WO2004032445A3 - Rule creation for computer application screening; - Google Patents

Rule creation for computer application screening; Download PDF

Info

Publication number
WO2004032445A3
WO2004032445A3 PCT/CA2003/001507 CA0301507W WO2004032445A3 WO 2004032445 A3 WO2004032445 A3 WO 2004032445A3 CA 0301507 W CA0301507 W CA 0301507W WO 2004032445 A3 WO2004032445 A3 WO 2004032445A3
Authority
WO
WIPO (PCT)
Prior art keywords
application
requests
application layer
layer requests
grouping
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CA2003/001507
Other languages
French (fr)
Other versions
WO2004032445A2 (en
Inventor
Richard Reiner
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US10/530,074 priority Critical patent/US20060104202A1/en
Priority to DE60313987T priority patent/DE60313987T2/en
Priority to CA002500305A priority patent/CA2500305A1/en
Priority to EP03753188A priority patent/EP1547335B1/en
Priority to JP2004540422A priority patent/JP2006501551A/en
Priority to AU2003271479A priority patent/AU2003271479A1/en
Publication of WO2004032445A2 publication Critical patent/WO2004032445A2/en
Publication of WO2004032445A3 publication Critical patent/WO2004032445A3/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/542Event management; Broadcasting; Multicasting; Notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Debugging And Monitoring (AREA)
  • Maintenance And Management Of Digital Transmission (AREA)
  • Information Transfer Between Computers (AREA)
  • Medicines Containing Plant Substances (AREA)

Abstract

To facilitate the creation of rules for screening application layer requests to a computer application, a sample space of application layer requests is grouped according to one or more grouping criteria. Each grouping criterion may be a feature of application layer requests such that each grouping contains application layer requests with a common feature. For example, where the application layer requests follow the hyper-text transport protocol (HTTP), a common feature for some groupings could be a common URI pathname extension. A rule set for an application may be used to expose errors in the application. Test requests are constructed each of which violates at least one of the rules. The test requests are passed to the application to see whether the application throws the expected exceptions.
PCT/CA2003/001507 2002-10-02 2003-10-01 Rule creation for computer application screening; Ceased WO2004032445A2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US10/530,074 US20060104202A1 (en) 2002-10-02 2003-10-01 Rule creation for computer application screening; application error testing
DE60313987T DE60313987T2 (en) 2002-10-02 2003-10-01 PREPARATION OF RULES FOR FILTERING COMPUTER APPLICATIONS
CA002500305A CA2500305A1 (en) 2002-10-02 2003-10-01 Rule creation for computer application screening; application error testing
EP03753188A EP1547335B1 (en) 2002-10-02 2003-10-01 Rule creation for computer application screening
JP2004540422A JP2006501551A (en) 2002-10-02 2003-10-01 Rule creation for computer application screening;
AU2003271479A AU2003271479A1 (en) 2002-10-02 2003-10-01 Rule creation for computer application screening;

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US41520202P 2002-10-02 2002-10-02
US60/415,202 2002-10-02

Publications (2)

Publication Number Publication Date
WO2004032445A2 WO2004032445A2 (en) 2004-04-15
WO2004032445A3 true WO2004032445A3 (en) 2004-06-24

Family

ID=32069827

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2003/001507 Ceased WO2004032445A2 (en) 2002-10-02 2003-10-01 Rule creation for computer application screening;

Country Status (8)

