Ground | Reference | Owner of the Reference | Title | Semantic Mapping | Basis | Anticipation | Challenged Claims | |||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | 2 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | ||||||||
1 | 1997 INTERNATIONAL SYMPOSIUM ON LOW POWER ELECTRONICS AND DESIGN, PROCEEDINGS. : 173-177 1997 (Dong, 1997) | University of California, Los Angeles (UCLA) | Low Power Signal Processing Architectures For Network Microsensors | ▪ incoming traffic ≈ measurement system ▪ communication protocol ≈ parallel data | X | X | X | |||||||||||||||||||
2 | UNATTENDED GROUND SENSOR TECHNOLOGIES AND APPLICATIONS IV. 4743: 327-337 2002 (Merrill, 2002) | Sensoria Corporation | Open Standard Development Platforms For Distributed Sensor Networks | ▪ wireless network ≈ wireless network ▪ transmitting unit, transmitting original data frames ≈ sensor network ▪ wireless channels ≈ data rate | X | X | X | X | X | X | ||||||||||||||||
3 | USENIX ASSOCIATION PROCEEDINGS OF THE FIFTH SYMPOSIUM ON OPERATING SYSTEMS DESIGN AND IMPLEMENTATION. : 147-163 2002 (Elson, 2002) | University of California, Los Angeles (UCLA) | Fine-grained Network Time Synchronization Using Reference Broadcasts | ▪ transmitting unit, transmitting original data frames ≈ sensor network ▪ intrusion detection module incoming data frames ≈ explicit time ▪ first receiving, first receiving unit ≈ algorithm t ▪ original data ≈ data fusion | X | X | X | X | X | X | X | |||||||||||||||
4 | UNATTENDED GROUND SENSOR TECHNOLOGIES AND APPLICATIONS. 3713: 229-237 1999 (Clare, 1999) | Rockwell Science Center | Self-organizing Distributed Sensor Networks | ▪ wireless communication ≈ wireless communication ▪ transmitting unit, transmitting original data frames ≈ sensor network ▪ transmission channels ≈ end user | X | X | X | X | X | |||||||||||||||||
5 | SENSORS, C31, INFORMATION, AND TRAINING TECHNOLOGIES FOR LAW ENFORCEMENT. 3577: 86-95 1999 (Pottie, 1999) | University of California, Los Angeles (UCLA) | Wireless Integrated Network Sensors: Towards Low Cost And Robust Self-organizing Security Networks | ▪ wireless communication ≈ wireless communication ▪ step d ≈ formation process | X | X | ||||||||||||||||||||
6 | 1998 INTERNATIONAL SYMPOSIUM ON LOW POWER ELECTRONICS AND DESIGN - PROCEEDINGS. : 11-15 1998 (Lin, 1998) | University of California, Los Angeles (UCLA) | CMOS Front End Components For Micropower RF Wireless Systems | ▪ wireless interface ≈ wireless interface ▪ incoming data frames, second receiving unit ≈ power dissipation ▪ data frames ≈ low power level ▪ original data, original data frames ≈ Design method ▪ step b, step d ≈ including a | X | X | X | X | X | X | X | X | X | X | X | |||||||||||
7 | ISCAS 97 - PROCEEDINGS OF 1997 IEEE INTERNATIONAL SYMPOSIUM ON CIRCUITS AND SYSTEMS, VOLS I - IV. : 2817-2820 1997 (Asada, 1997) | University of California, Los Angeles (UCLA) | Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors | ▪ incoming data, incoming traffic ≈ recent advances ▪ transmitting unit, transmitting original data frames ≈ sensor network | X | X | X | X | X | X | X | X | ||||||||||||||
8 | UNATTENDED GROUND SENSOR TECHNOLOGIES AND APPLICATIONS. 3713: 257-268 1999 (Agre, 1999) | Rockwell Science Center | Development Platform For Self-organizing Wireless Sensor Networks | ▪ wireless communication ≈ wireless communication ▪ wireless interface ≈ development platform ▪ transmitting unit, transmitting original data frames ≈ sensor network ▪ transmission channels ≈ end user | X | X | X | X | X | X | ||||||||||||||||
9 | WIRELESS NETWORKS. 9 (5): 545-556 SEP 2003 (Zhang, 2003) | HRL Laboratories, LLC (formerly Hughes Research Laboratories), Georgia Institute of Technology | Intrusion Detection Techniques For Mobile Wireless Networks | ▪ intrusion attack ≈ intrusion detection ▪ incoming data frames ≈ wireless networks | X | X | X | X | X | X | X | X | X | |||||||||||||
10 | COMPUTER COMMUNICATIONS. 25 (15): 1356-1365 SEP 15 2002 (Verwoerd, 2002) | University of Canterbury (UC). Christchurch, New Zealand | Intrusion Detection Techniques And Approaches | ▪ step b, step d ≈ including a ▪ wireless channels ≈ Such method | X | |||||||||||||||||||||
11 | IEEE WIRELESS COMMUNICATIONS. 9 (6): 44-51 DEC 2002 (Arbaugh, 2002) | University of Maryland, Hewlett Packard Labs | Your 802.11 Wireless Network Has No Clothes | ▪ incoming data frames ≈ wireless networks ▪ wireless network technology ≈ access points ▪ transmission channels ≈ end user | X | X | X | X | X | X | X | X | X | |||||||||||||
12 | LCN 2001: 26TH ANNUAL IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS, PROCEEDINGS. : 454-463 2001 (Schmid, 2001) | Lancaster University | An Access Control Architecture For Microcellular Wireless IPv6 Networks | ▪ impersonation detection system, impersonation detection signal ≈ access control mechanism, dependent manner ▪ incoming data frames ≈ wireless networks | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
13 | US20030041244A1 (Levente Buttyan, 2003) | (Original Assignee) Swisscom Mobile AG (Current Assignee) Bin 2020 Series 550 Of Allied Security Trust I | Method for securing communications between a terminal and an additional user equipment | ▪ step a, step b ≈ following steps, including a ▪ data processing unit ≈ short distance | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches secured communications channels over the telecommunications network in paragraph… ▪ discloses a query from the network operator to the user in which said query is intended to be a form of ensuring the… ▪ discloses computers as above but does not discuss the recited security techniques… ▪ teaches that the following security improvements were known techniques and a person of ordinary skill in the art would… | X | X | ||||||||||||||||||
14 | US20030217289A1 (Ken Ammon, 2003) | (Original Assignee) Network Security Technologies Inc (Current Assignee) Ozmo Licensing LLC | Method and system for wireless intrusion detection | ▪ wireless communication ≈ wireless communication ▪ communication protocol ≈ communications medium ▪ intrusion attack ≈ intrusion detection ▪ incoming data frames ≈ wireless networks ▪ second receiving unit ≈ authorized device ▪ air interface ≈ different means ▪ wireless network technology ≈ access points | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches the packet inspection system is a border gateway router centralized security manager connected to a plurality… ▪ teaches said applying a credit scoring rule step comprises calculating an internal credit scoring prior to calculating… ▪ discloses a method for providing security to computer communications whereby increased measures are invoked when a user… ▪ discloses wherein the event parameters include one or more of… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
15 | US20020150228A1 (Narumi Umeda, 2002) | (Original Assignee) NTT Docomo Inc (Current Assignee) NTT Docomo Inc | Mobile communication system, resource switching method thereof, network control apparatus included therein, same and network control method | ▪ wireless communication ≈ wireless communication ▪ transmitting unit ≈ receiving means ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) | ▪ teaches notifying of the electromagnetic wave environment measurement result of detection to report to central network… | X | X | X | |||||||||||||||||
16 | US20030110394A1 (Clifford Sharp, 2003) | (Original Assignee) Deep Nines Inc (Current Assignee) Trend Micro Inc | System and method for detecting and eliminating IP spoofing in a data transmission network | ▪ original data frames, data frames ≈ temporary storing, flow rate ▪ time interval ≈ temporarily store ▪ data processing unit ≈ temporary storage ▪ incoming traffic ≈ flow control, data packet ▪ step d ≈ comprises a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches the motivation for separating charges based on use in order to balance the total margin for a user s… ▪ teaches the database of sequence is a database of a fixed size such that when the database of sequence is filled to… ▪ teaches carrier may add or offset a subscribers bill based on service level agreement which makes obvious that… ▪ teaches blocking the detected malicious packet comprises instructing a firewall to reject the detected malicious… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
17 | US20020176378A1 (Thomas Hamilton, 2002) | (Original Assignee) AVIAN COMMUNICATIONS; Proquent Systems Corp (Current Assignee) Bytemobile Network Services Corp | Platform and method for providing wireless data services | ▪ communication protocol ≈ Internet Protocol ▪ wireless network ≈ wireless network ▪ time interval ≈ time interval ▪ incoming traffic ≈ data packet ▪ wireless channels ≈ data rate | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses multiple policies for a specific user indexed by different aliases… ▪ discloses a system further comprising a fourth interface module for interacting with a third party system… ▪ discloses wherein the relevant session information is at least one among an IP address… ▪ discloses the second device can automatically set the first device in the suspend state and set the active state of the… | X | X | X | X | X | X | X | X | ||||||||||||
18 | US20020032774A1 (Edward Kohler, 2002) | (Original Assignee) Mazu Networks Inc (Current Assignee) Riverbed Technology Inc | Thwarting source address spoofing-based denial of service attacks | ▪ second receiving, second receiving unit ≈ source addresses ▪ incoming traffic ≈ take action | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches a system comprising sending a event message to a network management station paragraph… ▪ discloses tracking the amount of ingoing to outgoing traffic for each source to determine an attack column… ▪ teaches dropping packets in particular providing a discarded packet count in the analogous art of discarding packets… ▪ teaches the invention substantially as claimed and described in claim… | X | X | ||||||||||||||||||
19 | US20020131366A1 (Clifford Sharp, 2002) | (Original Assignee) Deep Nines Inc (Current Assignee) Trend Micro Inc | System and method for traffic management control in a data transmission network | ▪ original data frames, data frames ≈ temporary storing, flow rate ▪ time interval ≈ temporarily store ▪ data processing unit ≈ temporary storage ▪ incoming traffic ≈ flow control, data packet ▪ step b, step d ≈ including a, comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches that information associated with billing includes information with respect to usage service agreement terms… ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… ▪ teaches a method a gateway system and a computer program product embodied on a computer readable medium for detecting… ▪ teaches an intelligent feedback loop process that increases a scanning rate responsive to a generation of an event… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
20 | JPH1146196A (Takayuki Nakanishi, 1999) | (Original Assignee) Fujitsu Ltd; 富士通株式会社 | Communication device, communication terminal, and program recording medium | ▪ original data frames ≈ 記憶手段と ▪ impersonation detection system, data processing unit ≈ apparatus | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses all of the subject matter as discussed in the rejection of claim… ▪ discloses wherein arbitrary performance of sending the payload payment data digital payload data and incentive payment… ▪ teaches information gathered externally from multiple sources including proxy information and data mining internet… ▪ discloses processing video content and audio content so that all users will be able to view the video… | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
21 | US6198728B1 (Samir N. Hulyalkar, 2001) | (Original Assignee) Philips North America LLC (Current Assignee) Uniloc 2017 LLC | Medium access control (MAC) protocol for wireless ATM | ▪ wireless communication ≈ wireless communication ▪ communication protocol ≈ communications medium, first packet ▪ step d ≈ transmitting packets, comprises a ▪ incoming traffic ≈ data packet ▪ step a ≈ node b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a wireless communication network as recited in claim… ▪ teaches a method of making use of the acknowledgement to determine the uplink transmission activity… ▪ teaches delaying a random period of time prior to sending the information see column… ▪ discloses that it was known in the art at the time of the invention to organize a contiguous group of cells into… | X | X | X | X | X | |||||||||||||||
22 | US5561689A (Arthur E. Fleek, 1996) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Method and apparatus for digital carrier detection in a wireless lan | ▪ incoming data, first receiving unit ≈ frequency drift, rising edges ▪ step a ≈ first frequency ▪ transmitting unit ≈ receiving means ▪ outgoing data ≈ binary signal ▪ step b ≈ clock pulses | X | X | X | X | X | X | X | X | X | X | X | |||||||||||
23 | US20030187986A1 (Jim Sundqvist, 2003) | (Original Assignee) Operax AB (Current Assignee) NetSocket Inc | Method for, and a topology aware resource manager in an ip-telephony system | ▪ communication protocol ≈ Internet Protocol ▪ step a, step b ≈ following steps ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches the invention as claimed including the system of claim… ▪ discloses a method of assessing speech quality transmitted via a packet based telecommunications network ie voice over… ▪ discloses substantial features of the claimed invention it fails to explicitly disclose wherein receiving the current… ▪ discloses determining con guration parameters during the discovery process in paragraph… | X | |||||||||||||||||||
24 | US20030185361A1 (Alexander Edwards, 2003) | (Original Assignee) British Telecommunications PLC (Current Assignee) British Telecommunications PLC | Fraud monitoring system | ▪ second receiving unit ≈ comprises information ▪ time interval ≈ current time period ▪ transmitting unit ≈ receiving pattern ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses an apparatus and method for identifying a call record that is to be delivered from one automatic call… ▪ discloses enabling the artificial intelligence engine to draw inferences to form a context for forming the answer to the… ▪ discloses wherein said current time interval and said previous time interval are overlapping col… ▪ discloses all the limitations of subject matter with the exception of the following limitation which are disclosed by… | X | X | X | X | ||||||||||||||||
25 | US20030126468A1 (Thomas Markham, 2003) | (Original Assignee) Secure Computing LLC (Current Assignee) McAfee LLC | Distributed firewall system and method | ▪ intrusion attack ≈ network interface cards ▪ incoming data, incoming data frames ≈ packet transfer ▪ step b, step d ≈ including a, comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses one or more interfaces to one or more communications channels that may include one or more interfaces to user… ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… ▪ teaches storing a second record with mapping information in the memory mapped file… ▪ discloses A client session s time stamp is updated each time a message transaction containing the session id for the… | X | X | X | X | X | X | X | X | X | |||||||||||
26 | US20030151513A1 (Falk Herrmann, 2003) | (Original Assignee) Robert Bosch GmbH (Current Assignee) Robert Bosch GmbH | Self-organizing hierarchical wireless network for surveillance and control | ▪ second receiving unit ≈ radio module ▪ original data ≈ first layer | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein the determining that at least one mote device is operating outside normal operational parameters and… ▪ teaches that interconnected wireless devices use mesh network… ▪ teaches a system that covers substantially all limitations of the parent claim… ▪ discloses having a linknode failure metric including node mobility with a mean time to failure for a route based on node… | X | X | X | X | X | X | ||||||||||||||
27 | US20030051041A1 (Asawaree Kalavade, 2003) | (Original Assignee) Tatara Systems Inc (Current Assignee) Smith Micro Software Inc | Method and apparatus for integrating billing and authentication functions in local area and wide area wireless data networks | ▪ wireless network ≈ local area networks ▪ wireless network technology ≈ access points ▪ step d ≈ comprises a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses displaying which route is used for routing the call on a display of the terminal claim… ▪ teaches a wireless interface communicating at a frequency of approximately… ▪ teaches in an analogous art wherein system determines via monitoring using the probe server whether the at least one… ▪ discloses utilizing RADIUS and GPRS environments but does not disclose modifying RADIUS accounting data to generate GPRS… | X | X | X | |||||||||||||||||
28 | US20030028808A1 (Noriyuki Kameda, 2003) | (Original Assignee) NEC Corp (Current Assignee) NEC Corp | Network system, authentication method and computer program product for authentication | ▪ original data ≈ authentication method ▪ step d ≈ comprises a ▪ step a ≈ step a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… ▪ teaches that timestamps can be used as a substitute to random in authentication to prevent replay attacks… ▪ discloses the additional state comprises storing a pair wise master key wherein the pair wise master key is used by the… ▪ teaches storing a second record with mapping information in the memory mapped file… | X | X | X | X | ||||||||||||||||
29 | US20030217283A1 (Scott Hrastar, 2003) | (Original Assignee) AirDefense Inc (Current Assignee) Extreme Networks Inc | Method and system for encrypted network management and intrusion detection | ▪ intrusion detection module, impersonation detection signal ≈ processing element ▪ wireless network ≈ wireless network ▪ transmitting unit ≈ receiving means ▪ original data ≈ comprises two ▪ time interval ≈ time interval ▪ step d ≈ comprises a ▪ incoming data frames, data processing unit ≈ fixed time ▪ step b ≈ steps c | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a communication system comprising a first information processing apparatus and a second information processing… ▪ teaches a well known technique to establish a secure communication channel between two entities the hybrid… ▪ teaches the packet inspection system is a border gateway router centralized security manager connected to a plurality… ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||
30 | US20030219008A1 (Scott Hrastar, 2003) | (Original Assignee) AirDefense Inc (Current Assignee) Extreme Networks Inc | System and method for wireless lan dynamic channel change with honeypot trap | ▪ wireless communication network ≈ wireless communication network ▪ intrusion attack ≈ intrusion detection ▪ intrusion detection module, impersonation detection signal ≈ processing element ▪ transmitting unit ≈ receiving means ▪ step d ≈ comprises a ▪ step b ≈ steps c | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches a well known technique to establish a secure communication channel between two entities the hybrid… ▪ discloses a communication system comprising a first information processing apparatus and a second information processing… ▪ teaches wherein when the unatuhrozied access point is detected the network monitor isolates network communication with… ▪ teaches the packet inspection system is a border gateway router centralized security manager connected to a plurality… | X | X | X | X | X | X | X | X | X | X | ||||||||||
31 | JP2003288282A (Ichiro Miyajima, 2003) | (Original Assignee) Fujitsu Ltd; 富士通株式会社 | Unauthorized access prevention program | ▪ transmitting unit ≈ receiving step ▪ wireless communication, wireless network ≈ 前記受 ▪ impersonation detection system ≈ detecting ▪ intrusion detection module incoming data frames ≈ の対策 ▪ step a ≈ step a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches sending signal periodically in a predetermined time interval to perform a network connection status detection… ▪ discloses a permission negotiation engine to negotiate permissions that haven t been approved by the rights holder… ▪ discloses all the subject matter of the method as discussed above with respect to claim… ▪ discloses a payment system coupled on a communication network see… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
32 | JP2003289337A (Masaru Katayama, 2003) | (Original Assignee) Nippon Telegr & Teleph Corp <Ntt>; 日本電信電話株式会社 | Communication network, router, and distributed denial of service attack detection and protection method | ▪ incoming data, intrusion detection module incoming data frames ≈ transmission source address, apparatus ▪ transmitting unit ≈ receiving means ▪ wireless communication, wireless network ≈ 前記受 | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
33 | US20030186679A1 (David Challener, 2003) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Methods, apparatus and program product for monitoring network security | ▪ time interval ≈ regular intervals ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a system for detecting unauthorized access points comprising a database of authorized access points paragraph… ▪ discloses wherein the GPS data comprises IP address and geographic coordinates… ▪ teaches wherein upon determining that the message originated from a mobile wireless device associated with an… ▪ teaches a well known technique to establish a secure communication channel between two entities the hybrid… | X | |||||||||||||||||||
34 | US20030188190A1 (Jeffrey Aaron, 2003) | (Original Assignee) BellSouth Intellectual Property Corp (Current Assignee) AT&T Delaware Intellectual Property Inc | System and method of intrusion detection employing broad-scope monitoring | ▪ intrusion attack ≈ intrusion detection ▪ wireless network ≈ wireless network ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches such a method wherein said outputting further comprises performing a cross site scripting XSS test on said… ▪ discloses inspecting the TCP stream to detect information indicative of a security breach comprises storing a plurality… ▪ discloses using a key lease in a secondary authentication protocol after a primary authentication protocol has been… ▪ discloses an apparatus and method for fraud prevention when accessing through wireless local area networks… | X | X | X | X | X | |||||||||||||||
35 | JP2003264595A (Yosuke Kinoshita, 2003) | (Original Assignee) Mitsubishi Electric Corp; 三菱電機株式会社 | Packet relay device, packet relay system, and october guidance system | ▪ original data frames ≈ 汎用データ ▪ communication protocol ≈ セッション ▪ intrusion detection module, intrusion attack ≈ 侵入検知, apparatus | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches the benefit of flexible configuration by using scripts with installation of software on different hardware… ▪ teaches extracting the link information for access to a site on a communication network storing information of a… ▪ teaches an unwanted mail discriminating apparatus comprising mail receiving means for receiving email ie the system… ▪ discloses wherein at least one of the first operating system column… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||
36 | US20030149891A1 (Brant Thomsen, 2003) | (Original Assignee) 3Com Corp (Current Assignee) 3Com Corp | Method and device for providing network security by causing collisions | ▪ intrusion attack ≈ said devices ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches an aggregation classifier which uniquely identifies the tunnel encapsulation the constituent flows that are… ▪ teaches the user requests propagated to all routers along the data path allowing the network to reconfigure a request… ▪ discloses a method for detecting unauthorized attempts to access a wireless data communication system where the method… ▪ teaches all the particulars of the claim except wherein the estimated position of the second wireless access point is… | X | X | ||||||||||||||||||
37 | US20020167965A1 (James Beasley, 2002) | (Original Assignee) Strix Systems Inc (Current Assignee) Aurix Pte Ltd | Link context mobility method and system for providing such mobility, such as a system employing short range frequency hopping spread spectrum wireless protocols | ▪ impersonation detection signal ≈ range wireless communication ▪ air interface ≈ communication link ▪ communication protocol ≈ Internet Protocol ▪ wireless network ≈ wireless network ▪ wireless node ≈ network nodes ▪ wireless network technology ≈ access points ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses mobility management process includes a mobility protocol a mobility management entity and a mobility process… ▪ discloses a method for establishing communication between a client computer and a network remote from the client… ▪ teaches a system for data distribution using peers to act as relays… ▪ teaches the use of the TCPIP protocol for network communications… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
38 | US20030105881A1 (Julie Symons, 2003) | (Original Assignee) HP Inc (Current Assignee) Hewlett Packard Development Co LP | Method for detecting and preventing intrusion in a virtually-wired switching fabric | ▪ incoming data, incoming data frames ≈ switching fabric ▪ intrusion attack ≈ said devices ▪ step d ≈ comprises a, said method ▪ second receiving unit ≈ switch port | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses wherein the parental control device issues a third transaction from the parental control device that is… ▪ teaches a system for relaying messages from an external network into an internal network through a gateway… ▪ discloses sending an access denied message to the user device paragraph… ▪ discloses an apparatus for providing network security comprising A layer… | X | X | X | X | X | X | X | X | X | |||||||||||
39 | CN1422039A (谷大武, 2003) | (Original Assignee) 上海交通大学 | 可控计算机网络的分布式黑客追踪系统 | ▪ time interval ≈ 时间间隔 ▪ first receiving, second receiving ≈ 的接收 ▪ incoming traffic ≈ 的参数 ▪ communication protocol ≈ 网络路 ▪ transmitting outgoing data frames ≈ 的通信 | X | X | X | X | X | |||||||||||||||||
40 | US20030084321A1 (Richard Tarquini, 2003) | (Original Assignee) HP Inc (Current Assignee) Hewlett Packard Development Co LP | Node and mobile device for a mobile telecommunications network providing intrusion detection | ▪ intrusion attack ≈ intrusion detection ▪ incoming traffic ≈ data packet ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… ▪ discloses the malware detection and mitigation system of claim… ▪ teaches de ning threshold based upon a percentage of bandwidth capacity of the network paragraph… ▪ discloses a plurality of data bases including mission objective tables vulnerability tables and network con guration… | X | X | X | X | ||||||||||||||||
41 | US20020057764A1 (Angelo Salvucci, 2002) | (Original Assignee) Angelo Salvucci; Reich Don E.; Warner Kurt E.; Cook William C. (Current Assignee) 911 Notify Inc | Real-time incident and response information messaging in a system for the automatic notification that an emergency call has occurred from a wireline or wireless device | ▪ wireless communication network ≈ telecommunications system ▪ step b, step d ≈ including a ▪ incoming traffic ≈ data packet | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses with the recipient notification communication including notification information comprising a help… ▪ discloses the positioning procedure being performed for an emergency call originated by the UE and sending a location… ▪ discloses that determining a language based on said one or more parameters… ▪ discloses the SMLC transmits a location response to the SGSN which is transmitted to the GMLC but fails to explicitly… | X | X | X | X | ||||||||||||||||
42 | US20030063714A1 (Peggy Stumer, 2003) | (Original Assignee) Siemens Information and Communication Networks Inc (Current Assignee) Unify Inc | Internet protocol (IP) emergency connections (ITEC) telephony | ▪ communication protocol ≈ Internet Protocol ▪ intrusion attack ≈ said devices ▪ incoming data frames ≈ more series ▪ step b, step d ≈ including a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the positioning procedure being performed for an emergency call originated by the UE and sending a location… ▪ teaches a system and method that covers substantially all limitations of the parent claim… ▪ discloses the SMLC transmits a location response to the SGSN which is transmitted to the GMLC but fails to explicitly… ▪ discloses wherein if the communication device is not associated with an automatic locating device and if the received IP… | X | X | X | X | X | X | X | X | X | X | ||||||||||
43 | US20020066034A1 (Barry Schlossberg, 2002) | (Original Assignee) Schlossberg Barry J.; Wenbiao Wang | Distributed network security deception system | ▪ communication protocol ≈ communication protocol ▪ first receiving, first receiving unit ≈ algorithm t | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches one or more agents send collected header information to a master… ▪ teaches wherein identifying a threat assessment system operable to evaluate the identified threat type comprises… ▪ teaches wherein the verified common configuration command is obtained by verifying the authenticity of the common… ▪ describes reporting the time of day of when the suspicious activity took place… | X | X | X | |||||||||||||||||
