ATE322790T1 - Ueberwachung des datenflusses zur verbesserung des netzwerksicherheitsschutzes - Google Patents
Ueberwachung des datenflusses zur verbesserung des netzwerksicherheitsschutzesInfo
- Publication number
- ATE322790T1 ATE322790T1 AT02396004T AT02396004T ATE322790T1 AT E322790 T1 ATE322790 T1 AT E322790T1 AT 02396004 T AT02396004 T AT 02396004T AT 02396004 T AT02396004 T AT 02396004T AT E322790 T1 ATE322790 T1 AT E322790T1
- Authority
- AT
- Austria
- Prior art keywords
- client
- data stream
- response
- server
- data flow
- Prior art date
Links
- 238000012544 monitoring process Methods 0.000 title abstract 4
- 230000002708 enhancing effect Effects 0.000 abstract 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0254—Stateful filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Communication Control (AREA)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP02396004A EP1330095B1 (de) | 2002-01-18 | 2002-01-18 | Ueberwachung des Datenflusses zur Verbesserung des Netzwerksicherheitsschutzes |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ATE322790T1 true ATE322790T1 (de) | 2006-04-15 |
Family
ID=8185777
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AT02396004T ATE322790T1 (de) | 2002-01-18 | 2002-01-18 | Ueberwachung des datenflusses zur verbesserung des netzwerksicherheitsschutzes |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US7302480B2 (de) |
| EP (1) | EP1330095B1 (de) |
| AT (1) | ATE322790T1 (de) |
| DE (1) | DE60210408T2 (de) |
Families Citing this family (74)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7350203B2 (en) * | 2002-07-23 | 2008-03-25 | Alfred Jahn | Network security software |
| EP1614255B1 (de) * | 2003-04-04 | 2014-09-03 | CA, Inc. | Verfahren und system zur verwaltung und konfiguration von fernagenten |
| US7809608B2 (en) * | 2003-07-25 | 2010-10-05 | Peter Kassan | System and method to prevent termination of on-line transactions |
| US7225148B2 (en) * | 2003-07-25 | 2007-05-29 | Peter Kassan | E-commerce shopping cart |
| WO2005015370A1 (en) * | 2003-08-11 | 2005-02-17 | Telecom Italia S.P.A. | Method and system for detecting unauthorised use of a communication network |
| US7457870B1 (en) * | 2004-02-27 | 2008-11-25 | Packeteer, Inc. | Methods, apparatuses and systems facilitating classification of web services network traffic |
| US7774456B1 (en) * | 2004-02-27 | 2010-08-10 | Packeteer, Inc. | Methods, apparatuses and systems facilitating classification of web services network traffic |
| US8782405B2 (en) * | 2004-03-18 | 2014-07-15 | International Business Machines Corporation | Providing transaction-level security |
| US7571181B2 (en) * | 2004-04-05 | 2009-08-04 | Hewlett-Packard Development Company, L.P. | Network usage analysis system and method for detecting network congestion |
| US20050234920A1 (en) * | 2004-04-05 | 2005-10-20 | Lee Rhodes | System, computer-usable medium and method for monitoring network activity |
| US20050228984A1 (en) * | 2004-04-07 | 2005-10-13 | Microsoft Corporation | Web service gateway filtering |
| US7422152B2 (en) | 2004-05-13 | 2008-09-09 | Cisco Technology, Inc. | Methods and devices for providing scalable RFID networks |
| US7827233B1 (en) * | 2004-07-16 | 2010-11-02 | Syniverse Icx Corporation | Method and apparatus for an end-to-end send-to framework |
| US8458467B2 (en) | 2005-06-21 | 2013-06-04 | Cisco Technology, Inc. | Method and apparatus for adaptive application message payload content transformation in a network infrastructure element |