Country Link
US (1) US20060104202A1 (en)
EP (1) EP1547335B1 (en)
JP (1) JP2006501551A (en)
AT (1) ATE363174T1 (en)
AU (1) AU2003271479A1 (en)
CA (1) CA2500305A1 (en)
DE (1) DE60313987T2 (en)
WO (1) WO2004032445A2 (en)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7222121B2 (en) * 2002-11-21 2007-05-22 Hewlett-Packard Development Company, L.P. Platform and method for monitoring and analyzing data
EP1839188B1 (en) * 2004-12-22 2018-08-29 Wake Forest University Method, systems, and computer program products for implementing function-parallel network firewall
US8042167B2 (en) * 2005-03-28 2011-10-18 Wake Forest University Methods, systems, and computer program products for network firewall policy optimization
JP4940791B2 (en) * 2006-07-04 2012-05-30 富士通株式会社 Test support program, test support apparatus, and test support method
US8935380B2 (en) * 2006-09-22 2015-01-13 Oracle America, Inc. Automated product knowledge catalog
US20090099427A1 (en) * 2007-10-12 2009-04-16 Arkal Medical, Inc. Microneedle array with diverse needle configurations
CN101877696B (en) * 2009-04-30 2014-01-08 国际商业机器公司 Equipment and method for reconfiguring false response messages under network application environment
US8495725B2 (en) 2009-08-28 2013-07-23 Great Wall Systems Methods, systems, and computer readable media for adaptive packet filtering
US12563103B2 (en) 2012-10-22 2026-02-24 Centripetal Networks, Llc Methods and systems for protecting a secured network
US9137205B2 (en) 2012-10-22 2015-09-15 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9565213B2 (en) 2012-10-22 2017-02-07 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9203806B2 (en) 2013-01-11 2015-12-01 Centripetal Networks, Inc. Rule swapping in a packet network
US9124552B2 (en) 2013-03-12 2015-09-01 Centripetal Networks, Inc. Filtering network data transfers
US9094445B2 (en) 2013-03-15 2015-07-28 Centripetal Networks, Inc. Protecting networks from cyber attacks and overloading
US9009832B2 (en) 2013-04-22 2015-04-14 Imperva, Inc. Community-based defense through automatic generation of attribute values for rules of web application layer attack detectors
US9264370B1 (en) 2015-02-10 2016-02-16 Centripetal Networks, Inc. Correlating packets in communications networks
US9866576B2 (en) 2015-04-17 2018-01-09 Centripetal Networks, Inc. Rule-based network-threat detection
US9917856B2 (en) 2015-12-23 2018-03-13 Centripetal Networks, Inc. Rule-based network-threat detection for encrypted communications
US11729144B2 (en) 2016-01-04 2023-08-15 Centripetal Networks, Llc Efficient packet capture for cyber threat analysis
US10503899B2 (en) 2017-07-10 2019-12-10 Centripetal Networks, Inc. Cyberanalysis workflow acceleration
US11233777B2 (en) 2017-07-24 2022-01-25 Centripetal Networks, Inc. Efficient SSL/TLS proxy
US10284526B2 (en) 2017-07-24 2019-05-07 Centripetal Networks, Inc. Efficient SSL/TLS proxy
US10333898B1 (en) 2018-07-09 2019-06-25 Centripetal Networks, Inc. Methods and systems for efficient network protection
CN109450731A (en) * 2018-11-09 2019-03-08 中国科学院长春光学精密机械与物理研究所 A kind of test data generating method of application layer communication protocol
US11362996B2 (en) 2020-10-27 2022-06-14 Centripetal Networks, Inc. Methods and systems for efficient adaptive logging of cyber threat incidents
US11159546B1 (en) 2021-04-20 2021-10-26 Centripetal Networks, Inc. Methods and systems for efficient threat context-aware packet filtering for network protection

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6009475A (en) * 1996-12-23 1999-12-28 International Business Machines Corporation Filter rule validation and administration for firewalls
US6173440B1 (en) * 1998-05-27 2001-01-09 Mcdonnell Douglas Corporation Method and apparatus for debugging, verifying and validating computer software
US6311278B1 (en) * 1998-09-09 2001-10-30 Sanctum Ltd. Method and system for extracting application protocol characteristics
GB2365668A (en) * 2000-04-13 2002-02-20 Ibm Network data packet classification and demultiplexing
US20020093527A1 (en) * 2000-06-16 2002-07-18 Sherlock Kieran G. User interface for a security policy system and method
WO2003058450A1 (en) * 2001-12-31 2003-07-17 Sanctum Inc. Method and system for dynamic refinement of security policies

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5828846A (en) * 1995-11-22 1998-10-27 Raptor Systems, Inc. Controlling passage of packets or messages via a virtual connection or flow
US6591299B2 (en) * 1997-11-25 2003-07-08 Packeteer, Inc. Method for automatically classifying traffic with enhanced hierarchy in a packet communications network
US6871284B2 (en) * 2000-01-07 2005-03-22 Securify, Inc. Credential/condition assertion verification optimization
US7032072B1 (en) * 2001-12-31 2006-04-18 Packeteer, Inc. Method and apparatus for fast lookup of related classification entities in a tree-ordered classification hierarchy

