occur during the recording of the events while treating the remainder of the data as unlabeled. The method trains the semi-supervised learning module at the network node in-situ, such thatmore » « less
Full Text Available
Intrusion detection apparatus, system and methods

Patent Jenkins, Chris; Roesler, Alexander

Described herein are various technologies for detection and mitigation of rogue terminal attacks on multiplex data buses. An intrusion detection device is incorporated between a bus controller and a bus of a multiplex data bus. The intrusion detection device receives message that are communicated among the bus controller and a plurality of remote terminals (by way of the bus). The intrusion detection device determines whether messages are unauthorized based upon origins of the messages and predefined rules. When a message is determined to be unauthorized, the intrusion detection device outputs a notification that the unauthorized message has been detected andmore » can block the unauthorized message. « less
Full Text Available

Similar Records

Title: Intrusion detection using secure signatures

Abstract

Citation Formats

Efficient signature packing for an intrusion detection system patent, November 2009

Detecting public network attacks using signatures and fast content analysis patent-application, October 2005

Prioritizing intrusion detection logs patent-application, October 2005

Real-time stateful packet inspection method and apparatus patent-application, December 2007

Apparatus and Method for High Throughput Network Security Systems patent-application, March 2008

Detection of Heavy Users of Network Resources patent-application, April 2011

Cloud-Based Gateway Security Scanning patent-application, July 2013

Detection of privilege escalation vulnerabilities using bag of words patent, October 2016

Network security using encrypted subfields patent, March 2016

Filtering network traffic using protected filtering mechanisms patent, December 2015

Efficient signature packing for an intrusion detection system
patent, November 2009

Detecting public network attacks using signatures and fast content analysis
patent-application, October 2005

Prioritizing intrusion detection logs
patent-application, October 2005

Real-time stateful packet inspection method and apparatus
patent-application, December 2007

Apparatus and Method for High Throughput Network Security Systems
patent-application, March 2008

Detection of Heavy Users of Network Resources
patent-application, April 2011

Cloud-Based Gateway Security Scanning
patent-application, July 2013

Detection of privilege escalation vulnerabilities using bag of words
patent, October 2016

Network security using encrypted subfields
patent, March 2016

Filtering network traffic using protected filtering mechanisms
patent, December 2015