| US7664879B2 (en) | 2004-11-23 | 2010-02-16 | Cisco Technology, Inc. | Caching content and state data at a network element |
| US7987272B2 (en) * | 2004-12-06 | 2011-07-26 | Cisco Technology, Inc. | Performing message payload processing functions in a network element on behalf of an application |
| US7725934B2 (en) * | 2004-12-07 | 2010-05-25 | Cisco Technology, Inc. | Network and application attack protection based on application layer message inspection |
| US8082304B2 (en) * | 2004-12-10 | 2011-12-20 | Cisco Technology, Inc. | Guaranteed delivery of application layer messages by a network element |
| US7606267B2 (en) * | 2004-12-10 | 2009-10-20 | Cisco Technology, Inc. | Reducing the sizes of application layer messages in a network element |
| US7698416B2 (en) * | 2005-01-25 | 2010-04-13 | Cisco Technology, Inc. | Application layer message-based server failover management by a network element |
| ATE485552T1 (de) | 2005-03-24 | 2010-11-15 | Ibm | Erkennung von netzwerkangriffen |
| IES20050376A2 (en) * | 2005-06-03 | 2006-08-09 | Asavie R & D Ltd | Secure network communication system and method |
| US8266327B2 (en) * | 2005-06-21 | 2012-09-11 | Cisco Technology, Inc. | Identity brokering in a network element |
| US7345585B2 (en) | 2005-08-01 | 2008-03-18 | Cisco Technology, Inc. | Network based device for providing RFID middleware functionality |
| US8104077B1 (en) * | 2006-01-03 | 2012-01-24 | Symantec Corporation | System and method for adaptive end-point compliance |
| CN101390369B (zh) * | 2006-02-28 | 2012-11-14 | 国际商业机器公司 | 点对点通信的检测和控制 |
| CN101039314B (zh) * | 2006-03-16 | 2012-02-22 | 华为技术有限公司 | 一种在演进接入网络中实现安全性保证的方法 |
| US7773540B1 (en) * | 2006-06-01 | 2010-08-10 | Bbn Technologies Corp. | Methods, system and apparatus preventing network and device identification |
| US7797406B2 (en) * | 2006-07-27 | 2010-09-14 | Cisco Technology, Inc. | Applying quality of service to application messages in network elements based on roles and status |
| US7783713B2 (en) * | 2006-10-20 | 2010-08-24 | Syniverse Icx Corporation | Method and apparatus for response enabled messaging |
| US8079076B2 (en) | 2006-11-02 | 2011-12-13 | Cisco Technology, Inc. | Detecting stolen authentication cookie attacks |
| GB0707839D0 (en) * | 2007-04-21 | 2007-05-30 | Johnston Michael | SAR initiation |
| US8291495B1 (en) * | 2007-08-08 | 2012-10-16 | Juniper Networks, Inc. | Identifying applications for intrusion detection systems |
| US8112800B1 (en) | 2007-11-08 | 2012-02-07 | Juniper Networks, Inc. | Multi-layered application classification and decoding |
| US8391164B2 (en) | 2008-01-02 | 2013-03-05 | At&T Intellectual Property I, L.P. | Computing time-decayed aggregates in data streams |
| US8484269B2 (en) | 2008-01-02 | 2013-07-09 | At&T Intellectual Property I, L.P. | Computing time-decayed aggregates under smooth decay functions |
| US7433960B1 (en) * | 2008-01-04 | 2008-10-07 | International Business Machines Corporation | Systems, methods and computer products for profile based identity verification over the internet |
| US7817636B2 (en) * | 2008-01-30 | 2010-10-19 | Cisco Technology, Inc. | Obtaining information on forwarding decisions for a packet flow |
| US8055587B2 (en) * | 2008-06-03 | 2011-11-08 | International Business Machines Corporation | Man in the middle computer technique |