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6009475A (en) * 1996-12-23 1999-12-28 International Business Machines Corporation Filter rule validation and administration for firewalls
US6173440B1 (en) * 1998-05-27 2001-01-09 Mcdonnell Douglas Corporation Method and apparatus for debugging, verifying and validating computer software
US6311278B1 (en) * 1998-09-09 2001-10-30 Sanctum Ltd. Method and system for extracting application protocol characteristics
GB2365668A (en) * 2000-04-13 2002-02-20 Ibm Network data packet classification and demultiplexing
US20020093527A1 (en) * 2000-06-16 2002-07-18 Sherlock Kieran G. User interface for a security policy system and method
WO2003058450A1 (en) * 2001-12-31 2003-07-17 Sanctum Inc. Method and system for dynamic refinement of security policies

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
KROPP N P ET AL: "Automated robustness testing of off-the-shelf software components", FAULT-TOLERANT COMPUTING, 1998. DIGEST OF PAPERS. TWENTY-EIGHTH ANNUAL INTERNATIONAL SYMPOSIUM ON MUNICH, GERMANY 23-25 JUNE 1998, LOS ALAMITOS, CA, USA,IEEE COMPUT. SOC, US, 23 June 1998 (1998-06-23), pages 230 - 239, XP010291290, ISBN: 0-8186-8470-4 *

Also Published As

Publication number Publication date
DE60313987D1 (en) 2007-07-05
EP1547335B1 (en) 2007-05-23
ATE363174T1 (en) 2007-06-15
AU2003271479A1 (en) 2004-04-23
AU2003271479A8 (en) 2004-04-23
US20060104202A1 (en) 2006-05-18
DE60313987T2 (en) 2008-01-24
EP1547335A2 (en) 2005-06-29
WO2004032445A2 (en) 2004-04-15
CA2500305A1 (en) 2004-04-15
JP2006501551A (en) 2006-01-12

Similar Documents

Publication Publication Date Title
WO2004032445A3 (en) Rule creation for computer application screening;
Powell et al. The Swift/BAT AGN spectroscopic survey. IX. The clustering environments of an unbiased sample of local AGNs
Bergmann et al. Host plant use by the invasive Halyomorpha halys (Stål) on woody ornamental trees and shrubs
WO2006094151A3 (en) Query-less searching
Mouillot et al. The challenge of delineating biogeographical regions: nestedness matters for Indo‐Pacific coral reef fishes
WO2005086906A3 (en) Dependency graph parameter scoping
ATE436051T1 (en) DISTRIBUTION OF MOVEABLE SERVICES IN MIDDLEWARE FOR SMART ELEMENTS
WO2007014341A3 (en) Patent mapping
WO2005031806A3 (en) Detector with tunable spectral response
WO2007136522A3 (en) Automated processing of electronic log book pilot reports for ground-based fault processing
WO2005094207A3 (en) System and method for efficient evaluation of a query that invokes a table valued function
WO2005084240A3 (en) Method and system for providing links to resources related to a specified resource
Raia et al. One size does not fit all: no evidence for an optimal body size on islands
Aye Bazaar Malay: History, grammar and contact
WO2003027895A3 (en) Character string conversion
WO2007061975A3 (en) Dynamically editable electronic product catalogs
WO2007027595A3 (en) System and method for performing deterministic processing
RU2007144711A (en) METHOD AND ELECTRONIC DEVICE FOR DETERMINING THE CHARACTERISTICS OF THE CONTENT ELEMENT
Molina‐Venegas et al. Should we be concerned about incomplete taxon sampling when assessing the evolutionary history of regional biotas?
WO2007059074A3 (en) Dynamic definition for concurrent computing environments
WO2006089838A3 (en) Method and computer unit for determining computer service names
Carretta et al. A sequence of nitrogen-rich very red giants in the globular cluster NGC 1851
Beh et al. A novel spectral subtraction scheme for robust speech recogniton: Spectral subtraction using spectral harmonics of speech
Pommier et al. Modelling the distribution of the variability of Maritime Pine for wooden sawn timber and finger jointing
TW200705893A (en) Method for enablement for offloading functions in a single lan adapter

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2500305

Country of ref document: CA

ENP Entry into the national phase

Ref document number: 2006104202

Country of ref document: US

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2004540422

Country of ref document: JP

Ref document number: 10530074

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: 2003753188

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2003753188

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 10530074

Country of ref document: US

WWG Wipo information: grant in national office

Ref document number: 2003753188

Country of ref document: EP