Invention Grant
- Patent Title: Method and system for classifying a protocol message in a data communication network
-
Application No.: US14234669Application Date: 2012-07-26
-
Publication No.: US09628497B2Publication Date: 2017-04-18
- Inventor: Emmanuele Zambon
- Applicant: Emmanuele Zambon
- Applicant Address: NL Enschede
- Assignee: Security Matters B.V.
- Current Assignee: Security Matters B.V.
- Current Assignee Address: NL Enschede
- Priority: NL2007180 20110726
- International Application: PCT/NL2012/050537 WO 20120726
- International Announcement: WO2013/015691 WO 20130131
- Main IPC: G06F15/18
- IPC: G06F15/18 ; H04L29/06 ; G06F21/50 ; G06N99/00
Abstract:
An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.
Public/Granted literature
- US20140297572A1 METHOD AND SYSTEM FOR CLASSIFYING A PROTOCOL MESSAGE IN A DATA COMMUNICATION NETWORK Public/Granted day:2014-10-02
Information query
