专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2005059720A1 METHOD AND APPARATUS FOR MONITORING OPERATION OF PROCESSING SYSTEMS, RELATED NETWORK AND COMPUTER PROGRAM PRODUCT THEREFOR 审中-公开
标题翻译：用于监控处理系统运行的方法和装置，相关网络和计算机程序产品
公开(公告)号：WO2005059720A1
公开(公告)日：2005-06-30
申请号：PCT/EP2003/014385
申请日：2003-12-17
申请人： TELECOM ITALIA S.P.A. , CANGINI, Gianluca , LAMASTRA, Gerardo , CODA ZABETTA, Francesco , ABENI, Paolo , BALTATU, Madalina , D'ALESSANDRO, Rosalia , BRUSOTTI, Stefano , DI PAOLA, Sebastiano , LEONE, Manuel , FROSALI, Federico
发明人： CANGINI, Gianluca , LAMASTRA, Gerardo , CODA ZABETTA, Francesco , ABENI, Paolo , BALTATU, Madalina , D'ALESSANDRO, Rosalia , BRUSOTTI, Stefano , DI PAOLA, Sebastiano , LEONE, Manuel , FROSALI, Federico
IPC分类号： G06F1/00
CPC分类号： G06F21/554 , G06F21/55
摘要： Apparatus for monitoring operation of a processing system (A, B, ... ., X) includes a set of modules (105) for monitoring operation of a set of system primitives that allocate or release the system resources and are used by different processes running on the system. Preferably, the modules include: at least one application knowledge module (105a, 105b) tracking the processes running on the system and monitoring the resources used thereby, a network knowledge module (105c) monitoring connections by the processes running on the system, a file-system analysis module (105d) monitoring the file-related operations performed within the system, and a device monitoring module (105a) monitoring operation of commonly used modules with said system. A preferred field of application is in host-based intrusion detection systems (HIDS).
摘要翻译：用于监视处理系统（A，B，...，X）的操作的装置包括一组模块（105），用于监视分配或释放系统资源并被不同进程使用的一组系统原语的操作在系统上运行优选地，模块包括：至少一个应用知识模块（105a，105b），跟踪在系统上运行的进程并监视由此使用的资源;网络知识模块（105c），通过系统上运行的进程来监视连接;文件 - 系统分析模块（105d），监视在系统内执行的文件相关操作;以及设备监视模块（105a），监视所述系统常用模块的操作。优选的应用领域是基于主机的入侵检测系统（HIDS）。

2. 发明申请

WO2005050414A1 METHOD AND SYSTEM FOR INTRUSION PREVENTION AND DEFLECTION, 审中-公开
标题翻译：侵入和预防的方法和系统，
公开(公告)号：WO2005050414A1
公开(公告)日：2005-06-02
申请号：PCT/EP2003/012090
申请日：2003-10-30
申请人： TELECOM ITALIA S.P.A. , BRUSOTTI, Stefano , CODA ZABETTA, Francesco
发明人： BRUSOTTI, Stefano , CODA ZABETTA, Francesco
IPC分类号： G06F1/00
CPC分类号： H04L63/1408 , H04L43/00 , H04L63/02
摘要： A system for preventing intrusion in communication traffic with a set (130) of machines in a network includes a data base (415) having stored therein patterns representative of forbidden communication entities as well a firewall module (412a) configured for blocking forbidden communication entities in the traffic as identified by respective patterns included in the data base (415). The system further includes another data base (416) having stored therein patterns representative of allowed communication entities for communication with said set of machines (130) and a test system (420) including test facilities (421) replicating the machines in said set (130). A communication module (410) is provided configured for allowing (411b) communication of allowed communication entities as identified by respective patterns included in the other data base (416). Unknown communication entities as identified by respective unknown patterns not included in either of said data base (415) and said further data base (416) are directed (411d) to the test system (420) and run on the test facilities (421) therein to detect possible adverse effects of such unknown communication entities on the test system. The system is further configured so that: i) in the presence of an adverse effect, the unknown communication entity leading to the adverse effect is blocked by the firewall module (412a), and ii) in the absence of an adverse effect, communication of the unknown communication entity failing to lead to said adverse effect is allowed.
摘要翻译：一种用于防止在网络中的一组机器（130）入侵通信业务的系统包括：数据库（415），其中存储有表示禁止通信实体的模式，以及防火墙模块（412a），其被配置为阻止禁止的通信实体由数据库（415）中包括的相应模式识别的业务。该系统还包括另一数据库（416），其中存储有表示允许与所述机器组（130）通信的允许通信实体的模式和包括复制所述组中的机器的测试设备（421）的测试系统（420））。提供通信模块（410），其被配置为允许（411b）通过包括在其他数据库（416）中的各个模式所识别的允许的通信实体的通信。未包括在所述数据库（415）和所述另外的数据库（416）之一中的未知模式识别的未知通信实体被指向（411d）到测试系统（420）并且在其上的测试设施（421）上运行以检测这种未知通信实体对测试系统的可能的不利影响。该系统进一步配置为：i）在存在不利影响的情况下，导致不利影响的未知通信实体被防火墙模块（412a）阻止，以及ii）在没有不利影响的情况下，允许未知的通信实体不能导致所述不利影响。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式