44 | JP2003092605A (Tsukasa Kimura, 2003) | (Original Assignee) Nippon Telegr & Teleph Corp <Ntt>; 日本電信電話株式会社 | Content protection method and system, content protection program, and storage medium storing content protection program | ▪ wireless network ≈ 該電子メール ▪ original data ≈ 検出手段と ▪ step b, step d ≈ includes a ▪ impersonation detection system, data processing unit ≈ apparatus, detecting ▪ wireless network technology ≈ technique | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
45 | US20020055980A1 (Steve Goddard, 2002) | (Original Assignee) University of Nebraska (Current Assignee) University of Nebraska | Controlled server loading | ▪ wireless communication network ≈ multiple client ▪ step b, step d ≈ including a, comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a media element library that is able to return the status of robots which includes the availability of robots… ▪ teaches the invention as claimed including a method of coordinating media requests from a plurality of sources that… ▪ discloses wherein the amount of data process is determined by a of back end servers that are available to receive the of… ▪ teaches servicing requests in the queue based at least in part on their assigned normalized priority includes… | X | X | ||||||||||||||||||
46 | US20020146002A1 (Takayuki Sato, 2002) | (Original Assignee) Allied Telesis KK (Current Assignee) Allied Telesis KK | Network administration apparatus, network administrating program, network administrating method and computer network system | ▪ time interval ≈ predetermined time period ▪ transmitting unit, transmitting outgoing data frames ≈ receiving device ▪ step d ≈ comprises a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses a network device and method for use in a network the method comprising receiving or generating a packet or… | X | X | X | |||||||||||||||||
47 | US20030056001A1 (Ashutosh Mate, 2003) | (Original Assignee) Nokia Inc (Current Assignee) Nokia Technologies Oy | Selective routing of data flows using a TCAM | ▪ incoming traffic ≈ packet header information ▪ step d ≈ said steps | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches comparisons are performed in parallel in a single clock cycle paragraph… ▪ discloses a stacking configuration for network switches ie aggregate device fig… ▪ discloses the first classification is based upon the destination port associated the packet column… ▪ discloses a memorypointer and memory payload structure for router EPIC… | X | X | ||||||||||||||||||
48 | US20020021675A1 (Anja Feldmann, 2002) | (Original Assignee) AT&T Corp (Current Assignee) AT&T Corp | System and method for packet network configuration debugging and database | ▪ communication protocol, wireless network technology ≈ traffic engineering ▪ incoming traffic ≈ network policies ▪ original data, original data frames ≈ order r | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses an apparatus comprising a processor a memory including computer program code configured to with the processor… ▪ discloses the method system computer readable storage medium of claims… ▪ teaches a method and system wherein establishing a secure connection includes establishing a secure connection over an… ▪ teaches triggering an automatic retrieval of a schema definition file based on the receiving of the request message… | X | X | X | X | X | X | X | X | X | |||||||||||
49 | US20020083343A1 (Mark Crosbie, 2002) | (Original Assignee) HP Inc (Current Assignee) Hewlett Packard Enterprise Development LP | Computer architecture for an intrusion detection system | ▪ intrusion attack ≈ intrusion detection ▪ wireless channels, wireless network ≈ low bandwidth ▪ original data, second receiving ≈ reading means ▪ outgoing data frames comprises frames ≈ control agent | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches the claimed invention substantially including the method of claims… ▪ discloses a method of database management in which items in which items contained within a database can be automatically… ▪ discloses thresholds as detection criteria while threshold parameters such as of events and the time duration in which… ▪ discloses a system wherein the one or more biometric identi ers include ngerprints retinal scans or images of the… | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
50 | EP1160646A2 (Arturo Maria, 2001) | (Original Assignee) AT&T Wireless Services Inc (Current Assignee) AT&T Wireless Services Inc | Floating intrusion detection platforms | ▪ intrusion attack ≈ software agent ▪ step d ≈ said steps ▪ step b ≈ steps c | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses that the system for managing security events includes honeypots… ▪ discloses an alert gateway system that analyze how to communicate alert messages which are communicated to subscribers… ▪ discloses in response receiving a request for con guring a connection checking to see weather request is a malicious… ▪ discloses the second means includes means for adjusting times at which the network messages are sent by the third means… | X | X | ||||||||||||||||||
51 | EP1259026A1 (Claude Castelluccia, 2002) | (Original Assignee) Motorola Solutions Inc (Current Assignee) Motorola Solutions Inc | Method and device for managing mobile nodes | ▪ step b, step d ≈ including a ▪ incoming traffic ≈ data packet | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches that it is desirable to check the available bandwidth before allocating a datagram COL… ▪ teaches a dynamic network management system in a communication system including a mobile access router forming a… ▪ teaches tracking IP addresses assigned to a mobile node where the IP addresses are assigned by a of foreign networks… ▪ teaches wherein the base station is stationary and at least one of said plurality of nodes is connected to a vehicle… | X | X | ||||||||||||||||||
52 | US20020065938A1 (Peder Jungck, 2002) | (Original Assignee) Cloudshield Tech Inc (Current Assignee) LOOKINGGLASS CYBER SOLUTIONS Inc | Edge adapter architecture apparatus and method | ▪ step d ≈ said method, comprises a ▪ incoming data, incoming data frames ≈ other port ▪ intrusion detection module incoming data frames ≈ one second | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses one or more rules where rules are a functional form of a model see… ▪ discloses capable of analyzing any portion of the packet including the header and payload… ▪ discloses if downstream IP packets were received from the DSL line upstream packets will be routed to a DSL modem in… ▪ teaches identifying a codec associated with the data stream see US… | X | X | X | X | X | X | X | X | ||||||||||||
53 | EP1154610A2 (Marc Lamberton, 2001) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Methods and system for defeating TCP Syn flooding attacks | ▪ communication protocol ≈ Internet Protocol ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses method and apparatus for rate based denial of service attack detection and prevention comprising the following… ▪ discloses wherein the items included in the first item group are a transmission source address and a destination port… ▪ teaches the motivation of presenting to the users a value with respect to the advertising selected with respect to… ▪ teaches wherein evaluating the feature comprises determining the feature over a predefined of first content bytes at a… | X | |||||||||||||||||||
54 | US20010012296A1 (Jon Burgess, 2001) | (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP | Multi-port network communication device with selective mac address filtering | ▪ step b, step d ≈ including a ▪ incoming traffic ≈ data packet | X | X | ||||||||||||||||||||
55 | US6580372B1 (Scott C. Harris, 2003) | (Original Assignee) Scott C. Harris | Automatic electronic device detection | ▪ intrusion detection module, impersonation detection signal ≈ processing element ▪ incoming traffic ≈ taking action | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a method for inhibiting wireless telecommunication system comprising broadcasting a noise signal col… ▪ discloses device enumeration functionality that polls attached hardware devices in pages… ▪ discloses the use of a RF shield copper mesh at a gas station so as to inhibit cellular telephone communications in… ▪ teaches that a broadcasting the plurality of noise signals from different locations into the region such that the… | X | X | X | X | X | X | X | X | X | X | ||||||||||
56 | US6647418B1 (Arturo Maria, 2003) | (Original Assignee) AT&T Wireless Services Inc (Current Assignee) AT&T Mobility II LLC ; AT&T Wireless Services Inc | Method and apparatus for filtering packets using a dedicated processor | ▪ wireless network technology ≈ dynamic random access memory ▪ wireless network ≈ wireless network ▪ step d ≈ comprises a ▪ transmission channels ≈ end user | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses one or more interfaces to one or more communications channels that may include one or more interfaces to user… ▪ teaches a distributed computer system including a distributed shared memory see abstract… ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… ▪ teaches storing a second record with mapping information in the memory mapped file… | X | X | X | X | X | |||||||||||||||
57 | US6519703B1 (James B. Joyce, 2003) | (Original Assignee) James B. Joyce (Current Assignee) Bandura Cyber Inc | Methods and apparatus for heuristic firewall | ▪ intrusion detection module, impersonation detection signal ≈ processing element ▪ transmission channels ≈ frequency domain ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a method and system for adaptive network security using intelligent packet analysis comprising reassembling a… ▪ teaches de ning threshold based upon a percentage of bandwidth capacity of the network paragraph… ▪ teaches issuing a SNMP trap sending email alert logging the problem… ▪ teaches requesting that a host name be mapped receiving an IP address wherein said host name has been mapped to said… | X | X | X | X | X | X | X | X | X | X | ||||||||||
58 | US6338082B1 (Eric Schneider, 2002) | (Original Assignee) Eric Schneider (Current Assignee) Mec Management LLC | Method, product, and apparatus for requesting a network resource | ▪ time interval, data processing unit ≈ network bandwidth ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the invention substantially as claimed including method product and apparatus for requesting a network… ▪ teaches list of user names identification that are allowed agreed to use a content exchange… ▪ discloses a method comprising the candidate domain name is an internationalized domain name represented using at least… ▪ discloses a technology with which a mobile terminal moving in a PMIP domain receives various types of prefixes and… | X | X | X | |||||||||||||||||
59 | US6343212B1 (Matthias Weber, 2002) | (Original Assignee) Sony International Europe GmbH (Current Assignee) Sony International Europe GmbH | Outputting a warning signal when approaching a protected area warning of an impending mode change | ▪ wireless communication ≈ wireless communication ▪ transmitting unit ≈ receiving means ▪ step b, step d ≈ including a ▪ data frames ≈ time period | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses device enumeration functionality that polls attached hardware devices in pages… ▪ discloses a method for transmitting a character message from a mobile communication terminal with a character message… ▪ teaches querying for a parental control associated with the location O… ▪ teaches a control system via system formed by a writeread station and a transponder comprising a control device via… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
60 | US6362736B1 (Narayan L. Gehlot, 2002) | (Original Assignee) Nokia of America Corp (Current Assignee) SOUND VIEW INNOVATIONS LLC ; Alcatel Lucent SAS | Method and apparatus for automatic recovery of a stolen object | ▪ step a ≈ telecommunication device ▪ wireless communication ≈ wireless communication ▪ wireless interface ≈ wireless interface | ▪ 35 U.S.C. 103(a) | ▪ discloses said monitoring device including a radio transmitter for transmitting radio location signals… ▪ discloses an apparatus for automatic recovery of a stolen object comprising… ▪ discloses the vehicle sensor is a shock sensor motion sensor ignition sensor door sensor or a combination thereof see… | X | X | X | |||||||||||||||||
61 | US6149353A (Byard G. Nilsson, 2000) | (Original Assignee) KUYPER REENA (ONE-EIGHTH INTEREST) (Current Assignee) Dot 23 Technologies LLC | Wireless prepaid telephone system with dispensable intruments | ▪ wireless communication ≈ wireless communication ▪ air interface, data processing unit ≈ transfer command ▪ original data, original data frames ≈ unique control ▪ step b, step d ≈ including a, comprises a ▪ first receiving unit ≈ said area | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches wherein marketing information is audibly transmitted to the user over the network col… ▪ teaches a housing wherein the means comprises an integrally formed tab on the body for location of the retaining plate… ▪ discloses the use of a text communication account the combination of HAMILTON and NILSSON does not expressly disclose… ▪ teaches the body having a plurality of apertures in one face for receiving the keys of a keymat mounted on an inner… | X | X | X | X | X | X | X | X | ||||||||||||
62 | US6363489B1 (Oded Comay, 2002) | (Original Assignee) Forescout Technologies Inc (Current Assignee) Forescout Technologies Inc | Method for automatic intrusion detection and deflection in a network | ▪ intrusion detection module ≈ intrusion detection module ▪ transmission channels ≈ one packet | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches fraud perpetrated on users online reduce online sales and raise cost for consumers and vendors and that there… ▪ discloses all subject matter of the claimed invention as discussed above with respect to claims… ▪ discloses that a physical address is invalid if it does not match the one or more secure addresses… ▪ teaches a well known technique to establish a secure communication channel between two entities the hybrid… | X | X | X | X | X | X | X | X | X | X | ||||||||||
63 | US6281790B1 (David E. Kimmel, 2001) | (Original Assignee) Net Talon Security Systems Inc (Current Assignee) NetTalon Security Systems Inc ; Net Talon Security Systems Inc | Method and apparatus for remotely monitoring a site | ▪ data frames ≈ remote monitoring ▪ wireless network ≈ wireless network ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a system for detecting intrusion using a plurality of sensors see abstract wherein the system may report… ▪ teaches a floor plan display for remotely remotely monitoring a security system using a plurality of tiles see… ▪ teaches a user interface that allows a user to create and render a monitored floor plan using a component of the user… ▪ teaches wherein the color could also just be displayed as an outline ie border see col… | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
64 | US20030147518A1 (Nandakishore A. Albal, 2003) | (Original Assignee) Motorola Solutions Inc (Current Assignee) Motorola Solutions Inc | Methods and apparatus to deliver caller identification information | ▪ second receiving ≈ third communication ▪ wireless network technology ≈ remote data ▪ step a ≈ node b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the step of converting the received data corresponding to the message code… ▪ teaches setting up a nonassociated telephone call to the recipient telephone from a simulated calling party having the… ▪ discloses the received and stored calling party information each includes at least a portion of a telephone of the… ▪ teaches a method performed by a voice portal comprising receiving a call from a caller where the call includes… | X | X | X | X | ||||||||||||||||
65 | US6550012B1 (Emilio Villa, 2003) | (Original Assignee) Network Associates Inc (Current Assignee) McAfee LLC | Active firewall system and methodology | ▪ second receiving unit ≈ comprises information ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a network security risk management system that evaluates network threat values… ▪ teaches measuring the network traffic and returns the information to the central manager or another apparatus… ▪ teaches that the computer program provides each said party of the one or more parties access only to said documents… ▪ discloses using formulas to calculate potential threats with assigned factors detected from the network… | X | X | ||||||||||||||||||
66 | US6553028B1 (Cheng Tang, 2003) | (Original Assignee) Cisco Technology Inc (Current Assignee) Cisco Technology Inc | Method and apparatus for multicast switching using a centralized switching engine | ▪ air interface ≈ acknowledgment message ▪ incoming traffic, incoming data frames ≈ subsequent frame ▪ wireless communication ≈ n group | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses using a HASH operation in order to select one of a plurality of possible paths to forward a packet page… ▪ discloses the MDT default tunnel and MDT data tunnel see rejection of preceding claims… ▪ discloses assignment being performed sequentially where the next available address is selected page… ▪ teaches about the access policy as per specified transfer rate… | X | X | X | X | X | X | X | |||||||||||||
67 | US6393484B1 (Leonardo C. Massarani, 2002) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks | ▪ wireless network technology ≈ access points ▪ step b, step d ≈ including a ▪ transmission channels ≈ end user | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses that the database includes MAC addresses of authorized devices see col… ▪ teaches transmitting correction address resolution requests on the computer network to update the client device with… ▪ discloses the invention provides a method and a system for implementing interface redundancy in a computer network so… ▪ teaches the construction of an MPLS tunnel requiring the use of ARP to discover MAC address information of switches in… | X | X | X | X | ||||||||||||||||
68 | US6338089B1 (Cian M. Quinlan, 2002) | (Original Assignee) Bull HN Information Systems Inc (Current Assignee) Bull HN Information Systems Inc | Method and system for providing session pools for high performance web browser and server communications | ▪ second receiving unit ≈ predetermined value ▪ step a, step b ≈ following steps | X | X | ||||||||||||||||||||
69 | US6609205B1 (Thomas E. Bernhard, 2003) | (Original Assignee) Cisco Technology Inc (Current Assignee) Cisco Technology Inc | Network intrusion detection signature analysis using decision graphs | ▪ air interface ≈ multiple sessions ▪ incoming data ≈ incoming data ▪ step d ≈ comprises a ▪ step a ≈ node b | X | X | X | X | X | X | X | |||||||||||||||
70 | US6651168B1 (I-Lung Kao, 2003) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Authentication framework for multiple authentication processes and mechanisms | ▪ original data ≈ authentication method ▪ wireless communication network, wireless network technology ≈ having access ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a system using a quality meter which compares the quality of password to the minimum threshold and if it does… ▪ discloses a person authentication application data processing system according to… ▪ teaches a mechanism for allowing access to said secure data by a host device on which the data storage device is… ▪ teaches the method comprising signing the statement paragraph… | X | X | X | X | X | X | ||||||||||||||
71 | JPH11316677A (Eric Grosse, 1999) | (Original Assignee) Lucent Technol Inc; ルーセント テクノロジーズ インコーポレイテッド | How to secure a computer network | ▪ incoming traffic ≈ 通信トラフィック ▪ wireless interface ≈ specific use ▪ step b, step d ≈ includes a ▪ impersonation detection system, data processing unit ≈ apparatus ▪ wireless communication ≈ どうか | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a system that determines whether the attachment is of a type which is in the list of approved attachments… ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… ▪ teaches such a method wherein said outputting further comprises performing a… ▪ teaches the scanning means comprise scanning means for scanning the message for predetermined character strings column… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
72 | US6343362B1 (Thomas Henry Ptacek, 2002) | (Original Assignee) Networks Associates Inc (Current Assignee) McAfee LLC | System and method providing custom attack simulation language for testing networks | ▪ communication protocol ≈ Internet Protocol ▪ step d ≈ comprises a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses a network simulation for analyzing attacks against a network… ▪ teaches information gathered externally from multiple sources including proxy information and data mining internet… ▪ discloses the spam determination at then may include comparing the determined or calculated score andor confidence level… ▪ teaches the processing comprises evaluating one or more parameters selected from among the group consisting of URL… | X | |||||||||||||||||||
73 | US6308053B1 (Byard G. Nilsson, 2001) | (Original Assignee) KUYPER REENA (ONE-EIGHTH INTEREST); Thompson Bettina Jean (Current Assignee) RPX Corp ; Thompson Bettina Jean | Recyclable wireless telephone unit with a secured activation switch | ▪ wireless communication ≈ wireless communication ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches wherein marketing information is audibly transmitted to the user over the network col… ▪ teaches a housing wherein the member includes a support for locating and retaining a printed circuit board thereon see… ▪ teaches a housing including a guide on the body to receive and support electronic components mounted on the member see… ▪ discloses the use of a text communication account the combination of HAMILTON and NILSSON does not expressly disclose… | X | X | ||||||||||||||||||
74 | US6415321B1 (Robert E. Gleichauf, 2002) | (Original Assignee) Cisco Technology Inc (Current Assignee) Cisco Technology Inc ; Cisco Systems Inc | Domain mapping method and system | ▪ intrusion attack ≈ intrusion detection ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses the query execution data structure comprising of plurality object oriented nodes… ▪ discloses substantial features of the invention such as the method of claim… ▪ teaches wherein the packet is a secure socket layer SSL packet column… ▪ discloses the verifying the fieldoperator pairings in the policy and based on rules associated with dynamic link… | X | X | ||||||||||||||||||
75 | US6246935B1 (Stephen J. Buckley, 2001) | (Original Assignee) DaimlerChrysler Co LLC (Current Assignee) FCA US LLC | Vehicle instrument panel computer interface and display | ▪ communication protocol ≈ communications medium ▪ step d ≈ comprises a | X | |||||||||||||||||||||
76 | US6510236B1 (Michael A. Crane, 2003) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Authentication framework for managing authentication requests from multiple authentication devices | ▪ air interface ≈ communication link ▪ original data ≈ coupled thereto ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches of extensible authentication protocol EAP see page… ▪ discloses the method would have been realized by one skill in the art as applicable to the apparatus of… ▪ teaches an electronic document storage and rendering method comprising authenticating a user and electronic… ▪ discloses a system of updating a master biometric template US… | X | X | X | X | X | |||||||||||||||
77 | US6370648B1 (Thanh A. Diep, 2002) | (Original Assignee) Visa International Service Association (Current Assignee) Visa International Service Association | Computer network intrusion detection | ▪ time interval ≈ predetermined time period ▪ intrusion attack ≈ intrusion detection ▪ step a, step b ≈ frequency f, repeating steps | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses the user requesting to continue playback of a movie which includes the rendering state of where the user… ▪ teaches methods of detecting network exploit defined in a signature… ▪ teaches a TLS handshake that it uses digital certificates for authentication… ▪ teaches information gathered externally from multiple sources including proxy information and data mining internet… | X | X | X | |||||||||||||||||
78 | US6321338B1 (Phillip A. Porras, 2001) | (Original Assignee) SRI International Inc (Current Assignee) SRI International Inc | Network surveillance | ▪ air interface, data processing unit ≈ transfer command ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… ▪ discloses a plurality of data bases including mission objective tables vulnerability tables and network con guration… ▪ discloses the second means includes means for adjusting times at which the network messages are sent by the third means… ▪ teaches nothing more than predictable results to one of ordinary skill in the art KSR… | X | X | X | X | ||||||||||||||||
79 | US6327570B1 (Dian Stevens, 2001) | (Original Assignee) Dian Stevens (Current Assignee) III Holdings 1 LLC | Personal business service system and method | ▪ incoming data frames ≈ wireless networks ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches that by crafting the promotion contract around performance goals evidenced by incremental sales volume… ▪ discloses that portable terminals include a wide range of applications including word processing etc col… ▪ teaches of using various search criteria in selecting healthcare providers of interest pg… ▪ teaches a method of obtaining information about a product or service offering having an associated receiver responsive… | X | X | X | X | X | X | X | |||||||||||||
80 | US6324650B1 (John W.L. Ogilvie, 2001) | (Original Assignee) John W.L. Ogilvie (Current Assignee) Resource Consortium Ltd | Message content protection and conditional disclosure | ▪ air interface ≈ presents data ▪ step b ≈ method steps, steps c | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses or renders obvious the aforementioned further limitation… ▪ discloses the limitation by teaching the encoding property is related to compression paragraphs… ▪ teaches the claimed storing a data encryption flag to indicate that data encryption has been performed… ▪ teaches changing the annotation as similarly explained in the rejection for claim… | X | X | ||||||||||||||||||
81 | WO9917477A2 (Jeffrey J. Kriz, 1999) | (Original Assignee) Honeywell Inc. | Multi tier wireless communication system | ▪ wireless communication ≈ wireless communication ▪ incoming data, incoming data frames ≈ relatively high power, logic circuitry ▪ step b ≈ higher power level ▪ transmitting unit, transmitting outgoing data frames ≈ receiving device ▪ wireless channels, wireless network ≈ low bandwidth ▪ transmission channels ≈ video camera ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a fuel pump with wireless communication as discussed above… ▪ teaches using the system at a gas station which are old and well known to often be service stations that perform… ▪ teaches an interface device that receives data from a combination of several sources via several different method of… ▪ discloses wherein said interrogator employs antennas selected from the group consisting of far field antennas near field… | X | X | X | X | X | X | X | X | X | X | ||||||||||
82 | US6195547B1 (Michel Corriveau, 2001) | (Original Assignee) Telefonaktiebolaget LM Ericsson AB (Current Assignee) Optis Wireless Technology LLC | System and method for a previously activated mobile station to challenge network mobile station knowledge during over the air activation | ▪ time interval ≈ programming information ▪ wireless communication ≈ wireless communication ▪ wireless network ≈ wireless network ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses the short range wireless link between the portable mobile communications device and the computermedia network… ▪ teaches all the particulars of the claim except the method of claim… ▪ discloses transmitting the request to an operator network and said receiving means is adapted to receive the valid… ▪ discloses a power personal care appliance an electronic toothbrush see fig… | X | X | X | X | X | X | ||||||||||||||
83 | US6317831B1 (Peter F. King, 2001) | (Original Assignee) Great Elm Capital Group Inc (Current Assignee) Unwired Planet LLC | Method and apparatus for establishing a secure connection over a one-way data path | ▪ wireless communication ≈ wireless communication ▪ time interval ≈ temporarily store ▪ outgoing data ≈ outgoing message ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches secured communications channels over the telecommunications network in paragraph… ▪ discloses computers as above but does not discuss the recited security techniques… ▪ teaches that the following security improvements were known techniques and a person of ordinary skill in the art would… ▪ teaches that transmitting the setting information which includes a predetermined private key eg WEP key WPA key or any… | X | X | X | X | X | X | X | |||||||||||||