| US8356345B2 (en) * | 2008-06-03 | 2013-01-15 | International Business Machines Corporation | Constructing a secure internet transaction |
| US8055767B1 (en) * | 2008-07-15 | 2011-11-08 | Zscaler, Inc. | Proxy communication string data |
| US8244799B1 (en) | 2008-07-21 | 2012-08-14 | Aol Inc. | Client application fingerprinting based on analysis of client requests |
| US8560741B2 (en) | 2008-09-22 | 2013-10-15 | Synopsys, Inc. | Data processing system comprising a monitor |
| US8572717B2 (en) | 2008-10-09 | 2013-10-29 | Juniper Networks, Inc. | Dynamic access control policy with port restrictions for a network security appliance |
| WO2010088550A2 (en) * | 2009-01-29 | 2010-08-05 | Breach Security, Inc. | A method and apparatus for excessive access rate detection |
| US9398043B1 (en) | 2009-03-24 | 2016-07-19 | Juniper Networks, Inc. | Applying fine-grain policy action to encapsulated network attacks |
| CN101877696B (zh) * | 2009-04-30 | 2014-01-08 | 国际商业机器公司 | 在网络应用环境下重构错误响应信息的设备和方法 |
| US8347100B1 (en) | 2010-07-14 | 2013-01-01 | F5 Networks, Inc. | Methods for DNSSEC proxying and deployment amelioration and systems thereof |
| US8484740B2 (en) | 2010-09-08 | 2013-07-09 | At&T Intellectual Property I, L.P. | Prioritizing malicious website detection |
| US9712592B2 (en) * | 2011-04-21 | 2017-07-18 | Arris Enterprises, Inc. | Classification of HTTP multimedia traffic per session |
| CN102281298A (zh) * | 2011-08-10 | 2011-12-14 | 深信服网络科技(深圳)有限公司 | 检测和防御cc攻击的方法及装置 |
| CN103999071B (zh) * | 2011-11-02 | 2018-04-17 | 阿卡麦科技公司 | 在边缘网络服务器中的多域配置处理 |
| CN103166942B (zh) * | 2011-12-19 | 2016-08-03 | 中国科学院软件研究所 | 一种恶意代码的网络协议解析方法 |
| US9270766B2 (en) | 2011-12-30 | 2016-02-23 | F5 Networks, Inc. | Methods for identifying network traffic characteristics to correlate and manage one or more subsequent flows and devices thereof |
| US8938796B2 (en) | 2012-09-20 | 2015-01-20 | Paul Case, SR. | Case secure computer architecture |
| CN102904940A (zh) * | 2012-09-27 | 2013-01-30 | 杭州迪普科技有限公司 | 一种Web服务器识别的方法及装置 |
| WO2014134538A1 (en) * | 2013-02-28 | 2014-09-04 | Xaptum, Inc. | Systems, methods, and devices for adaptive communication in a data communication network |
| CN104468655B (zh) * | 2013-09-18 | 2018-04-03 | 阿里巴巴集团控股有限公司 | 对反向代理软件进行测试的方法及系统 |
| US9971714B2 (en) * | 2015-05-05 | 2018-05-15 | Oath Inc. | Device interfacing |
| US10375026B2 (en) * | 2015-10-28 | 2019-08-06 | Shape Security, Inc. | Web transaction status tracking |
| US10075416B2 (en) | 2015-12-30 | 2018-09-11 | Juniper Networks, Inc. | Network session data sharing |
| US10797888B1 (en) | 2016-01-20 | 2020-10-06 | F5 Networks, Inc. | Methods for secured SCEP enrollment for client devices and devices thereof |
| US10686834B1 (en) * | 2017-02-23 | 2020-06-16 | Amazon Technologies, Inc. | Inert parameters for detection of malicious activity |
| US11057352B2 (en) | 2018-02-28 | 2021-07-06 | Xaptum, Inc. | Communication system and method for machine data routing |
| US10965653B2 (en) | 2018-03-28 | 2021-03-30 | Xaptum, Inc. | Scalable and secure message brokering approach in a communication system |
| US10805439B2 (en) | 2018-04-30 | 2020-10-13 | Xaptum, Inc. | Communicating data messages utilizing a proprietary network |
| US10924593B2 (en) | 2018-08-31 | 2021-02-16 | Xaptum, Inc. | Virtualization with distributed adaptive message brokering |
| US10938877B2 (en) | 2018-11-30 | 2021-03-02 | Xaptum, Inc. | Optimizing data transmission parameters of a proprietary network |