84 | US6219786B1 (Mark Cunningham, 2001) | (Original Assignee) SurfControl Inc (Current Assignee) Forcepoint LLC | Method and system for monitoring and controlling network access | ▪ intrusion attack ≈ intrusion detection ▪ step b, step d ≈ including a, said method ▪ step a ≈ node b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches that the computer program provides each said party of the one or more parties access only to said documents… ▪ teaches wherein the network elements comprise data defining hosts associated with the packet flows data defining peers… ▪ teaches a system for managing documents at an electronic data repository wherein the documents relate to a transaction… ▪ discloses the information processing apparatus wherein said operation permissiondenial information generating part… | X | X | ||||||||||||||||||
85 | US6519646B1 (Amit Gupta, 2003) | (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc | Method and apparatus for encoding content characteristics | ▪ communication protocol ≈ transmitting one ▪ step d ≈ comprises a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a method for delivering art information by use of a telecommunication path according to claim… ▪ discloses an electronic shopping method as set forth in claim… ▪ teaches marking each of the plurality of client records that include a logical identification that matches the… ▪ teaches further comprising when a matching client record is not identified in the query marking each of the plurality… | X | |||||||||||||||||||
86 | US6208247B1 (Jonathan R. Agre, 2001) | (Original Assignee) Rockwell Science Center LLC (Current Assignee) Skyworks Solutions Inc | Wireless integrated sensor network using multiple relayed communications | ▪ step b ≈ higher power level ▪ data frames, original data frames ≈ second station, data buffer ▪ first receiving, first receiving unit ≈ first station ▪ time interval ≈ time interval ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches sensor readings are of environmental conditions selected from a group consisting of temperature humidity… ▪ discloses transmitted to an intended recipient participant by way of one or more intermediating participants and further… ▪ discloses a land based seismic data collection unit abstract… ▪ teaches that the ability to perform the administration remotely greatly supports efficient resource time para… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
87 | US6256314B1 (Benny Rodrig, 2001) | (Original Assignee) Avaya Technology LLC (Current Assignee) Avaya Inc | Apparatus and methods for routerless layer 3 forwarding in a network | ▪ second receiving unit ≈ comprises information ▪ communication protocol, incoming data ≈ downstream port, upstream port ▪ incoming traffic ≈ data packet ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses if the received packet is determined to be associated with the packet flow querying at least one database… ▪ discloses a method for performing flow compilation packet processing the method comprising receiving a packet at a… ▪ teaches an operation code for identifying whether a packet is suitable for a particular network interface function by… ▪ teaches wherein at least one of the multiple virtual subrings carries multiple virtual local area networks VLANs para… | X | X | X | X | X | X | X | X | ||||||||||||
88 | US6185491B1 (Jamison Gray, 2001) | (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc | Networked vehicle controlling attached devices using JavaBeans™ | ▪ wireless channels, transmission channels ≈ digital multimedia broadcasting, video camera ▪ communication protocol ≈ communications medium, internet connection ▪ step b, step d ≈ including a | X | X | X | X | ||||||||||||||||||
89 | US20030043763A1 (Paul D Grayson, 2003) | (Original Assignee) US Philips Corp (Current Assignee) Signify Holding BV | Wireless networked message routing | ▪ intrusion detection module incoming data frames ≈ acknowledgement message ▪ wireless communication ≈ wireless communication ▪ first receiving unit ≈ node address ▪ incoming traffic ≈ data packet ▪ step d ≈ comprises a ▪ step a ≈ node b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses that the application and the discovery unit are separated not colocated… ▪ teaches that each node has functions of a base transceiver station relay function and a wireless terminal FIG… ▪ teaches that the originate node broadcasts a packet to a plurality of nodes col… ▪ teaches a signal relaying method in a communication system comprising the steps of… | X | X | X | X | ||||||||||||||||
90 | US6202081B1 (Stanley T. Naudus, 2001) | (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP | Method and protocol for synchronized transfer-window based firewall traversal | ▪ air interface ≈ acknowledgment message ▪ communication protocol ≈ Internet Protocol ▪ step a, step b ≈ following steps | X | X | X | |||||||||||||||||||
91 | US6363056B1 (Mandis Sadr Mohammad Beigi, 2002) | (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp | Low overhead continuous monitoring of network performance | ▪ incoming data frames ≈ particular egress ▪ time interval, data processing unit ≈ network bandwidth, time interval ▪ original data, transmission channels ≈ next data packet ▪ wireless network technology ≈ access points ▪ step b ≈ method steps, steps c ▪ communication protocol ≈ first packet ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches providing plural egresses at the source connected to plural network access providers column… ▪ discloses generating the policy using the set of policy data see… ▪ discloses that a third party service level manager SLM may be utilized in order to assist a user in monitoring the… ▪ discloses disclose wherein the computing step includes calculating an accessibility loss due to ingress router failure a… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
92 | US6279113B1 (Vimal Vaidya, 2001) | (Original Assignee) Internet Tools Inc (Current Assignee) CA Inc | Dynamic signature inspection-based network intrusion detection | ▪ intrusion attack ≈ intrusion detection ▪ time interval ≈ time interval ▪ step b, step d ≈ including a, said steps | X | X | X | |||||||||||||||||||
93 | US6557037B1 (Joseph E. Provino, 2003) | (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc | System and method for easing communications between devices connected respectively to public networks such as the internet and to private networks by facilitating resolution of human-readable addresses | ▪ communication protocol ≈ response message ▪ step b, step d ≈ including a ▪ wireless network technology ≈ one device | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses setting an error correction code in the tunneling header to re ect modi cations made to convert the initial… ▪ teaches recording an address of said proxy server for said computing system if said computing system is not publicly… ▪ teaches formatting a client s request in accordance with a protocol of the wide area network to produce a formatted… ▪ teaches the method of transferring data between different types of terminals according to claim… | X | X | X | |||||||||||||||||
94 | US6275942B1 (Thomas Bernhard, 2001) | (Original Assignee) Network Associates Inc (Current Assignee) Networks Associates Technology Inc ; McAfee LLC | System, method and computer program product for automatic response to computer system misuse using active response modules | ▪ intrusion detection module, impersonation detection signal ≈ processing element ▪ step a, step d ≈ frequency f | ▪ 35 U.S.C. 103(a) | ▪ teaches the data signature being passwd in a context where filenames are likely to appear… ▪ discloses the limitation of receiving noti cation of a network intrusion see column… | X | X | X | X | X | X | X | X | X | X | ||||||||||
95 | US5982281A (Hoyt M. Layson, 1999) | (Original Assignee) Pro Tech Monitoring Inc (Current Assignee) 3M Attenti Ltd | Offender and victim collision avoidance and advanced warning system | ▪ wireless communication, wireless node ≈ wireless communication, digital wireless ▪ data processing unit ≈ Global Positioning ▪ original data ≈ data fusion | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses the use of the barcode scanner to verify that the appropriate medicationdoctors orders eg dosage accuracy are… ▪ discloses a method for providing indications of the state of a… ▪ discloses the plurality of objects is cards or cellular telephones or personal digital assistants PDAs or mobile radio… ▪ teaches a system including a portable monitor including a barcode scanner and also discloses the use of patient… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
96 | US6167052A (Thomas G. McNeill, 2000) | (Original Assignee) VPNX com Inc (Current Assignee) INTERNAP Corp | Establishing connectivity in networks | ▪ first receiving ≈ computer instructions ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses a communication network comprising at least two switches each having a database to hold VLAN membership the… ▪ teaches defining a plurality of default virtual networks based on a plurality of protocols… ▪ discloses system and method for efficiently handling multicast packets by aggregating VLAN context… ▪ discloses interfacing the switch with the virtual router such that the switched network can be provided with access to… | X | X | ||||||||||||||||||
97 | US6226751B1 (Leslie J. Arrow, 2001) | (Original Assignee) VPNet Technologies Inc (Current Assignee) Avaya Inc ; VPNet Technologies Inc | Method and apparatus for configuring a virtual private network | ▪ communication protocol ≈ Internet Protocol ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses having a VPN unit virtual private network unit enhancement cluster with a compressiondecompression unit… ▪ teaches to use the technique regardless of the current version of IP protocol col… ▪ teaches of a decision box which determines if the source and destination address are both members of the same VPN… ▪ teaches that if the packets are not authenticated they are filtered out wherein an… | X | |||||||||||||||||||
98 | US6246687B1 (Kai-Yeung S. Siu, 2001) | (Original Assignee) Massachusetts Institute of Technology (Current Assignee) Massachusetts Institute of Technology | Network switching system supporting guaranteed data rates | ▪ communication protocol ≈ transferring data ▪ incoming data, incoming data frames ≈ round robin ▪ time interval ≈ FIFO buffer ▪ step d ≈ comprises a ▪ step a ≈ one queue | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses the controller maintain a circuit switch resource table as described above in claims… ▪ discloses that the communications network includes a communications medium PER LINK and wherein the communications… ▪ discloses allocating buffer space to a queue where the buffer space is implemented by assigning a counter limit which… ▪ discloses generating an optimized mapping as a function of the service node relationships and server node relationships… | X | X | X | X | X | X | X | X | X | |||||||||||
99 | US6182226B1 (Irving Reid, 2001) | (Original Assignee) Secure Computing LLC (Current Assignee) McAfee LLC | System and method for controlling interactions between networks | ▪ communication protocol ≈ transferring data ▪ step b, step d ≈ including a, comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a networked personal contact manager title comprising address books for multiple users where users can link to… ▪ discloses a system for managing information sets ie data items at a database ie electronic repository with respect to… ▪ teaches displaying an email address as a unique string col… ▪ teaches that the computer program provides each said party of the one or more parties access only to said documents… | X | |||||||||||||||||||
100 | US6321336B1 (John Applegate, 2001) | (Original Assignee) Secure Computing LLC (Current Assignee) McAfee LLC | System and method for redirecting network traffic to provide secure communication | ▪ intrusion detection module incoming data frames ≈ external network ▪ step b, step d ≈ including a, steps c | X | |||||||||||||||||||||
101 | US6263444B1 (Naoyuki Fujita, 2001) | (Original Assignee) National Aerospace Laboratory of Japan; Japan Science and Technology Corp (Current Assignee) Japan Science and Technology Agency ; Japan Aerospace Exploration Agency | Network unauthorized access analysis method, network unauthorized access analysis apparatus utilizing the method, and computer-readable recording medium having network unauthorized access analysis program recorded thereon | ▪ communication protocol ≈ readable recording medium ▪ original data frames ≈ controlling section ▪ time interval ≈ filtering process ▪ step b ≈ step b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses the process of enabling the user andor administrator to con gure the event generating module to start… ▪ discloses maintaining a frequency for the of occurances with which messages were rejected… ▪ teaches a method and apparatus for an integrative model of multiple asset classes… ▪ discloses ltering packets using rules based on port and IP address… | X | X | X | X | X | X | ||||||||||||||
102 | US6353614B1 (Michael S. Borella, 2002) | (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Development Co LP | Method and protocol for distributed network address translation | ▪ communication protocol ≈ response message ▪ step a, step b ≈ following steps, including a ▪ original data ≈ first layer | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches a method of polling network devices for unused IP addresses and releasing IP addresses back to a DHCP server… ▪ discloses routable network address configured to be routed outside a subnet associated with a routable network address… ▪ discloses the use of a user interface to access network related information informing the user of a network connection… ▪ teaches a method wherein the independent networks include the… | X | X | X | X | X | |||||||||||||||
103 | US6178505B1 (David S. Schneider, 2001) | (Original Assignee) Internet Dynamics Inc (Current Assignee) Dropbox Inc | Secure delivery of information in a network | ▪ step b, step d ≈ including a ▪ air interface ≈ more link | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches that the computer program provides each said party of the one or more parties access only to said documents… ▪ teaches wherein the terminal station includes a central processing unit and a smart card that is in communication with… ▪ discloses a plurality of security service pathways including a combination of rewall and application lleting but doesn t… ▪ teaches a system for managing documents at an electronic data repository wherein the documents relate to a transaction… | X | X | ||||||||||||||||||
104 | US6252883B1 (Russell L. Schweickart, 2001) | (Original Assignee) ALOHA Networks Inc (Current Assignee) SUMMIT WIRELESS LLC ; ALOHA Networks Inc | Home and personal data services overlay communications system | ▪ communication protocol ≈ packet transmission ▪ air interface ≈ communication link ▪ wireless network technology ≈ transmitted data ▪ step a ≈ spreading code | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches of a personal communication device which is able to receive personal data of a user and wherein the personal… ▪ teaches wherein the data from the energy supply and delivery system and the data from the one or more building… ▪ teaches wherein the at least one personal parameter receiver is contained in the wirelessportable… ▪ teaches a method and computer readable medium that provides instruction when executed on a processor for integrating… | X | X | X | X | X | |||||||||||||||
105 | US6205551B1 (Eric Grosse, 2001) | (Original Assignee) Nokia of America Corp (Current Assignee) Nokia of America Corp ; Provenance Asset Group LLC ; Nokia USA Inc | Computer security using virus probing | ▪ step b, step d ≈ including a, comprises a ▪ transmission channels ≈ one packet | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a system that determines whether the attachment is of a type which is in the list of approved attachments… ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… ▪ teaches such a method wherein said outputting further comprises performing a… ▪ teaches the scanning means comprise scanning means for scanning the message for predetermined character strings column… | X | X | ||||||||||||||||||
106 | WO9833340A2 (Umesh J. Amin, 1998) | (Original Assignee) At & T Wireless Services, Inc. | Detection of fraudulently registered mobile phones | ▪ wireless network ≈ wireless network ▪ data frames ≈ time period ▪ step d ≈ comprises a | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||||
107 | US6230002B1 (Anders Flodén, 2001) | (Original Assignee) Telefonaktiebolaget LM Ericsson AB (Current Assignee) Telefonaktiebolaget LM Ericsson AB | Method, and associated apparatus, for selectively permitting access by a mobile terminal to a packet data network | ▪ wireless communication ≈ wireless communication ▪ original data ≈ coupled thereto ▪ step b, step d ≈ including a, comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches allowing users of a TV device to formulate queries and developing user profiles based upon these queries the… ▪ teaches a timeout limit during an authentication procedure… ▪ teaches wherein the meta data comprises application data for being usable in an application executable on the… ▪ discloses the above limitations but does not disclose a method as described in claim… | X | X | X | X | ||||||||||||||||
108 | US6078269A (Scott Markwell, 2000) | (Original Assignee) Safenight Tech Inc (Current Assignee) Google LLC | Battery-powered, RF-interconnected detector sensor system | ▪ wireless communication network ≈ signal transmission ▪ wireless network technology ≈ transmitted data ▪ transmitting unit ≈ receiving means, emitting diode ▪ intrusion detection module ≈ motion sensor ▪ time interval ≈ time interval ▪ step b, step d ≈ including a, comprises a ▪ first receiving ≈ data check | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses that logging the send alarms allows for the ability to verify that the alarms were properly sent and received… ▪ discloses several participants are assembled in a group and a group membership is contained in the list see… ▪ discloses a detector sensor system where a detector can be a motion detector and signals from one detector can be… ▪ teaches sensor readings are of environmental conditions selected from a group consisting of temperature humidity… | X | X | X | X | X | X | X | X | X | X | X | X | X | |||||||
109 | US6115376A (W. Paul Sherer, 2000) | (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP | Medium access control address authentication | ▪ wireless communication network ≈ non-volatile memory ▪ step b, step d ≈ including a ▪ incoming data, incoming data frames ≈ other port | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches a system relating to security in the data networks and authentication of sources of data carrying a medium… ▪ discloses an authentication method for network access comprising… ▪ teaches that it is desirable that the algorithm of a frame body part in the MAC frame that is transmitted and received… ▪ teaches the monitoring unit comprises a table of correspondence specifying for each port connected to the connection… | X | X | X | X | X | X | X | X | ||||||||||||
110 | US6298250B1 (Byard G. Nilsson, 2001) | (Original Assignee) BETTINA JEAN THOMPSON; KUYPER REENA (ONE-EIGHTH INTEREST) (Current Assignee) Dot 23 Technologies LLC | Wireless prepaid telephone system with extended capability | ▪ wireless communication ≈ wireless communication ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ teaches wherein marketing information is audibly transmitted to the user over the network col… ▪ teaches a housing wherein the member includes a support for locating and retaining a printed circuit board thereon see… ▪ teaches a housing including a guide on the body to receive and support electronic components mounted on the member see… ▪ discloses the use of a text communication account the combination of HAMILTON and NILSSON does not expressly disclose… | X | X | ||||||||||||||||||
111 | US6154775A (Michael John Coss, 2000) | (Original Assignee) Nokia of America Corp (Current Assignee) Palo Alto Networks Inc | Methods and apparatus for a computer network firewall with dynamic rule processing with the ability to dynamically alter the operations of rules | ▪ second receiving unit ≈ comprises information ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a networked personal contact manager title comprising address books for multiple users where users can link to… ▪ teaches displaying an email address as a unique string col… ▪ teaches to set readwritedelete permissions for reserved user space in the wireless module data store… ▪ teaches storing information regarding a user s contacts ie acquaintances and allows users to search each other s… | X | X | ||||||||||||||||||
112 | US6222856B1 (Murali R. Krishnan, 2001) | (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC | Adaptive bandwidth throttling for individual virtual services supported on a network server | ▪ original data frames, data frames ≈ predetermined bandwidth, receiving requests ▪ step a, step b ≈ following steps ▪ step d ≈ time intervals ▪ incoming data frames, data processing unit ≈ fixed time ▪ air interface ≈ apply one | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a system wherein the feed personalization module is further configured to evaluate whether service of the feed… ▪ teaches a computerimplemented method comprising receiving through a network interface of a computer system coupled to… ▪ teaches keeping bandwidth utilized within a threshold of B plus or minus a delta… ▪ discloses that a network server is an ISP that provides services to a client over the… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
113 | US5958053A (John Stewart Denker, 1999) | (Original Assignee) AT&T Corp (Current Assignee) AT&T Corp | Communications protocol with improved security | ▪ outgoing data ≈ established connection ▪ step a, step b ≈ following steps, including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses an invention wherein the implementation of a protocol that embeds packets is made sensitive to the type of… ▪ discloses a method for determining a presence status of a user comprising obtaining… ▪ teaches and describes a system and method that relates to a system and method which provides connectivity between one… ▪ teaches load balancing of the plurality of virtual servers further comprises enabling at least one geographic based… | X | X | X | X | X | |||||||||||||||
114 | US5852351A (Ronald G. Canada, 1998) | (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc | Machine monitor | ▪ original data ≈ store information ▪ transmission channels ≈ clock signals | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches wherein said processor is programmed to calculate the second value of the operating condition of the component… ▪ teaches a controller obtains an analysis result on a status of the motor using… ▪ teaches wherein the first value is one of an average a rolling average a mode a median a range and a standard… ▪ teaches a device for monitoring a machine that remotely alarms a user that a problem has occurred with the machine… | X | X | X | X | X | X | ||||||||||||||
115 | US5919257A (Jonathan Trostle, 1999) | (Original Assignee) Micro Focus Software Inc (Current Assignee) RPX Corp | Networked workstation intrusion detection system | ▪ outgoing data frames, outgoing data frames comprises frames ≈ station identifier ▪ first receiving, first receiving unit ≈ algorithm t ▪ step d ≈ comprises a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses this step to allow software and data to be transferred between computer system… ▪ discloses that the BIOS upgrade is validated by using a digital signature that is embedded in the BIOS upgrade… ▪ discloses the creation of hash values for hashes for each of a plurality of database objects programs at a server see… ▪ teaches if the integrity fails a trusted repository is accessed to obtain a valid replacement component… | X | X | X | X | X | X | ||||||||||||||
116 | US6016318A (Hiroyuki Tomoike, 2000) | (Original Assignee) NEC Corp (Current Assignee) NEC Corp | Virtual private network system over public mobile data network and virtual LAN | ▪ incoming data, incoming traffic ≈ information signal ▪ data processing unit ≈ processing units ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a virtual private network system over a public mobile data network and… ▪ discloses separate sets of queues are associated with separate guest operating systems executing on the host computer… ▪ teaches a wireless station comprising A wireless transceiver at least one network interface connected to the radio… ▪ teaches a reception system featuring the use of supplemental data for the purpose of improving reception performance… | X | X | X | X | X | X | X | |||||||||||||
117 | JPH1117806A (Susumu Matsui, 1999) | (Original Assignee) Hitachi Ltd; 株式会社日立製作所 | Information reception processing method and computer / telephony integration system | ▪ outgoing data ≈ registration process ▪ original data frames ≈ 記憶手段と ▪ air interface ≈ said contact ▪ incoming data, incoming traffic ≈ sender side ▪ step b, step d ≈ includes a ▪ impersonation detection system, data processing unit ≈ apparatus | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches transferring emails from a user home account to a wireless device… ▪ teaches wherein the lowlevel descriptor language is extensible markup language XML column… ▪ teaches sending information via the wireless local area network information representative of a internet web page user… ▪ discloses that many SIP response codes are identical to the corresponding HTTP… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||
118 | WO9826548A1 (Jim Y. Li, 1998) | (Original Assignee) Whistle Communications Corporation | Automatic configuration for internet access device | ▪ wireless network ≈ Internet service provider ▪ step a, step b ≈ following steps, including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ teaches the invention substantially as claims discussed above… ▪ teaches a faxdata modem device that enables a computer system to make FAX or data call via a single telephone line… ▪ teaches having plurality of software software objects and hardware systems of managing and monitoring the IP network… ▪ teaches an apparatus comprising a a receiverclient s browser configured to receive information the information… | X | X | X | |||||||||||||||||
119 | US6028537A (Michael J. Suman, 2000) | (Original Assignee) Prince Corp USA (Current Assignee) Visteon Global Technologies Inc | Vehicle communication and remote control system | ▪ second receiving, second receiving unit ≈ phone calls ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches a system wherein the means for determining the location are incorporated into the device GPS module… ▪ teaches wherein the transmission device is operable to transmit the control signals at least twice col… ▪ discloses a method comprising accessing a location of the device the location determined from pseudo ranges between the… ▪ teaches detecting vehicle abnormal situation door being ajar prioritizing the abnormal condition via response center… | X | X | ||||||||||||||||||
120 | US6173399B1 (Sidney A. Gilbrech, 2001) | (Original Assignee) VPNet Technologies Inc (Current Assignee) Avaya Inc ; VPNet Technologies Inc | Apparatus for implementing virtual private networks | ▪ communication protocol ≈ Internet Protocol ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a method for providing customized advertisement to mobile users based on their profile US… ▪ teaches of hosts on a LAN comprising by the relay device detecting the private IP address and a MAC address of the… ▪ discloses architecture for virtual private network including the following features… ▪ teaches of a virtual network environment wherein the server notifies the relay device of the virtual network IP… | X | |||||||||||||||||||
121 | US6021495A (Vipin Kumar Jain, 2000) | (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP | Method and apparatus for authentication process of a star or hub network connection ports by detecting interruption in link beat | ▪ wireless node ≈ network nodes ▪ incoming data, incoming data frames ≈ other port | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein the digital rights information is a pointer to link a user to a property rights database… ▪ teaches that timestamps can be used as a substitute to random in authentication to prevent replay attacks… ▪ teaches a second access point receiving a handoff request in paragraph… ▪ discloses an authentication method for authenticating a mobile station in which the mobile node sends its subscriber… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
122 | EP0814393A1 (Anders Eriksson, 1997) | (Original Assignee) Telia AB (Current Assignee) Telia AB | Control and supervision of electrical components | ▪ impersonation detection signal ≈ measurement result ▪ wireless communication network ≈ managing unit | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches users actions may be monitored in order to provide better service to the users of the system wherein the… ▪ teaches wherein each control option is associated with a sequence of commands that when executed sends instructions to… ▪ teaches a monitoring system that monitors food for spoilage… ▪ teaches the transducer access device responds to search requests from the control pointcontrol device searching for… | X | X | X | |||||||||||||||||
123 | US5907491A (Ronald G. Canada, 1999) | (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc | Wireless machine monitoring and communication system | ▪ incoming data ≈ receiving wireless signals ▪ time interval ≈ predetermined time period ▪ step b, step d ≈ first predetermined time, including a ▪ wireless communication ≈ wireless communication ▪ communication protocol ≈ transferring data ▪ intrusion attack ≈ designated time ▪ step a ≈ said machine | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches a wireless machine monitoring and communication system including means for monitoring vibration signals and… ▪ discloses all the limitations of the base claims as outlined above… ▪ discloses a system comprising the following features vehicle… ▪ teaches selectively entering a sleep mode to reduce power consumption see… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
124 | EP0793170A1 (Graham Hamilton, 1997) | (Original Assignee) Sun Microsystems Inc (Current Assignee) Sun Microsystems Inc | System and method for automatic configuration of home network computers | ▪ data frames ≈ receiving requests ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses a system and method for automatic con guration of home network computers that combines and stores the local… ▪ teaches that electronic devices such as computers have col… ▪ discloses all subject matter of the claimed invention as discussed above with respect to claim… ▪ teaches having plurality of software software objects and hardware systems of managing and monitoring the IP network… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
125 | US5931946A (Masato Terada, 1999) | (Original Assignee) Hitachi Ltd (Current Assignee) Hitachi Ltd | Network system having external/internal audit system for computer security | ▪ time interval ≈ predetermined time period ▪ second receiving unit ≈ repeating units | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… ▪ discloses the spam determination at then may include comparing the determined or calculated score andor confidence level… ▪ discloses a computerized method of monitoring for a user a denial of service attack upon a target network resource see… ▪ teaches a of different attack scenarios which a single source of attack directs its attack toward either a single… | X | X | X | |||||||||||||||||
126 | US5913041A (Srinivas Ramanathan, 1999) | (Original Assignee) HP Inc (Current Assignee) Viavi Solutions Inc | System for determining data transfer rates in accordance with log information relates to history of data transfer activities that independently stored in content servers | ▪ data frames ≈ receiving requests ▪ communication protocol ≈ Internet Protocol, transferring data ▪ step b, step d ≈ including a, comprises a ▪ outgoing data, outgoing data frames ≈ n channels | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses a providing service control device according to claim… ▪ teaches the tracking of data transfers within a network system… ▪ discloses an email system that provides the ability to re assemble objects at a replication site such that an object and… ▪ discloses that intranet internet protocol address is assigned to the first user from a plurality of intranet internet… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
127 | US5796942A (Daniel Esbensen, 1998) | (Original Assignee) CA Inc (Current Assignee) CA Inc | Method and apparatus for automated network-wide surveillance and security breach intervention | ▪ original data ≈ reading data ▪ incoming traffic ≈ data packet | X | X | X | X | X | X | ||||||||||||||||
128 | US5898830A (Ralph E. Wesinger, 1999) | (Original Assignee) Network Engr Software (Current Assignee) GraphOn Corp | Firewall providing enhanced network security and user transparency | ▪ first receiving ≈ computer instructions ▪ intrusion attack ≈ first firewall ▪ communication protocol ≈ first packet ▪ incoming traffic ≈ data packet ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses the secure network wherein all data transmitted from one network device to another network device traverses… ▪ teaches encrypting encoding key data transmission delivering information other than publicity available program and… ▪ teaches if user desire contract to have advertising inserted for subscription current actual cost per unit time is… ▪ teaches the invention substantially as claimed including application program and documentation generator system and… | X | X | X | X | X | |||||||||||||||
129 | US5892903A (Christopher W. Klaus, 1999) | (Original Assignee) Internet Security Systems Inc (Current Assignee) International Business Machines Corp | Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system | ▪ intrusion attack ≈ network communications ▪ second receiving unit, second receiving ≈ predetermined value, source addresses ▪ communication protocol ≈ Internet Protocol ▪ original data ≈ coupled thereto ▪ step d ≈ step d | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches methods for risk rating and detecting malicious online ads see… ▪ teaches wherein the network information includes a list of wireless access point devices and associated parameters… ▪ discloses the spam determination at then may include comparing the determined or calculated score andor confidence level… ▪ teaches a of different attack scenarios which a single source of attack directs its attack toward either a single… | X | X | X | X | X | X | X | X | X | |||||||||||
130 | US5854994A (Ronald G. Canada, 1998) | (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc | Vibration monitor and transmission system | ▪ incoming data, incoming traffic ≈ receiving wireless signals, power consumption ▪ communication protocol ≈ communication protocol, transferring data ▪ transmission channels ≈ frequency domain, clock signals ▪ data frames ≈ time period ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches a wireless machine monitoring and communication system including means for monitoring vibration signals and… ▪ discloses all the limitations of the base claims as outlined above… ▪ discloses a system comprising the following features vehicle… ▪ teaches selectively entering a sleep mode to reduce power consumption see… | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
131 | US5726911A (Ronald G. Canada, 1998) | (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc | Electric motor monitor | ▪ time interval ≈ predetermined time period ▪ transmission channels ≈ temperature ranges ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches wherein said processor is programmed to calculate the second value of the operating condition of the component… ▪ teaches a controller obtains an analysis result on a status of the motor using… ▪ teaches wherein the first value is one of an average a rolling average a mode a median a range and a standard… ▪ teaches a device for monitoring a machine that remotely alarms a user that a problem has occurred with the machine… | X | X | X | |||||||||||||||||
132 | US5870610A (William J. Beyda, 1999) | (Original Assignee) Siemens Business Communication Systems Inc (Current Assignee) Enterprise Systems Technologies SARL | Autoconfigurable method and system having automated downloading | ▪ wireless node ≈ transmission lines ▪ intrusion attack ≈ said devices ▪ step d ≈ said method | X | X | X | X | X | X | X | X | X | X | X | |||||||||||
133 | US6009363A (Richard D. Beckert, 1999) | (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC | Vehicle computer system with high speed data buffer and serial interconnect | ▪ data processing unit ≈ processing units ▪ incoming traffic ≈ master clock ▪ step b ≈ clock pulses ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein the first portion of the electronic system includes an audio transmission circuit… ▪ discloses the seizing of a second channel in the case of failure of a first channel… ▪ teaches that the decrypting the digest associated with the software component using a public key column… ▪ discloses a display panel with a plurality of connections to external input devices see… | X | X | ||||||||||||||||||
134 | WO9631077A1 (Dalibor Turina, 1996) | (Original Assignee) Telefonaktiebolaget Lm Ericsson (Publ) | Method and arrangement in a radio communication system | ▪ step a, step b ≈ following steps ▪ incoming data, incoming traffic ≈ time slots | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses a system comprising a data interface eg transmission system… ▪ teaches the known technique the predetermined threshold level comprises a predetermined period of time has lapsed… ▪ discloses separate sets of queues are associated with separate guest operating systems executing on the host computer… ▪ teaches that priority value can be received and stored in USIM card… | X | X | X | X | X | X | X | |||||||||||||
135 | US5793476A (Peter Laakmann, 1998) | (Original Assignee) Lidatek LLC (Current Assignee) CHL REVOCABLE TRUST | Laser transponder and method for disabling laser speed monitors | ▪ time interval ≈ predetermined time period, selected time period ▪ second receiving ≈ carrier frequency ▪ first receiving ≈ transmitting step ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ teaches that for manned aircraft collisions with ground and air based obstacles results in numerous fatalities each… ▪ discloses combining the fused image with symbols representing objects… ▪ teaches a photodiode for the light detector that generates a detection signal for transmission to a signal processor… ▪ teaches an array of object detection beams for detecting objects in the front monitored area and the rear monitored… | X | X | X | |||||||||||||||||
136 | US5794164A (Richard D. Beckert, 1998) | (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC | Vehicle computer system | ▪ wireless communication ≈ wireless communication ▪ transmitting unit, transmitting outgoing data frames ≈ receiving device ▪ data processing unit ≈ processing units | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein the first portion of the electronic system includes an audio transmission circuit… ▪ discloses the seizing of a second channel in the case of failure of a first channel… ▪ teaches that the decrypting the digest associated with the software component using a public key column… ▪ discloses a display panel with a plurality of connections to external input devices see… | X | X | X | X | X | X | ||||||||||||||
137 | US20010040885A1 (Howard Jonas, 2001) | (Original Assignee) International Discount Telecommunications Corp; Net2phone Inc (Current Assignee) International Discount Telecommunications Corp ; Net2phone Inc | Method and apparatus for transmitting and routing voice telephone calls over a packet switched computer network | ▪ time interval, data processing unit ≈ packet format ▪ step b, step d ≈ including a, comprises a ▪ incoming traffic ≈ data packet | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) ▪ 35 U.S.C. 102(b) | ▪ discloses that the charge to a user in a packet switched network is based on the amount of information transmitted see… ▪ teaches a connection and packet level multiplexing between network links… ▪ teaches wherein a received data packet of the plurality of received data packets is formatted based on a different… ▪ discloses a method and system for establishing a telephone call between the computer and telephone device via internet… | X | X | X | |||||||||||||||||
138 | US5659195A (William J. Kaiser, 1997) | (Original Assignee) University of California (Current Assignee) University of California | CMOS integrated microsensor with a precision measurement circuit | ▪ original data, data processing unit ≈ first semiconductor ▪ step b, step d ≈ including a, comprises a ▪ air interface ≈ top layer | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses wherein said thermal actuators are electromagnetic actuator wherein said thermal actuators provide actuation… ▪ teaches an insulating member ZR between the adjacent capacitance electrodes being the same as the insulating base… ▪ teaches depositing of a polysilicon but lacks depositing a seed layer and then epitaxially depositing epipoly thereon… ▪ teaches it is the preferred material for the base and with the column and walls of… | X | X | X | X | X | X | X | |||||||||||||
139 | JPH08186569A (Junko Ami, 1996) | (Original Assignee) Toshiba Corp; 株式会社東芝 | Address management device and address management method | ▪ original data frames ≈ 記憶手段と ▪ transmitting unit ≈ receiving means ▪ wireless node ≈ ノード間 ▪ impersonation detection system, data processing unit ≈ apparatus, detecting | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||
140 | US5745759A (Patrick M. Hayden, 1998) | (Original Assignee) QNX Software Systems Ltd (Current Assignee) 2236008 Ontario Inc ; 8758271 Canada Inc | Window kernel | ▪ step a, step b ≈ following steps, including a ▪ second receiving, second receiving unit ≈ second planar, first area ▪ first receiving ≈ device signal ▪ first receiving unit ≈ said area | X | X | ||||||||||||||||||||
141 | US5553076A (Saman Behtash, 1996) | (Original Assignee) TCSI Corp (Current Assignee) Atmel Corp | Method and apparatus for a wireless local area network | ▪ wireless communication ≈ wireless communication ▪ first receiving ≈ transmitting step ▪ transmitting unit ≈ receiving means ▪ step d ≈ said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses wherein a first communication transmission is from the first backhaul access point to the first repeater… ▪ teaches the known technique the predetermined threshold level comprises a predetermined period of time has lapsed… ▪ discloses separate sets of queues are associated with separate guest operating systems executing on the host computer… ▪ teaches the step of authorizing stations prior to granting the allocation… | X | X | X | X | X | |||||||||||||||
142 | US5557742A (Stephen E. Smaha, 1996) | (Original Assignee) Haystack Labs Inc (Current Assignee) McAfee LLC | Method and system for detecting intrusion into and misuse of a data processing system | ▪ original data ≈ object information ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses user authentication is typically implemented in the form of password protection for a system… ▪ teaches a security monitoring apparatus based on access log wherein representation of the time of the most recent read… ▪ discloses excessive storage user but not excessive system service use… ▪ discloses software product comprising instructions stored on computer readable media wherein the instructions when… | X | X | X | X | ||||||||||||||||
143 | WO9417606A1 (Michael A. Fischer, 1994) | (Original Assignee) Digital Ocean, Inc. | Medium access control protocol for wireless network | ▪ step a ≈ spreading code ▪ data frames, incoming data frames ≈ second frame, one frame ▪ step b, step d ≈ including a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses a method wherein speci c information is provided to a device… ▪ discloses turning on communicators for transmitting and receiving data and turning off the communicator when they are… ▪ teaches that each remote communicator must repeatedly measure the time from receipt of the information frame until the… ▪ teaches a medium access control MAC technique or protocol for selectively activating and deactivating the transmitters… | X | X | X | X | X | X | X | X | X | X | X | |||||||||
144 | JPH07154859A (Kenichi Ishida, 1995) | (Original Assignee) Mitsubishi Electric Corp; 三菱電機株式会社 | Mobile equipment, switching center, and mobile communication system | ▪ step a ≈ selection control ▪ original data, original data frames ≈ シーケンス ▪ impersonation detection signal ≈ 上記移動機 ▪ step b, step d ≈ includes a ▪ second receiving, second receiving unit ≈ reception | X | X | X | X | X | X | ||||||||||||||||
145 | US5424808A (Kazunobu Maekawa, 1995) | (Original Assignee) Minolta Co Ltd (Current Assignee) Minolta Co Ltd | Control apparatus for copying machine with improved communication function for centralized control unit | ▪ second receiving unit ≈ predetermined value ▪ transmitting unit ≈ receiving means ▪ step d, step b ≈ comprises a, including a ▪ original data, original data frames ≈ paper jam | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses a memory for registering an electronic mail address and wherein in a case where an electronic mail is received… ▪ discloses wherein information indicating a printing apparatus may comprise a printer model or a unique name… ▪ teaches a method of examining the threshold value and alerting the user and vendor of consumables that are in need of… ▪ teaches a data processing apparatus connected to a printing apparatus… | X | X | X | X | X | X | X | |||||||||||||
146 | US5428636A (Robert C. Meier, 1995) | (Original Assignee) Norand Corp (Current Assignee) Avago Technologies General IP Singapore Pte Ltd ; Innovatio IP Ventures LLC | Radio frequency local area network | ▪ wireless communication ≈ present location ▪ step a ≈ node b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ discloses having a node remain awake for the minimal time necessary to receive the next HELLO packet the intent is not… ▪ teaches a method for implementing a short range wireless communication system see… ▪ discloses a power consumption reducing apparatus comprising a periodic active state conversion unit which in each awake… ▪ discloses the wireless sensor system where in the system and method of… | X | X | ||||||||||||||||||
147 | US5760530A (Edward S. Kolesar, 1998) | (Original Assignee) US Air Force (Current Assignee) US Air Force | Piezoelectric tactile sensor | ▪ intrusion detection module, intrusion detection module incoming data frames ≈ determining presence ▪ transmitting unit ≈ area portion ▪ step b, step d ≈ including a, step b | ▪ 35 U.S.C. 103(a) | ▪ teaches two piezoelectric elements on each end of the touch sensor but does not teach a second displacement section is… | X | X | X | X | X | X | X | X | X | X | ||||||||||
148 | US5287110A (My Tran, 1994) | (Original Assignee) Honeywell Inc (Current Assignee) Honeywell Inc | Complementary threat sensor data fusion method and apparatus | ▪ data processing unit ≈ solving means ▪ second receiving unit ≈ elapsed time ▪ step b, step d ≈ including a, comprises a | ▪ 35 U.S.C. 103(a) | ▪ discloses the method pertaining to matrix operations wherein an average value is calculated along the diagonal of a… ▪ discloses that components that have bers dependent on optical path length and input wavelengths can be used as… ▪ teaches a method of estimating an arcposition of a distal transmitter… | X | X | ||||||||||||||||||
149 | JPH0661903A (Kazuhisa Tsubaki, 1994) | (Original Assignee) Matsushita Electric Ind Co Ltd; 松下電器産業株式会社 | Intercom | ▪ impersonation detection system, data processing unit ≈ apparatus ▪ second receiving, second receiving unit ≈ reception ▪ transmitting original data frames, transmitting outgoing data frames ≈ 符復号 | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||||
150 | US5241542A (Kadathur S. Natarajan, 1993) | (Original Assignee) International Business Machines Corp (Current Assignee) Lenovo Singapore Pte Ltd | Battery efficient operation of scheduled access protocol | ▪ wireless communication ≈ wireless communication ▪ impersonation detection system ≈ remaining time ▪ data frames, incoming data frames ≈ second frame, time slots ▪ step b, step d ≈ including a, said method | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses sending a null data frame to the current access point with a power save bit turned on… ▪ discloses disabling power save poll generation in the client… ▪ discloses during scheduling AP indicating to STA to transmit frame and frame utilizes… ▪ discloses a system and method for sharing bandwidth by a plurality of devices in a wireless personal area network or… | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||
151 | US5247564A (Robert G. Zicker, 1993) | (Original Assignee) GTE Mobile Communications Service Corp (Current Assignee) GTE Wireless Inc | Adaptive vehicle alarm detection and reporting system | ▪ transmitting outgoing data frames ≈ mobile radio ▪ second receiving, second receiving unit ≈ phone calls ▪ step d ≈ comprises a, said method ▪ step a ≈ step a ▪ step b ≈ step b | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) ▪ 35 U.S.C. 102(e) | ▪ teaches mounting a radio receiving unit in a trunk lid or shaped adaptation for accumulating the radio receiver unit… ▪ discloses a control system and method for a vehicle in which signals for activating deactivating enabling and disabling… ▪ teaches the maintenance menu comprises an item to modify input delete or save at least one of a sales volume of a… ▪ discloses an analogous art vehicle tracking and security system with position determining that comprises an… | X | X | X | |||||||||||||||||
152 | US4855713A (Robert E. Brunius, 1989) | (Original Assignee) Interactive Technologies Inc (Current Assignee) Carrier Fire and Security Americas Corp | Learn mode transmitter | ▪ time interval ≈ temporarily store ▪ step d ≈ comprises a | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(e) | ▪ discloses the routing information base is implemented as a link state database that stores the sensor information… ▪ discloses several participants are assembled in a group and a group membership is contained in the list see… ▪ teaches a surveillance network comprising a controller a plurality of sensors being capable of communicating with the… ▪ discloses transmitted to an intended recipient participant by way of one or more intermediating participants and further… | X | |||||||||||||||||||
153 | US4951029A (Paul K. Severson, 1990) | (Original Assignee) Interactive Technologies Inc (Current Assignee) Carrier Fire and Security Americas Corp | Micro-programmable security system | ▪ air interface ≈ first system controller, communication link ▪ original data ≈ coupled thereto ▪ second receiving ≈ first reporting ▪ communication protocol ≈ control signals ▪ transmitting unit ≈ receiving means ▪ step b, step d ≈ including a, comprises a | X | X | X | X | X | X | X | X | X | |||||||||||||
154 | US4876545A (Christopher M. Carlson, 1989) | (Original Assignee) ITT Corp (Current Assignee) ITT Inc | Adaptive blanking interface apparatus for self-protection jamming equipment employed in conjunction with radar systems | ▪ step d, step b ≈ change information, including a ▪ time interval ≈ real time basis ▪ transmitting unit ≈ receiving means | ▪ 35 U.S.C. 103(a) ▪ 35 U.S.C. 102(b) | ▪ discloses the method pertaining to matrix operations wherein an average value is calculated along the diagonal of a… ▪ teaches wherein the communications jamming systems communicate with one another via radiofrequency links wherein the… ▪ teaches the sensor system is configured to monitor a space which is a ship and the sensor data is transmitted to a… ▪ discloses an upconverter for shifting the frequency of the transmitted signal… | X | X | ||||||||||||||||||
155 | US4812820A (Ian M. Chatwin, 1989) | (Original Assignee) Chatwin Ian Malcolm | Electronic surveillance system and transceiver unit therefor | ▪ incoming data ≈ logic circuitry ▪ incoming traffic ≈ other units | X | X | X | X | X | X | X | |||||||||||||||
156 | US4520674A (Ronald G. Canada, 1985) | (Original Assignee) Technology for Energy Corp (Current Assignee) TECHNOLOGY FOR ENERGY Corp A CORP ; Technology for Energy Corp ; Fifth Third Bank NA | Vibration monitoring device | ▪ step a ≈ power supply means, said machine ▪ incoming data, incoming traffic ≈ power consumption ▪ wireless node, wireless communication ≈ including analog ▪ transmission channels ≈ frequency domain ▪ step d ≈ comprises a | X | X | X | X | X | X | X | X | X | X |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | 1997 INTERNATIONAL SYMPOSIUM ON LOW POWER ELECTRONICS AND DESIGN, PROCEEDINGS. : 173-177 1997 Publication Year: 1997 Low Power Signal Processing Architectures For Network Microsensors University of California, Los Angeles (UCLA) Dong, Yung, Kaiser, Assoc Comp Machinery |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (measurement system) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Low Power Signal Processing Architectures For Network Microsensors . Low power signal processing systems are required for distributed network microsensor technology , Network microsensors now provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management . and safety and security systems , Signal processing methods for event detection have been developed with low power , parallel architectures that optimize performance for unique sensor system requirements , Implementation of parallel datapaths with shared arithmetic elements enables high throughput at low clock rate , This method has been used to implement a microsensor spectrum analyzer for a 200 sample/s measurement system (incoming traffic) , This 0 . 8 mu CMOS device operates with a 1 mu A drain current at a 3V supply bias . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (parallel data) . |
Low Power Signal Processing Architectures For Network Microsensors . Low power signal processing systems are required for distributed network microsensor technology , Network microsensors now provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management . and safety and security systems , Signal processing methods for event detection have been developed with low power , parallel architectures that optimize performance for unique sensor system requirements , Implementation of parallel data (communication protocol) paths with shared arithmetic elements enables high throughput at low clock rate , This method has been used to implement a microsensor spectrum analyzer for a 200 sample/s measurement system , This 0 . 8 mu CMOS device operates with a 1 mu A drain current at a 3V supply bias . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (measurement system) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Low Power Signal Processing Architectures For Network Microsensors . Low power signal processing systems are required for distributed network microsensor technology , Network microsensors now provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management . and safety and security systems , Signal processing methods for event detection have been developed with low power , parallel architectures that optimize performance for unique sensor system requirements , Implementation of parallel datapaths with shared arithmetic elements enables high throughput at low clock rate , This method has been used to implement a microsensor spectrum analyzer for a 200 sample/s measurement system (incoming traffic) , This 0 . 8 mu CMOS device operates with a 1 mu A drain current at a 3V supply bias . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | UNATTENDED GROUND SENSOR TECHNOLOGIES AND APPLICATIONS IV. 4743: 327-337 2002 Publication Year: 2002 Open Standard Development Platforms For Distributed Sensor Networks Sensoria Corporation Merrill, Sohrabi, Girod, Elson, Newberg, Kaiser, Carapezza |
---|---|
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (data rate) allocated to the wireless node and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