| US11218506B2 (en) * | 2018-12-17 | 2022-01-04 | Microsoft Technology Licensing, Llc | Session maturity model with trusted sources |
| US11057501B2 (en) * | 2018-12-31 | 2021-07-06 | Fortinet, Inc. | Increasing throughput density of TCP traffic on a hybrid data network having both wired and wireless connections by modifying TCP layer behavior over the wireless connection while maintaining TCP protocol |
| US10912053B2 (en) | 2019-01-31 | 2021-02-02 | Xaptum, Inc. | Enforcing geographic restrictions for multitenant overlay networks |
| US11765618B2 (en) * | 2020-03-20 | 2023-09-19 | Nokia Technologies Oy | Wireless communication system |
| CN113067878A (zh) * | 2021-03-26 | 2021-07-02 | 深圳前海微众银行股份有限公司 | 信息采集方法、装置、设备、介质及程序产品 |
| US12587455B2 (en) * | 2021-10-29 | 2026-03-24 | Ruckus Ip Holdings Llc | Methods, systems, and devices for analyzing network performance |
Family Cites Families (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5963915A (en) * | 1996-02-21 | 1999-10-05 | Infoseek Corporation | Secure, convenient and efficient system and method of performing trans-internet purchase transactions |
| US5875296A (en) * | 1997-01-28 | 1999-02-23 | International Business Machines Corporation | Distributed file system web server user authentication with cookies |
| US6101482A (en) * | 1997-09-15 | 2000-08-08 | International Business Machines Corporation | Universal web shopping cart and method of on-line transaction processing |
| US6233618B1 (en) * | 1998-03-31 | 2001-05-15 | Content Advisor, Inc. | Access control of networked data |
| US6311269B2 (en) * | 1998-06-15 | 2001-10-30 | Lockheed Martin Corporation | Trusted services broker for web page fine-grained security labeling |
| US6496824B1 (en) * | 1999-02-19 | 2002-12-17 | Saar Wilf | Session management over a stateless protocol |
| US6374359B1 (en) * | 1998-11-19 | 2002-04-16 | International Business Machines Corporation | Dynamic use and validation of HTTP cookies for authentication |
| US6985953B1 (en) * | 1998-11-30 | 2006-01-10 | George Mason University | System and apparatus for storage and transfer of secure data on web |
| US6754831B2 (en) * | 1998-12-01 | 2004-06-22 | Sun Microsystems, Inc. | Authenticated firewall tunneling framework |
| US6529952B1 (en) * | 1999-04-02 | 2003-03-04 | Nielsen Media Research, Inc. | Method and system for the collection of cookies and other information from a panel |
| US6466983B1 (en) * | 1999-09-30 | 2002-10-15 | Steven Paul Strazza | Systems and methods for controlling access to data maintained in a repository |
| US6510464B1 (en) * | 1999-12-14 | 2003-01-21 | Verizon Corporate Services Group Inc. | Secure gateway having routing feature |
| EP1146712A1 (de) * | 2000-04-10 | 2001-10-17 | BRITISH TELECOMMUNICATIONS public limited company | Authentifizierungs in einem Telecommunikationssystem |
| AU2001269774A1 (en) * | 2000-06-26 | 2002-01-08 | Intel Corporation | Establishing network security using internet protocol security policies |
| US7162649B1 (en) * | 2000-06-30 | 2007-01-09 | Internet Security Systems, Inc. | Method and apparatus for network assessment and authentication |
| WO2001044904A2 (en) * | 2000-08-21 | 2001-06-21 | Authoriszor Limited | System and method for providing security for a network site |
| US7568227B2 (en) * | 2000-09-28 | 2009-07-28 | Symantec Corporation | System and method for analyzing protocol streams for a security-related event |