Open Standard Development Platforms For Distributed Sensor Networks . In the development of distributed security sensor networks a large variety of prototype systems have been implemented and tested . However these systems tend to be developer specific and require substantial overhead in demonstrating more than one application . To bridge the gap between embedded , networked . systems and desktop simulation environments , systems are necessary which are easily deployable and allow extended operation of distributed sensor networks , while allowing the flexibility to quickly test and evaluate a variety of operational algorithms . To enable fast optimization by leveraging the widest development community , open standards for such a portable development system are desired . An open development system allows individual developers and small groups to focus on and optimize specific aspects of a distributed sensor network within realistic deployment constraints , prior to complete integration and deployment of a system within a specific application . By providing an embedded sensor and processing platform with integrated wired and wireless networking , a modular software suite separating access and control of individual processes , and open APIs , algorithm development and software optimization can be greatly accelerated and more robustly tested . To meet the unique needs of distributed sensor network applications , additional separation must be provided between the access to various subsystems , for example real-time embedded control versus tasks with less stringent timing requirements . An open platform that separates these requirements allows developers to accelerate testing and development of applications by focusing on individual components of the distributed sensor system , such as target tracking or low power networking . The WINS NG 2 . 0 developer's platform , provided by Sensoria Corporation for the DARPA/ITO Sensor Information Technology (SensIT) program , provides one example of such a system . This systems bridge the gap between dedicated desktop development environments and embedded application-specific unattended sensor systems . This system provides open access control to high data rate (wireless channels) sensing , local multi-hop wireless and wired networking , node geolocation , the Linux operating system , additional software process separation and control , and a size and power constrained system with access to both high and low level system control . This paper describes the benefits in providing open standards to develop and compare distributed sensor applications while using the WINS NG 2 . 0 development system as an example of the flexibility and development speed an open system approach facilitates . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (sensor network) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Open Standard Development Platforms For Distributed Sensor Networks . In the development of distributed security sensor network (transmitting unit, transmitting original data frames) s a large variety of prototype systems have been implemented and tested . However these systems tend to be developer specific and require substantial overhead in demonstrating more than one application . To bridge the gap between embedded , networked . systems and desktop simulation environments , systems are necessary which are easily deployable and allow extended operation of distributed sensor networks , while allowing the flexibility to quickly test and evaluate a variety of operational algorithms . To enable fast optimization by leveraging the widest development community , open standards for such a portable development system are desired . An open development system allows individual developers and small groups to focus on and optimize specific aspects of a distributed sensor network within realistic deployment constraints , prior to complete integration and deployment of a system within a specific application . By providing an embedded sensor and processing platform with integrated wired and wireless networking , a modular software suite separating access and control of individual processes , and open APIs , algorithm development and software optimization can be greatly accelerated and more robustly tested . To meet the unique needs of distributed sensor network applications , additional separation must be provided between the access to various subsystems , for example real-time embedded control versus tasks with less stringent timing requirements . An open platform that separates these requirements allows developers to accelerate testing and development of applications by focusing on individual components of the distributed sensor system , such as target tracking or low power networking . The WINS NG 2 . 0 developer's platform , provided by Sensoria Corporation for the DARPA/ITO Sensor Information Technology (SensIT) program , provides one example of such a system . This systems bridge the gap between dedicated desktop development environments and embedded application-specific unattended sensor systems . This system provides open access control to high data rate sensing , local multi-hop wireless and wired networking , node geolocation , the Linux operating system , additional software process separation and control , and a size and power constrained system with access to both high and low level system control . This paper describes the benefits in providing open standards to develop and compare distributed sensor applications while using the WINS NG 2 . 0 development system as an example of the flexibility and development speed an open system approach facilitates . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (sensor network) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
Open Standard Development Platforms For Distributed Sensor Networks . In the development of distributed security sensor network (transmitting unit, transmitting original data frames) s a large variety of prototype systems have been implemented and tested . However these systems tend to be developer specific and require substantial overhead in demonstrating more than one application . To bridge the gap between embedded , networked . systems and desktop simulation environments , systems are necessary which are easily deployable and allow extended operation of distributed sensor networks , while allowing the flexibility to quickly test and evaluate a variety of operational algorithms . To enable fast optimization by leveraging the widest development community , open standards for such a portable development system are desired . An open development system allows individual developers and small groups to focus on and optimize specific aspects of a distributed sensor network within realistic deployment constraints , prior to complete integration and deployment of a system within a specific application . By providing an embedded sensor and processing platform with integrated wired and wireless networking , a modular software suite separating access and control of individual processes , and open APIs , algorithm development and software optimization can be greatly accelerated and more robustly tested . To meet the unique needs of distributed sensor network applications , additional separation must be provided between the access to various subsystems , for example real-time embedded control versus tasks with less stringent timing requirements . An open platform that separates these requirements allows developers to accelerate testing and development of applications by focusing on individual components of the distributed sensor system , such as target tracking or low power networking . The WINS NG 2 . 0 developer's platform , provided by Sensoria Corporation for the DARPA/ITO Sensor Information Technology (SensIT) program , provides one example of such a system . This systems bridge the gap between dedicated desktop development environments and embedded application-specific unattended sensor systems . This system provides open access control to high data rate sensing , local multi-hop wireless and wired networking , node geolocation , the Linux operating system , additional software process separation and control , and a size and power constrained system with access to both high and low level system control . This paper describes the benefits in providing open standards to develop and compare distributed sensor applications while using the WINS NG 2 . 0 development system as an example of the flexibility and development speed an open system approach facilitates . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
Open Standard Development Platforms For Distributed Sensor Networks . In the development of distributed security sensor networks a large variety of prototype systems have been implemented and tested . However these systems tend to be developer specific and require substantial overhead in demonstrating more than one application . To bridge the gap between embedded , networked . systems and desktop simulation environments , systems are necessary which are easily deployable and allow extended operation of distributed sensor networks , while allowing the flexibility to quickly test and evaluate a variety of operational algorithms . To enable fast optimization by leveraging the widest development community , open standards for such a portable development system are desired . An open development system allows individual developers and small groups to focus on and optimize specific aspects of a distributed sensor network within realistic deployment constraints , prior to complete integration and deployment of a system within a specific application . By providing an embedded sensor and processing platform with integrated wired and wireless network (wireless network) ing , a modular software suite separating access and control of individual processes , and open APIs , algorithm development and software optimization can be greatly accelerated and more robustly tested . To meet the unique needs of distributed sensor network applications , additional separation must be provided between the access to various subsystems , for example real-time embedded control versus tasks with less stringent timing requirements . An open platform that separates these requirements allows developers to accelerate testing and development of applications by focusing on individual components of the distributed sensor system , such as target tracking or low power networking . The WINS NG 2 . 0 developer's platform , provided by Sensoria Corporation for the DARPA/ITO Sensor Information Technology (SensIT) program , provides one example of such a system . This systems bridge the gap between dedicated desktop development environments and embedded application-specific unattended sensor systems . This system provides open access control to high data rate sensing , local multi-hop wireless and wired networking , node geolocation , the Linux operating system , additional software process separation and control , and a size and power constrained system with access to both high and low level system control . This paper describes the benefits in providing open standards to develop and compare distributed sensor applications while using the WINS NG 2 . 0 development system as an example of the flexibility and development speed an open system approach facilitates . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
Open Standard Development Platforms For Distributed Sensor Networks . In the development of distributed security sensor networks a large variety of prototype systems have been implemented and tested . However these systems tend to be developer specific and require substantial overhead in demonstrating more than one application . To bridge the gap between embedded , networked . systems and desktop simulation environments , systems are necessary which are easily deployable and allow extended operation of distributed sensor networks , while allowing the flexibility to quickly test and evaluate a variety of operational algorithms . To enable fast optimization by leveraging the widest development community , open standards for such a portable development system are desired . An open development system allows individual developers and small groups to focus on and optimize specific aspects of a distributed sensor network within realistic deployment constraints , prior to complete integration and deployment of a system within a specific application . By providing an embedded sensor and processing platform with integrated wired and wireless network (wireless network) ing , a modular software suite separating access and control of individual processes , and open APIs , algorithm development and software optimization can be greatly accelerated and more robustly tested . To meet the unique needs of distributed sensor network applications , additional separation must be provided between the access to various subsystems , for example real-time embedded control versus tasks with less stringent timing requirements . An open platform that separates these requirements allows developers to accelerate testing and development of applications by focusing on individual components of the distributed sensor system , such as target tracking or low power networking . The WINS NG 2 . 0 developer's platform , provided by Sensoria Corporation for the DARPA/ITO Sensor Information Technology (SensIT) program , provides one example of such a system . This systems bridge the gap between dedicated desktop development environments and embedded application-specific unattended sensor systems . This system provides open access control to high data rate sensing , local multi-hop wireless and wired networking , node geolocation , the Linux operating system , additional software process separation and control , and a size and power constrained system with access to both high and low level system control . This paper describes the benefits in providing open standards to develop and compare distributed sensor applications while using the WINS NG 2 . 0 development system as an example of the flexibility and development speed an open system approach facilitates . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
Open Standard Development Platforms For Distributed Sensor Networks . In the development of distributed security sensor networks a large variety of prototype systems have been implemented and tested . However these systems tend to be developer specific and require substantial overhead in demonstrating more than one application . To bridge the gap between embedded , networked . systems and desktop simulation environments , systems are necessary which are easily deployable and allow extended operation of distributed sensor networks , while allowing the flexibility to quickly test and evaluate a variety of operational algorithms . To enable fast optimization by leveraging the widest development community , open standards for such a portable development system are desired . An open development system allows individual developers and small groups to focus on and optimize specific aspects of a distributed sensor network within realistic deployment constraints , prior to complete integration and deployment of a system within a specific application . By providing an embedded sensor and processing platform with integrated wired and wireless network (wireless network) ing , a modular software suite separating access and control of individual processes , and open APIs , algorithm development and software optimization can be greatly accelerated and more robustly tested . To meet the unique needs of distributed sensor network applications , additional separation must be provided between the access to various subsystems , for example real-time embedded control versus tasks with less stringent timing requirements . An open platform that separates these requirements allows developers to accelerate testing and development of applications by focusing on individual components of the distributed sensor system , such as target tracking or low power networking . The WINS NG 2 . 0 developer's platform , provided by Sensoria Corporation for the DARPA/ITO Sensor Information Technology (SensIT) program , provides one example of such a system . This systems bridge the gap between dedicated desktop development environments and embedded application-specific unattended sensor systems . This system provides open access control to high data rate sensing , local multi-hop wireless and wired networking , node geolocation , the Linux operating system , additional software process separation and control , and a size and power constrained system with access to both high and low level system control . This paper describes the benefits in providing open standards to develop and compare distributed sensor applications while using the WINS NG 2 . 0 development system as an example of the flexibility and development speed an open system approach facilitates . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | USENIX ASSOCIATION PROCEEDINGS OF THE FIFTH SYMPOSIUM ON OPERATING SYSTEMS DESIGN AND IMPLEMENTATION. : 147-163 2002 Publication Year: 2002 Fine-grained Network Time Synchronization Using Reference Broadcasts University of California, Los Angeles (UCLA) Elson, Girod, Estrin, Usenix, Usenix |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (data fusion) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (explicit time) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor networks for diverse purposes including sensor data fusion (original data) , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit time (intrusion detection module incoming data frames) stamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm that uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (data fusion) frames . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor networks for diverse purposes including sensor data fusion (original data) , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit timestamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm that uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (data fusion) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor networks for diverse purposes including sensor data fusion (original data) , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit timestamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm that uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (data fusion) frames (sensor network) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor network (transmitting unit, transmitting original data frames) s for diverse purposes including sensor data fusion (original data) , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit timestamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm that uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (algorithm t) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor networks for diverse purposes including sensor data fusion , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit timestamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm t (first receiving, first receiving unit) hat uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (sensor network) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor network (transmitting unit, transmitting original data frames) s for diverse purposes including sensor data fusion , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit timestamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm that uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (algorithm t) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Fine-grained Network Time Synchronization Using Reference Broadcasts . Recent advances in miniaturization and low-cost , low-power design have led to active research in large-scale networks of small , wireless , low-power sensors and actuators . Time synchronization is critical in sensor networks for diverse purposes including sensor data fusion , coordinated actuation , and power-efficient duty cycling . Though the clock accuracy and precision requirements are often stricter than in traditional distributed systems , strict energy constraints limit the resources available to meet these goals . We present Reference-Broadcast Synchronization , a scheme in which nodes send reference beacons to their neighbors using physical-layer broadcasts . A reference broadcast does not contain an explicit timestamp ; instead , receivers use its arrival time as a point of reference for comparing their clocks . In this paper , we use measurements from two wireless implementations to show that removing the sender's nondeterminism from the critical path in this way produces high-precision clock agreement (1 . 85 +/- 1 . 28 musec , using off-the-shelf 802 . 11 wireless Ethernet) , while using minimal energy . We also describe a novel algorithm t (first receiving, first receiving unit) hat uses this same broadcast property to federate clocks across broadcast domains with a slow decay in precision (3 . 68 +/- 2 . 57 musec after 4 hops) . RBS can be used without external references , forming a precise relative timescale , or can maintain microsecond-level synchronization to an external timescale such as UTC . We show a significant improvement over the Network Time Protocol (NTP) under similar conditions . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | UNATTENDED GROUND SENSOR TECHNOLOGIES AND APPLICATIONS. 3713: 229-237 1999 Publication Year: 1999 Self-organizing Distributed Sensor Networks Rockwell Science Center Clare, Pottie, Agre, Carapezza, Law, Stalker |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Self-organizing Distributed Sensor Networks . Advances in CMOS IC and micro electrical-mechanical systems (MEMS) technology are enabling construction of low-cost building blocks each of which incorporates sensing , signal processing , and wireless communication (wireless communication) s . Collections of these integrated microsensor nodes may be formed into sensor networks in a wide variety of ways , with characteristics that depend on the specific application - the total number of nodes , the spatial density , the geometric configuration (e . g . , linear vs . areal) , topographic aspects (e . g . , smooth vs . rough terrain) , and proximity and proportion of user/sink points . The power of these distributed sensor networks will be unleashed by means of their ability to self-organize , i . e . , to bootstrap and dynamically maintain organizational structure befitting the purpose and situation that is presented , without the need for human assistance . A prototype sensor system and networking protocols are being developed under the DARPA/TTO AWAIRS Program and are described . The current system is capable of self-organizing the communications among nodes so as to bring the initial system on-line via discovery mechanisms , establish needed end-to-end circuits that provide information to and commands from end users , allow new nodes to be added and reconfigure when existing nodes fail , and to quickly evolve so as to achieve these functions via low power operation . Improved network protocols have been designed and simulated that are expected to enhance performance in bootstrap and routing , and these will be integrated into the existing modular system architecture . Self-organizing procedures for cooperative signal processing and resource management are also being incorporated into the AWAIRS microsensor network system . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames (sensor network) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Self-organizing Distributed Sensor Networks . Advances in CMOS IC and micro electrical-mechanical systems (MEMS) technology are enabling construction of low-cost building blocks each of which incorporates sensing , signal processing , and wireless communication (wireless communication) s . Collections of these integrated microsensor nodes may be formed into sensor network (transmitting unit, transmitting original data frames) s in a wide variety of ways , with characteristics that depend on the specific application - the total number of nodes , the spatial density , the geometric configuration (e . g . , linear vs . areal) , topographic aspects (e . g . , smooth vs . rough terrain) , and proximity and proportion of user/sink points . The power of these distributed sensor networks will be unleashed by means of their ability to self-organize , i . e . , to bootstrap and dynamically maintain organizational structure befitting the purpose and situation that is presented , without the need for human assistance . A prototype sensor system and networking protocols are being developed under the DARPA/TTO AWAIRS Program and are described . The current system is capable of self-organizing the communications among nodes so as to bring the initial system on-line via discovery mechanisms , establish needed end-to-end circuits that provide information to and commands from end users , allow new nodes to be added and reconfigure when existing nodes fail , and to quickly evolve so as to achieve these functions via low power operation . Improved network protocols have been designed and simulated that are expected to enhance performance in bootstrap and routing , and these will be integrated into the existing modular system architecture . Self-organizing procedures for cooperative signal processing and resource management are also being incorporated into the AWAIRS microsensor network system . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Self-organizing Distributed Sensor Networks . Advances in CMOS IC and micro electrical-mechanical systems (MEMS) technology are enabling construction of low-cost building blocks each of which incorporates sensing , signal processing , and wireless communications . Collections of these integrated microsensor nodes may be formed into sensor networks in a wide variety of ways , with characteristics that depend on the specific application - the total number of nodes , the spatial density , the geometric configuration (e . g . , linear vs . areal) , topographic aspects (e . g . , smooth vs . rough terrain) , and proximity and proportion of user/sink points . The power of these distributed sensor networks will be unleashed by means of their ability to self-organize , i . e . , to bootstrap and dynamically maintain organizational structure befitting the purpose and situation that is presented , without the need for human assistance . A prototype sensor system and networking protocols are being developed under the DARPA/TTO AWAIRS Program and are described . The current system is capable of self-organizing the communications among nodes so as to bring the initial system on-line via discovery mechanisms , establish needed end-to-end circuits that provide information to and commands from end user (transmission channels) s , allow new nodes to be added and reconfigure when existing nodes fail , and to quickly evolve so as to achieve these functions via low power operation . Improved network protocols have been designed and simulated that are expected to enhance performance in bootstrap and routing , and these will be integrated into the existing modular system architecture . Self-organizing procedures for cooperative signal processing and resource management are also being incorporated into the AWAIRS microsensor network system . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (sensor network) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
Self-organizing Distributed Sensor Networks . Advances in CMOS IC and micro electrical-mechanical systems (MEMS) technology are enabling construction of low-cost building blocks each of which incorporates sensing , signal processing , and wireless communications . Collections of these integrated microsensor nodes may be formed into sensor network (transmitting unit, transmitting original data frames) s in a wide variety of ways , with characteristics that depend on the specific application - the total number of nodes , the spatial density , the geometric configuration (e . g . , linear vs . areal) , topographic aspects (e . g . , smooth vs . rough terrain) , and proximity and proportion of user/sink points . The power of these distributed sensor networks will be unleashed by means of their ability to self-organize , i . e . , to bootstrap and dynamically maintain organizational structure befitting the purpose and situation that is presented , without the need for human assistance . A prototype sensor system and networking protocols are being developed under the DARPA/TTO AWAIRS Program and are described . The current system is capable of self-organizing the communications among nodes so as to bring the initial system on-line via discovery mechanisms , establish needed end-to-end circuits that provide information to and commands from end users , allow new nodes to be added and reconfigure when existing nodes fail , and to quickly evolve so as to achieve these functions via low power operation . Improved network protocols have been designed and simulated that are expected to enhance performance in bootstrap and routing , and these will be integrated into the existing modular system architecture . Self-organizing procedures for cooperative signal processing and resource management are also being incorporated into the AWAIRS microsensor network system . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Self-organizing Distributed Sensor Networks . Advances in CMOS IC and micro electrical-mechanical systems (MEMS) technology are enabling construction of low-cost building blocks each of which incorporates sensing , signal processing , and wireless communications . Collections of these integrated microsensor nodes may be formed into sensor networks in a wide variety of ways , with characteristics that depend on the specific application - the total number of nodes , the spatial density , the geometric configuration (e . g . , linear vs . areal) , topographic aspects (e . g . , smooth vs . rough terrain) , and proximity and proportion of user/sink points . The power of these distributed sensor networks will be unleashed by means of their ability to self-organize , i . e . , to bootstrap and dynamically maintain organizational structure befitting the purpose and situation that is presented , without the need for human assistance . A prototype sensor system and networking protocols are being developed under the DARPA/TTO AWAIRS Program and are described . The current system is capable of self-organizing the communications among nodes so as to bring the initial system on-line via discovery mechanisms , establish needed end-to-end circuits that provide information to and commands from end user (transmission channels) s , allow new nodes to be added and reconfigure when existing nodes fail , and to quickly evolve so as to achieve these functions via low power operation . Improved network protocols have been designed and simulated that are expected to enhance performance in bootstrap and routing , and these will be integrated into the existing modular system architecture . Self-organizing procedures for cooperative signal processing and resource management are also being incorporated into the AWAIRS microsensor network system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | SENSORS, C31, INFORMATION, AND TRAINING TECHNOLOGIES FOR LAW ENFORCEMENT. 3577: 86-95 1999 Publication Year: 1999 Wireless Integrated Network Sensors: Towards Low Cost And Robust Self-organizing Security Networks University of California, Los Angeles (UCLA) Pottie, Clare, Carapezza, Law |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Wireless Integrated Network Sensors : Towards Low Cost And Robust Self-organizing Security Networks . A very important benefit of continuing advances in CMOS IC technology is the ability to construct a wide variety of micro electrical-mechanical systems (MEMS) including sensors and RF components . These building blocks enable the fabrication of complete systems in a low cost module , which include sensing , signal processing , and wireless communication (wireless communication) s . Together with innovative and focussed network design techniques that will make possible simple deployment and sustained Low power operation , the small size and cost can be enabling for a very large number of law enforcement and security applications , including remote reconnaissance and security zones ranging from persons to borders . We outline how the application can be exploited in the network design to enable sustained low-power operation . In particular , extensive information processing at nodes , hierarchical decision making , and energy conserving routing and network topology management methods will be employed in the networks under development . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Wireless Integrated Network Sensors : Towards Low Cost And Robust Self-organizing Security Networks . A very important benefit of continuing advances in CMOS IC technology is the ability to construct a wide variety of micro electrical-mechanical systems (MEMS) including sensors and RF components . These building blocks enable the fabrication of complete systems in a low cost module , which include sensing , signal processing , and wireless communication (wireless communication) s . Together with innovative and focussed network design techniques that will make possible simple deployment and sustained Low power operation , the small size and cost can be enabling for a very large number of law enforcement and security applications , including remote reconnaissance and security zones ranging from persons to borders . We outline how the application can be exploited in the network design to enable sustained low-power operation . In particular , extensive information processing at nodes , hierarchical decision making , and energy conserving routing and network topology management methods will be employed in the networks under development . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | 1998 INTERNATIONAL SYMPOSIUM ON LOW POWER ELECTRONICS AND DESIGN - PROCEEDINGS. : 11-15 1998 Publication Year: 1998 CMOS Front End Components For Micropower RF Wireless Systems University of California, Los Angeles (UCLA) Lin, Sanchez, Rofougaran, Kaiser, Assoc Comp Machinery Inc |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (low power level) transmitted by the wireless node over a wireless interface (wireless interface) ; b) detecting at the intrusion detection module incoming data frames (power dissipation) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interface (wireless interface) s for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design method (original data, original data frames) s combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (low power level) . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (low power level) comprises frames that allow statistical comparisons . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (low power level) transmitted over a time interval . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (low power level) . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design method (original data, original data frames) s combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (low power level) (power dissipation) received over all the wireless channels allocated to the wireless node . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (low power level) with the incoming data frames (power dissipation) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design method (original data, original data frames) s combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (low power level) over a wireless interface (wireless interface) comprising : an intrusion detection module for correlating the original data frames with incoming data frames (power dissipation) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interface (wireless interface) s for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design method (original data, original data frames) s combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (power dissipation) for detecting the incoming data frames (low power level) (power dissipation) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (low power level) over a wireless interface (wireless interface) ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (power dissipation) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interface (wireless interface) s for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (low power level) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (power dissipation) for detecting the incoming data frames (power dissipation) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
CMOS Front End Components For Micropower RF Wireless Systems . New applications have recently appeared for a low power , low cost , "embedded radio" , These wireless interfaces for handheld mobile nodes and Wireless Integrated Network Sensors (WINS) must provide spread spectrum signaling for multi-user operation at 902-928 MHz , Cost considerations motivate the development of complete micropower CMOS RF systems operating at previously unexplored low power level (data frames) s , Micropower CMOS VCO and mixer circuits , developed for these emerging narrow-band communication systems , are reported here . Design methods combining high-Q inductors and weak inversion MOSFET operation enable the lowest reported operating power for RF front end components including a voltage-controlled oscillator (VCO) and mixer operating at frequencies of 400 MHz - 1 GHz , In addition , the VCO , by virtue of its high-Q inductive components , displays the lowest reported phase noise for 1 GHz CMOS VCO systems for any power dissipation (incoming data frames, second receiving unit) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | ISCAS 97 - PROCEEDINGS OF 1997 IEEE INTERNATIONAL SYMPOSIUM ON CIRCUITS AND SYSTEMS, VOLS I - IV. : 2817-2820 1997 Publication Year: 1997 Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors University of California, Los Angeles (UCLA) Asada, Burstein, Chang, Dong, Fielding, Kruglick, Ho, Lin, Lin, Marcy, Mukai, Nelson, Newberg, Pister, Pottie, Sanchez, Stafsudd, Valoff, Yung, Kaiser, Ieee |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (recent advances) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor networks provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (recent advances) frames received over all the wireless channels allocated to the wireless node . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor networks provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (recent advances) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor networks provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (sensor network) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (recent advances) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor network (transmitting unit, transmitting original data frames) s provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (recent advances) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (recent advances) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor networks provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (sensor network) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor network (transmitting unit, transmitting original data frames) s provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (recent advances) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor networks provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (recent advances) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (recent advances) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Low Power Wireless Communication And Signal Processing Circuits For Distributed Microsensors . Low power wireless sensor networks provide a new monitoring and control capability for civil and military applications in transportation , manufacturing , biomedical technology , environmental management , and safety and security systems . Low power integrated CMOS systems are being developed for microsensors , signal processors , microcontrollers , communication transceivers and network access control , This paper on recent advances (incoming data, incoming traffic, incoming data frames) in CMOS-based microsensor systems , low power signal processing and RF communication circuits . Communication circuits include the demonstration of a 20 mu A supply current , 860 MHz , low phase noise CMOS local oscillator . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | UNATTENDED GROUND SENSOR TECHNOLOGIES AND APPLICATIONS. 3713: 257-268 1999 Publication Year: 1999 Development Platform For Self-organizing Wireless Sensor Networks Rockwell Science Center Agre, Clare, Pottie, Romanov, Carapezza, Law, Stalker |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface (development platform) ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Development Platform For Self-organizing Wireless Sensor Networks . Distributed microsensor networks , built from collections of nodes each having the ability to sense their environment , process the raw sensor data in cooperation with other neighboring nodes into information and then communicate that information to end users . These systems are designed to be self-organizing in the sense of establishing and maintaining their own network without the need for specialist operators . In most envisioned applications , wireless communication (wireless communication) s are the most practical means of interconnection , eliminating the internode cabling . Long periods of autonomous operations in remote environments will need battery or other renewable energy sources . In order to prolong battery life , all node hardware and software functions need to be designed to consume minimal power . In general , a node will expend energy on local processing of sensor data to produce compressed information in order to reduce communications . These network systems are intended to support large numbers of such nodes to cover large geographic areas . This presents technical challenges in areas such as low cost design , scalability , cooperative processing and reliable operation of complex systems . Such networks are finding applications in both the military and commercial arenas , and the UCLA/Rockwell Science Center team(1) has developed a prototype wireless sensor node , "AWAIRS I , " as a development platform (wireless interface) to examine many of the issues relating to their design , deployment and usage . These issues cover a broad spectrum , from determining the best sensors for particular applications , to constructing low power signal processing algorithms and robust and low power network protocols . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames (sensor network) over a wireless interface (development platform) comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Development Platform For Self-organizing Wireless Sensor Networks . Distributed microsensor network (transmitting unit, transmitting original data frames) s , built from collections of nodes each having the ability to sense their environment , process the raw sensor data in cooperation with other neighboring nodes into information and then communicate that information to end users . These systems are designed to be self-organizing in the sense of establishing and maintaining their own network without the need for specialist operators . In most envisioned applications , wireless communication (wireless communication) s are the most practical means of interconnection , eliminating the internode cabling . Long periods of autonomous operations in remote environments will need battery or other renewable energy sources . In order to prolong battery life , all node hardware and software functions need to be designed to consume minimal power . In general , a node will expend energy on local processing of sensor data to produce compressed information in order to reduce communications . These network systems are intended to support large numbers of such nodes to cover large geographic areas . This presents technical challenges in areas such as low cost design , scalability , cooperative processing and reliable operation of complex systems . Such networks are finding applications in both the military and commercial arenas , and the UCLA/Rockwell Science Center team(1) has developed a prototype wireless sensor node , "AWAIRS I , " as a development platform (wireless interface) to examine many of the issues relating to their design , deployment and usage . These issues cover a broad spectrum , from determining the best sensors for particular applications , to constructing low power signal processing algorithms and robust and low power network protocols . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Development Platform For Self-organizing Wireless Sensor Networks . Distributed microsensor networks , built from collections of nodes each having the ability to sense their environment , process the raw sensor data in cooperation with other neighboring nodes into information and then communicate that information to end user (transmission channels) s . These systems are designed to be self-organizing in the sense of establishing and maintaining their own network without the need for specialist operators . In most envisioned applications , wireless communications are the most practical means of interconnection , eliminating the internode cabling . Long periods of autonomous operations in remote environments will need battery or other renewable energy sources . In order to prolong battery life , all node hardware and software functions need to be designed to consume minimal power . In general , a node will expend energy on local processing of sensor data to produce compressed information in order to reduce communications . These network systems are intended to support large numbers of such nodes to cover large geographic areas . This presents technical challenges in areas such as low cost design , scalability , cooperative processing and reliable operation of complex systems . Such networks are finding applications in both the military and commercial arenas , and the UCLA/Rockwell Science Center team(1) has developed a prototype wireless sensor node , "AWAIRS I , " as a development platform to examine many of the issues relating to their design , deployment and usage . These issues cover a broad spectrum , from determining the best sensors for particular applications , to constructing low power signal processing algorithms and robust and low power network protocols . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (sensor network) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
Development Platform For Self-organizing Wireless Sensor Networks . Distributed microsensor network (transmitting unit, transmitting original data frames) s , built from collections of nodes each having the ability to sense their environment , process the raw sensor data in cooperation with other neighboring nodes into information and then communicate that information to end users . These systems are designed to be self-organizing in the sense of establishing and maintaining their own network without the need for specialist operators . In most envisioned applications , wireless communications are the most practical means of interconnection , eliminating the internode cabling . Long periods of autonomous operations in remote environments will need battery or other renewable energy sources . In order to prolong battery life , all node hardware and software functions need to be designed to consume minimal power . In general , a node will expend energy on local processing of sensor data to produce compressed information in order to reduce communications . These network systems are intended to support large numbers of such nodes to cover large geographic areas . This presents technical challenges in areas such as low cost design , scalability , cooperative processing and reliable operation of complex systems . Such networks are finding applications in both the military and commercial arenas , and the UCLA/Rockwell Science Center team(1) has developed a prototype wireless sensor node , "AWAIRS I , " as a development platform to examine many of the issues relating to their design , deployment and usage . These issues cover a broad spectrum , from determining the best sensors for particular applications , to constructing low power signal processing algorithms and robust and low power network protocols . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface (development platform) ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
Development Platform For Self-organizing Wireless Sensor Networks . Distributed microsensor networks , built from collections of nodes each having the ability to sense their environment , process the raw sensor data in cooperation with other neighboring nodes into information and then communicate that information to end users . These systems are designed to be self-organizing in the sense of establishing and maintaining their own network without the need for specialist operators . In most envisioned applications , wireless communications are the most practical means of interconnection , eliminating the internode cabling . Long periods of autonomous operations in remote environments will need battery or other renewable energy sources . In order to prolong battery life , all node hardware and software functions need to be designed to consume minimal power . In general , a node will expend energy on local processing of sensor data to produce compressed information in order to reduce communications . These network systems are intended to support large numbers of such nodes to cover large geographic areas . This presents technical challenges in areas such as low cost design , scalability , cooperative processing and reliable operation of complex systems . Such networks are finding applications in both the military and commercial arenas , and the UCLA/Rockwell Science Center team(1) has developed a prototype wireless sensor node , "AWAIRS I , " as a development platform (wireless interface) to examine many of the issues relating to their design , deployment and usage . These issues cover a broad spectrum , from determining the best sensors for particular applications , to constructing low power signal processing algorithms and robust and low power network protocols . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Development Platform For Self-organizing Wireless Sensor Networks . Distributed microsensor networks , built from collections of nodes each having the ability to sense their environment , process the raw sensor data in cooperation with other neighboring nodes into information and then communicate that information to end user (transmission channels) s . These systems are designed to be self-organizing in the sense of establishing and maintaining their own network without the need for specialist operators . In most envisioned applications , wireless communications are the most practical means of interconnection , eliminating the internode cabling . Long periods of autonomous operations in remote environments will need battery or other renewable energy sources . In order to prolong battery life , all node hardware and software functions need to be designed to consume minimal power . In general , a node will expend energy on local processing of sensor data to produce compressed information in order to reduce communications . These network systems are intended to support large numbers of such nodes to cover large geographic areas . This presents technical challenges in areas such as low cost design , scalability , cooperative processing and reliable operation of complex systems . Such networks are finding applications in both the military and commercial arenas , and the UCLA/Rockwell Science Center team(1) has developed a prototype wireless sensor node , "AWAIRS I , " as a development platform to examine many of the issues relating to their design , deployment and usage . These issues cover a broad spectrum , from determining the best sensors for particular applications , to constructing low power signal processing algorithms and robust and low power network protocols . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | WIRELESS NETWORKS. 9 (5): 545-556 SEP 2003 Publication Year: 2003 Intrusion Detection Techniques For Mobile Wireless Networks HRL Laboratories, LLC (formerly Hughes Research Laboratories), Georgia Institute of Technology Zhang, Lee, Huang |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (wireless networks) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (wireless networks) received over all the wireless channels allocated to the wireless node . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (wireless networks) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (wireless networks) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection (intrusion attack) in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (wireless networks) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks (incoming data frames) and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
Intrusion Detection Techniques For Mobile Wireless Networks . The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security . The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective . We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application . In this paper , we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection (intrusion attack) in the security architecture for mobile computing environment . We have developed such an architecture and evaluated a key mechanism in this architecture , anomaly detection for mobile ad-hoc network , through simulation experiments . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | COMPUTER COMMUNICATIONS. 25 (15): 1356-1365 SEP 15 2002 Publication Year: 2002 Intrusion Detection Techniques And Approaches University of Canterbury (UC). Christchurch, New Zealand Verwoerd, Hunt |
---|---|
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (Such method) allocated to the wireless node and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
Intrusion Detection Techniques And Approaches . Recent security incidents and analysis have demonstrated that manual response to such attacks is no longer feasible . Intrusion detection systems (IDS) offer techniques for modelling and recognising normal and abusive system behaviour , Such method (wireless channels) ologies include statistical models , immune system approaches , protocol verification , file and taint checking , neural networks , whitelisting , expression matching , state transition analysis , dedicated languages , genetic algorithms and burglar alarms . This paper describes these techniques including an IDS architectural outline and an analysis of IDS probe techniques finishing with a summary of associated technologies . (C) 2002 Elsevier Science B . V . All rights reserved . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | IEEE WIRELESS COMMUNICATIONS. 9 (6): 44-51 DEC 2002 Publication Year: 2002 Your 802.11 Wireless Network Has No Clothes University of Maryland, Hewlett Packard Labs Arbaugh, Shankar, Wan, Zhang |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (wireless networks) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (wireless networks) received over all the wireless channels allocated to the wireless node . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (wireless networks) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (wireless networks) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end user (transmission channels) s . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (access points) . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points (wireless network technology) present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (wireless networks) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks (incoming data frames) over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end user (transmission channels) s . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (access points) . |
Your 802 . 11 Wireless Network Has No Clothes . The explosive growth in wireless networks over the last few years resembles the rapid growth of the Internet within the last decade . To protect internal resources , organizations usually purchased and installed an Internet firewall . We believe that the currently deployed wireless access points (wireless network technology) present a larger security problem than the early Internet connections . A large number of organizations , based on vendor literature , believe that the security provided by their deployed wireless access points is sufficient to prevent unauthorized access and use . Unfortunately , nothing could be further from the truth . While the current access points provide several security mechanisms , our work combined with the work of others show that all of these mechanisms are completely ineffective . As a result , organizations with deployed wireless networks are vulnerable to unauthorized use of , and access to , their internal infrastructure . In this article we present a novel solution that requires no changes or additions to any deployed wireless equipment , and is easily deployed and transparent to end users . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | LCN 2001: 26TH ANNUAL IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS, PROCEEDINGS. : 454-463 2001 Publication Year: 2001 An Access Control Architecture For Microcellular Wireless IPv6 Networks Lancaster University Schmid, Finney, Wu, Friday, Scott, Shepherd, Ieee Computer Society, Ieee Computer Society, Ieee Computer Society |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (wireless networks) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (wireless networks) received over all the wireless channels allocated to the wireless node . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (wireless networks) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 10 . An impersonation detection system (access control mechanism, dependent manner) for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (wireless networks) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 11 . The impersonation detection system (access control mechanism, dependent manner) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (access control mechanism, dependent manner) . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 12 . The impersonation detection system (access control mechanism, dependent manner) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 CLAIM 13 . The impersonation detection system (access control mechanism, dependent manner) of claim 12 wherein the secure link operates according to a communication protocol . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 CLAIM 14 . The impersonation detection system (access control mechanism, dependent manner) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 CLAIM 15 . The impersonation detection system (access control mechanism, dependent manner) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 CLAIM 16 . The impersonation detection system (access control mechanism, dependent manner) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (wireless networks) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks (incoming data frames) . |
US7409715B2 CLAIM 19 . The an impersonation detection system (access control mechanism, dependent manner) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 CLAIM 20 . The impersonation detection system (access control mechanism, dependent manner) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