| DE60124295T8 (de) * | 2000-11-30 | 2007-12-06 | Lancope, Inc. | Flussbasierte erfassung eines eindringens in ein netzwerk |
| US20020065912A1 (en) * | 2000-11-30 | 2002-05-30 | Catchpole Lawrence W. | Web session collaboration |
| US20020133586A1 (en) * | 2001-01-16 | 2002-09-19 | Carter Shanklin | Method and device for monitoring data traffic and preventing unauthorized access to a network |
| US20020143963A1 (en) * | 2001-03-15 | 2002-10-03 | International Business Machines Corporation | Web server intrusion detection method and apparatus |
| US6996841B2 (en) * | 2001-04-19 | 2006-02-07 | Microsoft Corporation | Negotiating secure connections through a proxy server |
| US6961759B2 (en) * | 2001-09-24 | 2005-11-01 | International Business Machines Corporation | Method and system for remotely managing persistent state data |
| US20030074432A1 (en) * | 2001-09-26 | 2003-04-17 | Mazzitelli John Joseph | State data management method and system |
-
2002
- 2002-01-18 AT AT02396004T patent/ATE322790T1/de not_active IP Right Cessation
- 2002-01-18 EP EP02396004A patent/EP1330095B1/de not_active Expired - Lifetime
- 2002-01-18 DE DE60210408T patent/DE60210408T2/de not_active Expired - Lifetime
-
2003
- 2003-01-16 US US10/345,803 patent/US7302480B2/en not_active Expired - Lifetime
Also Published As
| Publication number | Publication date |
|---|---|
| DE60210408T2 (de) | 2006-10-19 |
| US7302480B2 (en) | 2007-11-27 |
| DE60210408D1 (de) | 2006-05-18 |
| EP1330095B1 (de) | 2006-04-05 |
| EP1330095A1 (de) | 2003-07-23 |
| US20030140140A1 (en) | 2003-07-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| DE60210408D1 (de) | Ueberwachung des Datenflusses zur Verbesserung des Netzwerksicherheitsschutzes | |
| US8751787B2 (en) | Method and device for integrating multiple threat security services | |
| CN106936667B (zh) | 一种基于应用程序流量分布式分析的主机实时识别方法 | |
| WO2006057772B1 (en) | Method and system for including network security information in a frame | |
| CN112468520B (zh) | 一种数据检测方法、装置、设备及可读存储介质 | |
| CN101686239B (zh) | 一种木马发现系统 | |
| WO2004068314A3 (en) | Method and device for the classification and redirection of data packets in a heterogeneous network | |
| WO2007106639A2 (en) | Method and system for obviating redundant actions in a network | |
| JP2003525557A (ja) | 迅速なパケット・フィルタリング及びパケット・プロセシングのためのシステム、デバイス及び方法 | |
| CN106576051B (zh) | 一种检测零日威胁的方法、网络设备、非暂态机器可读介质 | |
| US20060198313A1 (en) | Method and device for detecting and blocking unauthorized access | |
| CN110958233A (zh) | 一种基于深度学习的加密型恶意流量检测系统和方法 | |
| US9444830B2 (en) | Web server/web application server security management apparatus and method | |
| US8051484B2 (en) | Method and security system for indentifying and blocking web attacks by enforcing read-only parameters | |
| CN104135490A (zh) | 入侵检测系统分析方法和入侵检测系统 | |
| CN107968791A (zh) | 一种攻击报文的检测方法及装置 | |
| CN116346434A (zh) | 电力系统网络攻击行为监测准确度提升方法及系统 | |
| CN114866310A (zh) | 一种恶意加密流量检测方法、终端设备及存储介质 | |
| CN117955745A (zh) | 融合网络流量特征和威胁情报的网络攻击同源性分析方法 | |
| FR2879388B1 (fr) | Procede de transmission securisee, systeme, pare-feu et routeur le mettant en oeuvre | |
| KR20170073289A (ko) | 방화벽 장치 및 그의 구동방법 | |
| CN101296224B (zh) | 一种p2p流量识别系统和方法 | |
| CN114866258A (zh) | 一种访问关系的建立方法、装置、电子设备及存储介质 | |
| CN110958225B (zh) | 基于流量识别网站指纹的方法 | |
| CN106453598A (zh) | 一种基于http协议的代理扫描方法 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| RER | Ceased as to paragraph 5 lit. 3 law introducing patent treaties |