An Access Control Architecture For Microcellular Wireless IPv6 Networks . This document introduces a novel access control architecture for publicly accessible wireless overlay networks . The architecture is designed to address the problems of ubiquitous Internet service provisioning within the city of Lancaster . The proposed access control mechanism (impersonation detection system, impersonation detection signal) is based on the concepts of secure user authentication , packet marking , and network-level packet filtering . The novelty of the architecture lies in its use of micro-cellular layer three networks to acquire fine grained access control in a link independent manner (impersonation detection system, impersonation detection signal) . The paper describes the concepts behind the access control architecture and demonstrates to what extent it addresses the security , performance and extensibility concerns of public access packet switched wireless networks . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030041244A1 Filed: 2002-09-30 Issued: 2003-02-27 Method for securing communications between a terminal and an additional user equipment (Original Assignee) Swisscom Mobile AG (Current Assignee) Bin 2020 Series 550 Of Allied Security Trust I Levente Buttyan, Edwin Wiedmer, Eric Lauper |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (short distance) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030041244A1 CLAIM 1 . A method for securing a session over a short distance (data processing unit) wireless link between a terminal and a user equipment , said terminal and said user equipment both comprising cryptographic computing means , said terminal and said user equipment further both comprising a display and input means , wherein said terminal and said user equipment can be connected through said short distance wireless link , said method comprising : generating a secret in one of said terminals or said user equipments , displaying said secret or the hash value of said secret on the display of said terminal or said user equipment , entering said secret or the hash value of said secret on the input means of the other one of said terminals or user equipments , using said shared secret to guarantee the authenticity of at least a part of said session over said short distance wireless link . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (short distance) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030041244A1 CLAIM 1 . A method for securing a session over a short distance (data processing unit) wireless link between a terminal and a user equipment , said terminal and said user equipment both comprising cryptographic computing means , said terminal and said user equipment further both comprising a display and input means , wherein said terminal and said user equipment can be connected through said short distance wireless link , said method comprising : generating a secret in one of said terminals or said user equipments , displaying said secret or the hash value of said secret on the display of said terminal or said user equipment , entering said secret or the hash value of said secret on the input means of the other one of said terminals or user equipments , using said shared secret to guarantee the authenticity of at least a part of said session over said short distance wireless link . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030217289A1 Filed: 2002-05-17 Issued: 2003-11-20 Method and system for wireless intrusion detection (Original Assignee) Network Security Technologies Inc (Current Assignee) Ozmo Licensing LLC Ken Ammon, Chris O'Ferrell, Wayne Mitzen, Dan Frasnelli, Lawrence Wimble, Yin Yang, Tom McHale, Rick Doten |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (wireless networks) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030217289A1 CLAIM 18 . The method of claim 1 , wherein the transmitting of results further comprises transmitting over a wireless communication (wireless communication) s medium . US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (wireless networks) received over all the wireless channels allocated to the wireless node . |
US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (wireless networks) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (wireless networks) received over the air interface (different means) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030217289A1 CLAIM 18 . The method of claim 1 , wherein the transmitting of results further comprises transmitting over a wireless communication (wireless communication) s medium . US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . US20030217289A1 CLAIM 30 . A method for controlling a wireless intrusion detection system comprising : transmitting a plurality of beacon packets from a collector ; receiving one or more of the beacon packets at a node ; and establishing a communications link between the collector and the node for detecting unauthorized access of a wireless network of interest ; wherein the collector controls a wireless intrusion detection system by a communications link that utilizes a different means (air interface) of communication than the wireless network . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (authorized device) for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030217289A1 CLAIM 8 . The method of claim 1 , further comprising : locating any unauthorized device (second receiving unit) s . US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030217289A1 CLAIM 23 . A wireless intrusion detection (intrusion attack) system , comprising : one or more nodes , each node configured to monitor a wireless network of interest for signals received from at least one wireless access device ; and a collector , each of the one or more nodes in communication with the collector ; wherein the collector receives results from the monitoring cycle of signals by the one or more nodes and determines whether any unauthorized access of the wireless network of interest has occurred . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (communications medium) . |
US20030217289A1 CLAIM 18 . The method of claim 1 , wherein the transmitting of results further comprises transmitting over a wireless communications medium (communication protocol) . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (access points) . |
US20030217289A1 CLAIM 2 . The method of claim 1 , further comprising : detecting access points (wireless network technology) in the wireless network ; and detecting clients in the wireless network . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (wireless networks) received from the air interface (different means) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . US20030217289A1 CLAIM 30 . A method for controlling a wireless intrusion detection system comprising : transmitting a plurality of beacon packets from a collector ; receiving one or more of the beacon packets at a node ; and establishing a communications link between the collector and the node for detecting unauthorized access of a wireless network of interest ; wherein the collector controls a wireless intrusion detection system by a communications link that utilizes a different means (air interface) of communication than the wireless network . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (authorized device) for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030217289A1 CLAIM 8 . The method of claim 1 , further comprising : locating any unauthorized device (second receiving unit) s . US20030217289A1 CLAIM 28 . A wireless intrusion detection node , comprising : means for performing a monitoring cycle of a plurality of signals from one or more wireless networks (incoming data frames) , including one wireless network of interest ; means for storing results from the monitoring cycle ; and means for transmitting the results of the monitoring cycle to a data collector . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030217289A1 CLAIM 23 . A wireless intrusion detection (intrusion attack) system , comprising : one or more nodes , each node configured to monitor a wireless network of interest for signals received from at least one wireless access device ; and a collector , each of the one or more nodes in communication with the collector ; wherein the collector receives results from the monitoring cycle of signals by the one or more nodes and determines whether any unauthorized access of the wireless network of interest has occurred . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (access points) . |
US20030217289A1 CLAIM 2 . The method of claim 1 , further comprising : detecting access points (wireless network technology) in the wireless network ; and detecting clients in the wireless network . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020150228A1 Filed: 2002-04-10 Issued: 2002-10-17 Mobile communication system, resource switching method thereof, network control apparatus included therein, same and network control method (Original Assignee) NTT Docomo Inc (Current Assignee) NTT Docomo Inc Narumi Umeda, Tsutomu Yokoyama, Sadayuki Hongo |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020150228A1 CLAIM 3 . A mobile communication system according to claim 1 , wherein said network resource includes at least one of a wireless communication (wireless communication) channel , a transmitter/receiver , a line within a network , a communication node apparatus , a communication terminal , an information switching apparatus , and an information converting apparatus . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020150228A1 CLAIM 3 . A mobile communication system according to claim 1 , wherein said network resource includes at least one of a wireless communication (wireless communication) channel , a transmitter/receiver , a line within a network , a communication node apparatus , a communication terminal , an information switching apparatus , and an information converting apparatus . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US20020150228A1 CLAIM 14 . A network control apparatus comprising : receiving means (transmitting unit) for receiving a detection report of at least one of a change in an environment in which an object to be inspected exists and a change in a capability of said object to be inspected from said object to be inspected ; determining means for determining at least one of a network resource and an information format suitable for said change specified by said detection report received from said object to be inspected ; and control means for controlling said object to be inspected concerning at least one of said determined network resource and information format so that said object conforms to said detected change . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030110394A1 Filed: 2002-02-20 Issued: 2003-06-12 System and method for detecting and eliminating IP spoofing in a data transmission network (Original Assignee) Deep Nines Inc (Current Assignee) Trend Micro Inc Clifford Sharp, Susan Dark |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (temporary storing, flow rate) (temporary storing, flow rate) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (temporary storing, flow rate) . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (temporary storing, flow rate) comprises frames that allow statistical comparisons . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (temporary storing, flow rate) transmitted over a time interval (temporarily store) . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store (time interval) a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (temporary storing, flow rate) (temporary storing, flow rate) . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (temporary storing, flow rate) received over all the wireless channels allocated to the wireless node . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (temporary storing, flow rate) (temporary storing, flow rate) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (temporary storing, flow rate) (temporary storing, flow rate) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (flow control, data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (temporary storing, flow rate) from the incoming traffic ; and a data processing unit (temporary storage) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030110394A1 CLAIM 1 . A traffic management system for use in conjunction with packet data , said system operative for passing data packet (incoming traffic) s there through , said system comprising : means for extracting certain parameters of data from each packet of data which is flowing into said system ; and means for comparing said extracted data against at least one database to determine if the data packet associated with said extracted data is valid . US20030110394A1 CLAIM 9 . A data network monitoring system comprising : at least one data sniffer ; a temporary storage (data processing unit) device ; a processor for determining spoofing with respect to data passing through said system ; and said processor further operative for diverting to said temporary storage device selected data entering said system , said selected data controlled in part by information obtained from said data sniffer and from a determination of spoofing . US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . US20030110394A1 CLAIM 23 . A data flow control (incoming traffic) system for preventing an enterprise data processing system from being overloaded with spoofed data requests directed to said enterprise system from sources external to said enterprise system , said data flow system comprising : a gateway for accepting data directed to said enterprise system from any said external source ; a data monitoring circuit for observing selected portions of certain data directed to said gateway , and a delay path operable when the amount of data currently being handled by said enterprise system reaches a certain threshold for temporarily removing selected data which is directed to said enterprise system away from enterprise system , said selected data having an uncertain probability of spoofing . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (temporary storing, flow rate) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (temporary storing, flow rate) ; an antenna for capturing the incoming traffic (flow control, data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (temporary storage) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030110394A1 CLAIM 1 . A traffic management system for use in conjunction with packet data , said system operative for passing data packet (incoming traffic) s there through , said system comprising : means for extracting certain parameters of data from each packet of data which is flowing into said system ; and means for comparing said extracted data against at least one database to determine if the data packet associated with said extracted data is valid . US20030110394A1 CLAIM 9 . A data network monitoring system comprising : at least one data sniffer ; a temporary storage (data processing unit) device ; a processor for determining spoofing with respect to data passing through said system ; and said processor further operative for diverting to said temporary storage device selected data entering said system , said selected data controlled in part by information obtained from said data sniffer and from a determination of spoofing . US20030110394A1 CLAIM 16 . The method of claim 15 wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20030110394A1 CLAIM 17 . The method of claim 16 further including the step of : arbitrarily selecting packets for temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) when said data flow rate reaches its maximum capacity . US20030110394A1 CLAIM 23 . A data flow control (incoming traffic) system for preventing an enterprise data processing system from being overloaded with spoofed data requests directed to said enterprise system from sources external to said enterprise system , said data flow system comprising : a gateway for accepting data directed to said enterprise system from any said external source ; a data monitoring circuit for observing selected portions of certain data directed to said gateway , and a delay path operable when the amount of data currently being handled by said enterprise system reaches a certain threshold for temporarily removing selected data which is directed to said enterprise system away from enterprise system , said selected data having an uncertain probability of spoofing . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020176378A1 Filed: 2002-02-02 Issued: 2002-11-28 Platform and method for providing wireless data services (Original Assignee) AVIAN COMMUNICATIONS; Proquent Systems Corp (Current Assignee) Bytemobile Network Services Corp Thomas Hamilton, Clifford Atwood, Urmesh Sirsiwal, Kenneth Descoteaux |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (time interval) . |
US20020176378A1 CLAIM 58 . The method of claim 49 wherein the information is related to the detected sessions relates to a time interval (time interval) of operation . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (data rate) allocated to the wireless node and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
US20020176378A1 CLAIM 35 . The method of claim 34 wherein applying a policy to the communication includes applying a data rate (wireless channels) policy . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020176378A1 CLAIM 26 . The method of claim 16 wherein specifying characteristics at one or more protocol layers includes specifying a regular expression that identifies fields of data packet (incoming traffic) s at one or more protocol layers . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US20020176378A1 CLAIM 15 . The method of claim 14 wherein the packet data communication includes Internet Protocol (communication protocol) (IP) data communication . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20020176378A1 CLAIM 2 . The method of claim 1 wherein processing communication passing through the node includes processing data communication from a wireless network (wireless network) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20020176378A1 CLAIM 2 . The method of claim 1 wherein processing communication passing through the node includes processing data communication from a wireless network (wireless network) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020176378A1 CLAIM 26 . The method of claim 16 wherein specifying characteristics at one or more protocol layers includes specifying a regular expression that identifies fields of data packet (incoming traffic) s at one or more protocol layers . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20020176378A1 CLAIM 2 . The method of claim 1 wherein processing communication passing through the node includes processing data communication from a wireless network (wireless network) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020032774A1 Filed: 2001-08-16 Issued: 2002-03-14 Thwarting source address spoofing-based denial of service attacks (Original Assignee) Mazu Networks Inc (Current Assignee) Riverbed Technology Inc Edward Kohler, Massimiliano Poletto |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (take action) received on all transmission channels allocated to the wireless node ; a second receiving (source addresses) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020032774A1 CLAIM 1 . A method of protecting a victim site against a denial of service attack , the method comprises : receiving network packets with faked source addresses (second receiving, second receiving unit) ; receiving from the victim site a notification that the victim site is under an attack ; and sending queries to data collectors to request information from at least some of the data collectors , the information to determine the source of suspicious network traffic being sent to the victim . US20020032774A1 CLAIM 12 . The method of claim 1 wherein if the attacker is not behind a gateway , the method further comprises : contacting administrators at locations involved in attack to have the administrators take action (incoming traffic) to filter out packets with the destination address . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (take action) carried on all transmission channels allocated to the wireless node ; a second receiving (source addresses) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020032774A1 CLAIM 1 . A method of protecting a victim site against a denial of service attack , the method comprises : receiving network packets with faked source addresses (second receiving, second receiving unit) ; receiving from the victim site a notification that the victim site is under an attack ; and sending queries to data collectors to request information from at least some of the data collectors , the information to determine the source of suspicious network traffic being sent to the victim . US20020032774A1 CLAIM 12 . The method of claim 1 wherein if the attacker is not behind a gateway , the method further comprises : contacting administrators at locations involved in attack to have the administrators take action (incoming traffic) to filter out packets with the destination address . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020131366A1 Filed: 2001-06-06 Issued: 2002-09-19 System and method for traffic management control in a data transmission network (Original Assignee) Deep Nines Inc (Current Assignee) Trend Micro Inc Clifford Sharp, Susan Dark |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (temporary storing, flow rate) (temporary storing, flow rate) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (temporary storing, flow rate) . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (temporary storing, flow rate) comprises frames that allow statistical comparisons . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (temporary storing, flow rate) transmitted over a time interval (temporarily store) . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store (time interval) a particular packet . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (temporary storing, flow rate) (temporary storing, flow rate) . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (temporary storing, flow rate) received over all the wireless channels allocated to the wireless node . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (temporary storing, flow rate) (temporary storing, flow rate) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (temporary storing, flow rate) (temporary storing, flow rate) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (flow control, data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (temporary storing, flow rate) from the incoming traffic ; and a data processing unit (temporary storage) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020131366A1 CLAIM 1 . A traffic management system for use in conjunction with packet data , said system operative for passing data packet (incoming traffic) s there through , said system comprising : means for reviewing certain parameters of data which is flowing into said system ; and means for remembering for a period of time said reviewed certain parameters in conjunction with each received packet . US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20020131366A1 CLAIM 14 . A data network monitoring system comprising : at least one data sniffer ; a temporary storage (data processing unit) device ; a processor for performing data throughput measurements on data passing through said system ; and said processor further operative for diverting to said temporary storage device selected data entering said system , said selected data controlled in part by information obtained from said data sniffer and from said throughput measurement means . US20020131366A1 CLAIM 32 . A data flow control (incoming traffic) system for preventing an enterprise data processing system from being overloaded with data requests directed to said enterprise system from sources external to said enterprise system , said system comprising : a gateway for accepting data directed to said enterprise system from any said external source ; a data monitoring circuit for observing selected portions of certain data directed to said gateway , a delay path operable when the amount of data currently being handled by said enterprise system reaches a certain threshold for temporarily removing selected data which is directed to said gateway away from enterprise system . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (temporary storing, flow rate) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (temporary storing, flow rate) ; an antenna for capturing the incoming traffic (flow control, data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (temporary storage) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020131366A1 CLAIM 1 . A traffic management system for use in conjunction with packet data , said system operative for passing data packet (incoming traffic) s there through , said system comprising : means for reviewing certain parameters of data which is flowing into said system ; and means for remembering for a period of time said reviewed certain parameters in conjunction with each received packet . US20020131366A1 CLAIM 5 . The traffic management system of claim 2 wherein said temporary storing (original data frames, data frames, incoming data frames, transmitting original data frames) means including a cache and a data storage , said data storage used when said cache is full . US20020131366A1 CLAIM 7 . The traffic management system of claim 6 further including : means operative upon attainment of packet flow volume into said system reaching a certain level for temporarily storing certain subsequently received packets in accordance with selective remembered parameter of previously received packets ; and wherein said certain level includes a plurality of levels arranged in a sequence , and wherein as the sequence of levels gets closer to an absolute maximum data flow rate (original data frames, data frames, incoming data frames, transmitting original data frames) more and more of said remembered parameters are included as a basis for said determination to temporarily store a particular packet . US20020131366A1 CLAIM 14 . A data network monitoring system comprising : at least one data sniffer ; a temporary storage (data processing unit) device ; a processor for performing data throughput measurements on data passing through said system ; and said processor further operative for diverting to said temporary storage device selected data entering said system , said selected data controlled in part by information obtained from said data sniffer and from said throughput measurement means . US20020131366A1 CLAIM 32 . A data flow control (incoming traffic) system for preventing an enterprise data processing system from being overloaded with data requests directed to said enterprise system from sources external to said enterprise system , said system comprising : a gateway for accepting data directed to said enterprise system from any said external source ; a data monitoring circuit for observing selected portions of certain data directed to said gateway , a delay path operable when the amount of data currently being handled by said enterprise system reaches a certain threshold for temporarily removing selected data which is directed to said gateway away from enterprise system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JPH1146196A Filed: 1997-07-25 Issued: 1999-02-16 Communication device, communication terminal, and program recording medium (Original Assignee) Fujitsu Ltd; 富士通株式会社 Takayuki Nakanishi, 尊之 中西 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (記憶手段と) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (apparatus) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JPH1146196A CLAIM 1 【請求項1】 端末とローカルエリアネットワークの伝 送路とに接続される、前記端末を前記ローカルエリアネ ットワークの一通信端末として機能させるための通信機 器であって、 前記ローカルエリアネットワークに接続されている他の 通信端末を、ネットワークアドレスによって通信が許可 されている通信端末と通信が許可されていない端末とに 分類するための情報である通信規制情報を記憶する通信 規制情報記憶手段と (original data frames) 、 前記伝送路を伝搬する通信データに含まれる着LANア ドレスに基づき、前記伝送路から自端末宛の通信データ を取り込む取込手段と、 この取込手段が取り込んだ通信データに含まれる発ネッ トワークアドレスと前記通信規制情報記憶手段内の前記 通信規制情報とに基づき、その通信データの発信元が通 信が許可されている通信端末であるか否かを判定する判 定手段と、 この判定手段によって、発信元が通信が許可されている 通信端末であると判定された通信データの内容のみを、 前記端末に供給する供給手段とを備えることを特徴とす る通信機器。 1 . A communication device connected to a terminal and a transmission path of a local area network for causing the terminal to function as a communication terminal of the local area network , the communication device being connected to the local area network . Communication restriction information storage means for storing communication restriction information which is information for classifying another communication terminal into a communication terminal permitted to communicate by a network address and a terminal not permitted to communicate by the network address ; Means for taking in communication data addressed to the terminal itself from the transmission path based on the destination LAN address contained in the communication data propagating through the communication network ; originating network address contained in the communication data taken in by the taking means ; Based on the communication restriction information in the information storage means , the source of the communication data is permitted to perform communication . Determining means for determining whether or not the communication terminal is a communication terminal , only the content of the communication data determined that the source is a communication terminal to which communication is permitted , A communication device comprising : a supply unit that supplies the terminal . JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (記憶手段と) . |
JPH1146196A CLAIM 1 【請求項1】 端末とローカルエリアネットワークの伝 送路とに接続される、前記端末を前記ローカルエリアネ ットワークの一通信端末として機能させるための通信機 器であって、 前記ローカルエリアネットワークに接続されている他の 通信端末を、ネットワークアドレスによって通信が許可 されている通信端末と通信が許可されていない端末とに 分類するための情報である通信規制情報を記憶する通信 規制情報記憶手段と (original data frames) 、 前記伝送路を伝搬する通信データに含まれる着LANア ドレスに基づき、前記伝送路から自端末宛の通信データ を取り込む取込手段と、 この取込手段が取り込んだ通信データに含まれる発ネッ トワークアドレスと前記通信規制情報記憶手段内の前記 通信規制情報とに基づき、その通信データの発信元が通 信が許可されている通信端末であるか否かを判定する判 定手段と、 この判定手段によって、発信元が通信が許可されている 通信端末であると判定された通信データの内容のみを、 前記端末に供給する供給手段とを備えることを特徴とす る通信機器。 1 . A communication device connected to a terminal and a transmission path of a local area network for causing the terminal to function as a communication terminal of the local area network , the communication device being connected to the local area network . Communication restriction information storage means for storing communication restriction information which is information for classifying another communication terminal into a communication terminal permitted to communicate by a network address and a terminal not permitted to communicate by the network address ; Means for taking in communication data addressed to the terminal itself from the transmission path based on the destination LAN address contained in the communication data propagating through the communication network ; originating network address contained in the communication data taken in by the taking means ; Based on the communication restriction information in the information storage means , the source of the communication data is permitted to perform communication . Determining means for determining whether or not the communication terminal is a communication terminal , only the content of the communication data determined that the source is a communication terminal to which communication is permitted , A communication device comprising : a supply unit that supplies the terminal . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (記憶手段と) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JPH1146196A CLAIM 1 【請求項1】 端末とローカルエリアネットワークの伝 送路とに接続される、前記端末を前記ローカルエリアネ ットワークの一通信端末として機能させるための通信機 器であって、 前記ローカルエリアネットワークに接続されている他の 通信端末を、ネットワークアドレスによって通信が許可 されている通信端末と通信が許可されていない端末とに 分類するための情報である通信規制情報を記憶する通信 規制情報記憶手段と (original data frames) 、 前記伝送路を伝搬する通信データに含まれる着LANア ドレスに基づき、前記伝送路から自端末宛の通信データ を取り込む取込手段と、 この取込手段が取り込んだ通信データに含まれる発ネッ トワークアドレスと前記通信規制情報記憶手段内の前記 通信規制情報とに基づき、その通信データの発信元が通 信が許可されている通信端末であるか否かを判定する判 定手段と、 この判定手段によって、発信元が通信が許可されている 通信端末であると判定された通信データの内容のみを、 前記端末に供給する供給手段とを備えることを特徴とす る通信機器。 1 . A communication device connected to a terminal and a transmission path of a local area network for causing the terminal to function as a communication terminal of the local area network , the communication device being connected to the local area network . Communication restriction information storage means for storing communication restriction information which is information for classifying another communication terminal into a communication terminal permitted to communicate by a network address and a terminal not permitted to communicate by the network address ; Means for taking in communication data addressed to the terminal itself from the transmission path based on the destination LAN address contained in the communication data propagating through the communication network ; originating network address contained in the communication data taken in by the taking means ; Based on the communication restriction information in the information storage means , the source of the communication data is permitted to perform communication . Determining means for determining whether or not the communication terminal is a communication terminal , only the content of the communication data determined that the source is a communication terminal to which communication is permitted , A communication device comprising : a supply unit that supplies the terminal . |
US7409715B2 CLAIM 10 . An impersonation detection system (apparatus) for a wireless node of a wireless communication network , the node for transmitting original data frames (記憶手段と) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JPH1146196A CLAIM 1 【請求項1】 端末とローカルエリアネットワークの伝 送路とに接続される、前記端末を前記ローカルエリアネ ットワークの一通信端末として機能させるための通信機 器であって、 前記ローカルエリアネットワークに接続されている他の 通信端末を、ネットワークアドレスによって通信が許可 されている通信端末と通信が許可されていない端末とに 分類するための情報である通信規制情報を記憶する通信 規制情報記憶手段と (original data frames) 、 前記伝送路を伝搬する通信データに含まれる着LANア ドレスに基づき、前記伝送路から自端末宛の通信データ を取り込む取込手段と、 この取込手段が取り込んだ通信データに含まれる発ネッ トワークアドレスと前記通信規制情報記憶手段内の前記 通信規制情報とに基づき、その通信データの発信元が通 信が許可されている通信端末であるか否かを判定する判 定手段と、 この判定手段によって、発信元が通信が許可されている 通信端末であると判定された通信データの内容のみを、 前記端末に供給する供給手段とを備えることを特徴とす る通信機器。 1 . A communication device connected to a terminal and a transmission path of a local area network for causing the terminal to function as a communication terminal of the local area network , the communication device being connected to the local area network . Communication restriction information storage means for storing communication restriction information which is information for classifying another communication terminal into a communication terminal permitted to communicate by a network address and a terminal not permitted to communicate by the network address ; Means for taking in communication data addressed to the terminal itself from the transmission path based on the destination LAN address contained in the communication data propagating through the communication network ; originating network address contained in the communication data taken in by the taking means ; Based on the communication restriction information in the information storage means , the source of the communication data is permitted to perform communication . Determining means for determining whether or not the communication terminal is a communication terminal , only the content of the communication data determined that the source is a communication terminal to which communication is permitted , A communication device comprising : a supply unit that supplies the terminal . JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 11 . The impersonation detection system (apparatus) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 12 . The impersonation detection system (apparatus) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 13 . The impersonation detection system (apparatus) of claim 12 wherein the secure link operates according to a communication protocol . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 14 . The impersonation detection system (apparatus) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 15 . The impersonation detection system (apparatus) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 16 . The impersonation detection system (apparatus) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 19 . The an impersonation detection system (apparatus) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 CLAIM 20 . The impersonation detection system (apparatus) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
JPH1146196A CLAIM 10 【請求項10】 前記端末からデータの送信が指示され た際に、当該データの送信先通信端末のLANアドレス と前記通信規制情報記憶手段内の前記通信規制情報とに 基づき、データの送信先が通信が許可されている通信端 末であるか否かを判定する送信先判定手段と、 この送信先判定手段によって、前記データの送信先が通 信が許可されている通信端末であると判定された場合に のみ、送信が指示されたデータに応じた通信データを前 記伝送路上に送出する送出手段とを、さらに、備えるこ とを特徴とする請求項8記載の通信機器。 10 . When data transmission is instructed from the terminal , the data transmission destination is determined based on the LAN address of the communication destination communication terminal of the data and the communication restriction information in the communication restriction information storage means . A destination determining unit for determining whether or not the communication terminal is a communication terminal to which communication is permitted ; and a case where the destination determining unit determines that the transmission destination of the data is a communication terminal to which communication is permitted . 9 . The communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 8 , further comprising : sending means for sending communication data corresponding to the data instructed to be transmitted to said transmission path . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6198728B1 Filed: 1996-12-19 Issued: 2001-03-06 Medium access control (MAC) protocol for wireless ATM (Original Assignee) Philips North America LLC (Current Assignee) Uniloc 2017 LLC Samir N. Hulyalkar, Chiu Ngo, Yonggang Du |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6198728B1 CLAIM 2 . A method for communicating data packets as in claim 1 , wherein some or all of said communicating and transmitting is via a wireless communication (wireless communication) s medium . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6198728B1 CLAIM 2 . A method for communicating data packets as in claim 1 , wherein some or all of said communicating and transmitting is via a wireless communication (wireless communication) s medium . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6198728B1 CLAIM 1 . A method for communicating data packet (incoming traffic) s within a network comprising a plurality of nodes , wherein an active node is one of said nodes having one or more packets to transmit , said method comprising the steps of : communicating a request for an allocation of time within a frame period from each active node , allocating a first time of transmission and a first duration of transmission for transmitting messages to said active nodes ; allocating a second time of transmission and a second duration of transmission within said frame period from each of said active nodes , in dependence upon said request for allocation , communicating said allocation of second time and second duration to each of said active nodes within said frame period , and transmitting packets from each of said active nodes in accordance with said allocation of second time and second duration within said frame period , wherein said allocating step includes : determining a delay tolerance level associated with each of said packets , and allocating said second time of transmission and said second duration of transmission to each of said active nodes , in dependence upon said request for allocation , and in dependence upon said tolerance levels . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (communications medium, first packet) . |
US6198728B1 CLAIM 2 . A method for communicating data packets as in claim 1 , wherein some or all of said communicating and transmitting is via a wireless communications medium (communication protocol) . US6198728B1 CLAIM 7 . A method as in claim 1 , wherein : said communicating of the request for allocation from each node comprises the steps of : appending said request to the first packet (communication protocol) transmitted during the time allocated to the node in the current frame period , or , if time was not allocated to the node in the current frame period , communicating an alert message after the last time allocated among all the nodes in the current frame period . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6198728B1 CLAIM 1 . A method for communicating data packet (incoming traffic) s within a network comprising a plurality of nodes , wherein an active node is one of said nodes having one or more packets to transmit , said method comprising the steps of : communicating a request for an allocation of time within a frame period from each active node , allocating a first time of transmission and a first duration of transmission for transmitting messages to said active nodes ; allocating a second time of transmission and a second duration of transmission within said frame period from each of said active nodes , in dependence upon said request for allocation , communicating said allocation of second time and second duration to each of said active nodes within said frame period , and transmitting packets from each of said active nodes in accordance with said allocation of second time and second duration within said frame period , wherein said allocating step includes : determining a delay tolerance level associated with each of said packets , and allocating said second time of transmission and said second duration of transmission to each of said active nodes , in dependence upon said request for allocation , and in dependence upon said tolerance levels . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5561689A Filed: 1994-10-26 Issued: 1996-10-01 Method and apparatus for digital carrier detection in a wireless lan (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Arthur E. Fleek, William O. Camp, Jr., Gary M. Warchocki, Michael J. Bracco, Ralph Yeager |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (frequency drift, rising edges) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data (binary signal) frames . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal (outgoing data) at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data (binary signal) frames comprises frames that allow statistical comparisons . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal (outgoing data) at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data (binary signal) frames transmitted over a time interval . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal (outgoing data) at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (frequency drift, rising edges) frames received over all the wireless channels allocated to the wireless node . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (frequency drift, rising edges) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (frequency drift, rising edges) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit (frequency drift, rising edges) for receiving the copy ; an antenna for capturing the incoming traffic (frequency drift, rising edges) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (frequency drift, rising edges) frames from the incoming traffic ; and a data processing unit (frequency drift, rising edges) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5561689A CLAIM 1 . A wireless digital network , comprising : an oscillator means at a sending node of a wireless digital network , for generating a carrier signal , starting at a first instant ; a modulator means coupled to said oscillator means , for phase shift modulating said carrier signal with an input signal ; a spoiler signal generator means coupled to said modulator means , for providing a spoiler signal as said input signal , starting at said first instant and continuing for a first duration which is longer than a period needed for said oscillator means to achieve stable characteristics ; a transmitting means coupled to said modulator means at the sending node , for transmitting a wireless radio signal representation of said carrier signal phase shift modulated with said spoiler signal ; a receiving means (transmitting unit) at a receiving node of the wireless digital network , for receiving the wireless radio signal representation of the carrier signal ; an amplifier means , coupled to the receiving means , for forming from said carrier signal a received signal of square wave pulses having rising and falling edges separated by spacings ; carrier sensing means coupled to said amplifier means , for detecting said carrier signal by counting a predetermined number of said pulses having a periodic characteristic ; said spoiler signal in said modulated carrier signal interrupting said periodic characteristic of said pulses , and thereby preventing said carrier sensing means from detecting said carrier signal ; said spoiler signal ceasing to modulate said carrier signal after said first duration when said oscillator means has achieved stable characteristics , thereby enabling said carrier sensing means to detect said carrier signal . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data (binary signal) frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (frequency drift, rising edges) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal (outgoing data) at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit (frequency drift, rising edges) for receiving the copy of the outgoing data (binary signal) frames ; an antenna for capturing the incoming traffic (frequency drift, rising edges) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (frequency drift, rising edges) frames from the incoming traffic ; and a data processing unit (frequency drift, rising edges) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5561689A CLAIM 2 . The wireless digital network of claim 1 , which further comprises : a first computer means at said sending node , for providing a binary data signal as said input signal , starting after said first duration when said oscillator means has achieved stable characteristics ; demodulator means at said receiving node , coupled to said amplifier means , for detecting when the spacing between the edges of the square wave pulses changes in response to the phase shift modulation ; said demodulator means measuring first intervals between consecutive rising edges (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) of said received signal , by counting clock pulses for a second selected interval whose duration is determined by a second selected count value ; said demodulator means measuring second intervals between consecutive falling edges of said received signal by counting clock pulses for a third selected interval whose duration is determined by a third selected count value ; and compensating means coupled to said carrier sensing means and to said demodulator means , for compensating for frequency drift (incoming data, first receiving unit, data processing unit, intrusion detection module incoming data frames, incoming traffic) in said carrier signal by adjusting said second selected count value and said third selected count value , using said first duration ; said demodulator means combining results of said measuring first intervals and measuring second intervals to provide a composite representation of the binary signal (outgoing data) at the receiver ; and a second computer means coupled to said demodulator means at the receiving node of the wireless digital network , for processing said binary signal output from said demodulator means . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030187986A1 Filed: 2003-06-05 Issued: 2003-10-02 Method for, and a topology aware resource manager in an ip-telephony system (Original Assignee) Operax AB (Current Assignee) NetSocket Inc Jim Sundqvist, anders Larrson, Joakim Norrgård, Olov Schelén |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US20030187986A1 CLAIM 1 . A topology aware resource manager (RM) within an Internet Protocol (communication protocol) IP telephony system (400) for transmission of multimedia over an IP network , the system comprising a gatekeeper (Gk) , wherein the resource manager (RM) comprises : means for collecting routing information concerning the IP network ; means for obtaining resource information concerning resources within the IP network ; means for creating a resource map by means of combing said routing information and resource information ; characterised in that the resource manager (RM) comprises : means for via the gatekeeper (Gk) performing path sensitive recourse management issues and admission control within the system (400) by means of said resource map and by interacting with the gatekeeper (Gk) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030185361A1 Filed: 2003-03-24 Issued: 2003-10-02 Fraud monitoring system (Original Assignee) British Telecommunications PLC (Current Assignee) British Telecommunications PLC Alexander Edwards |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (current time period) . |
US20030185361A1 CLAIM 14 . A method according to any preceding claim wherein a pattern of calls from the origination for a current time period (time interval) is compared with a pattern of calls for a previous time period in order to determine whether there is likely to be fraudulent activity . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030185361A1 CLAIM 9 . A method according to claim 8 wherein the call destination information in said predetermined pattern of calls comprises information (second receiving unit) identifying a node or group of nodes in the telecommunications network and/or a geographical location . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving pattern) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US20030185361A1 CLAIM 13 . A method according to any preceding claim including the steps of receiving an input code from the origination , validating the input code , and receiving pattern (transmitting unit) update data from the origination and updating said predetermined pattern of calls if the input code is valid . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030185361A1 CLAIM 9 . A method according to claim 8 wherein the call destination information in said predetermined pattern of calls comprises information (second receiving unit) identifying a node or group of nodes in the telecommunications network and/or a geographical location . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030126468A1 Filed: 2002-11-25 Issued: 2003-07-03 Distributed firewall system and method (Original Assignee) Secure Computing LLC (Current Assignee) McAfee LLC Thomas Markham |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (packet transfer) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (packet transfer) frames received over all the wireless channels allocated to the wireless node . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (packet transfer) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (packet transfer) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (packet transfer) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (network interface cards) based on the impersonation detected signal . |
US20030126468A1 CLAIM 37 . A distributed firewall system , comprising : a plurality of computers , including a first computer , wherein the plurality of computers are connected through network interface cards (intrusion attack) to a network ; and a security server connected to the network ; wherein the network interface card for the first computer includes logic which selectively forwards packets addressed to the first computer from the network interface card to the security server . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (packet transfer) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (packet transfer) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030126468A1 CLAIM 1 . A method of restricting packet transfer (incoming data, incoming data frames, intrusion detection module incoming data frames) to a computer across a network , wherein the computer includes a network interface device coupled to the network and wherein the network interface device includes a packet filter , the method comprising : providing a security server connected to the network ; receiving a packet at the network interface device ; determining , at the network interface device , whether the packet is an authorized transaction ; if the packet is not an authorized transaction , routing the packet to the security server ; determining , at the security server , whether the packet is an authorized transaction ; and if the security server determines that the packet is an authorized transaction , configuring the network interface device to accept similar transactions . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (network interface cards) based on the impersonation detected signal . |
US20030126468A1 CLAIM 37 . A distributed firewall system , comprising : a plurality of computers , including a first computer , wherein the plurality of computers are connected through network interface cards (intrusion attack) to a network ; and a security server connected to the network ; wherein the network interface card for the first computer includes logic which selectively forwards packets addressed to the first computer from the network interface card to the security server . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030151513A1 Filed: 2002-11-21 Issued: 2003-08-14 Self-organizing hierarchical wireless network for surveillance and control (Original Assignee) Robert Bosch GmbH (Current Assignee) Robert Bosch GmbH Falk Herrmann, Andreas Hensel, Arati Manjeshwar, Mikael Israelsson, Johannes Karlsson, Jason Hill |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (first layer) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030151513A1 CLAIM 38 . The method of claim 36 , wherein the step of initializing the sensor/actuator node network further includes : transmitting beacon signals and link discovery packets from cluster heads to a first layer (original data) of sensor/actuator nodes to wakeup the first layer of sensor/actuator nodes and to gather link information ; successively transmitting the beacon signals and link discovery packets from the lower layer nodes to the higher layer nodes to wakeup the higher layer nodes and to gather the link information ; and transmitting route discovery packets to the sensor/actuator nodes ; transmitting route registration packets to the cluster heads including the link information ; and sharing the link information with all cluster heads of the cluster head network . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (first layer) frames . |
US20030151513A1 CLAIM 38 . The method of claim 36 , wherein the step of initializing the sensor/actuator node network further includes : transmitting beacon signals and link discovery packets from cluster heads to a first layer (original data) of sensor/actuator nodes to wakeup the first layer of sensor/actuator nodes and to gather link information ; successively transmitting the beacon signals and link discovery packets from the lower layer nodes to the higher layer nodes to wakeup the higher layer nodes and to gather the link information ; and transmitting route discovery packets to the sensor/actuator nodes ; transmitting route registration packets to the cluster heads including the link information ; and sharing the link information with all cluster heads of the cluster head network . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (first layer) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030151513A1 CLAIM 38 . The method of claim 36 , wherein the step of initializing the sensor/actuator node network further includes : transmitting beacon signals and link discovery packets from cluster heads to a first layer (original data) of sensor/actuator nodes to wakeup the first layer of sensor/actuator nodes and to gather link information ; successively transmitting the beacon signals and link discovery packets from the lower layer nodes to the higher layer nodes to wakeup the higher layer nodes and to gather the link information ; and transmitting route discovery packets to the sensor/actuator nodes ; transmitting route registration packets to the cluster heads including the link information ; and sharing the link information with all cluster heads of the cluster head network . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (first layer) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030151513A1 CLAIM 38 . The method of claim 36 , wherein the step of initializing the sensor/actuator node network further includes : transmitting beacon signals and link discovery packets from cluster heads to a first layer (original data) of sensor/actuator nodes to wakeup the first layer of sensor/actuator nodes and to gather link information ; successively transmitting the beacon signals and link discovery packets from the lower layer nodes to the higher layer nodes to wakeup the higher layer nodes and to gather the link information ; and transmitting route discovery packets to the sensor/actuator nodes ; transmitting route registration packets to the cluster heads including the link information ; and sharing the link information with all cluster heads of the cluster head network . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (radio module) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030151513A1 CLAIM 24 . The wireless network of claim 1 , wherein the cluster head includes a first radio module (second receiving unit) to communicate with the sensor/actuator nodes and a second radio module to communicate with other cluster heads . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (radio module) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030151513A1 CLAIM 24 . The wireless network of claim 1 , wherein the cluster head includes a first radio module (second receiving unit) to communicate with the sensor/actuator nodes and a second radio module to communicate with other cluster heads . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030051041A1 Filed: 2002-08-06 Issued: 2003-03-13 Method and apparatus for integrating billing and authentication functions in local area and wide area wireless data networks (Original Assignee) Tatara Systems Inc (Current Assignee) Smith Micro Software Inc Asawaree Kalavade, Hong Jiang, Penny Chen |
---|---|
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (local area networks) operates according to any wireless network technology . |
US20030051041A1 CLAIM 47 . A converged network accessible by wireless client devices , comprising : a wide area network ; a local area network ; a gateway linked to said wide area and local area networks (wireless network) , said gateway integrating billing and authentication functions of said wide area and local area networks . US20030051041A1 CLAIM 80 . A method for allowing multiple wireless operators to provide 802 . 11 services within a shared hotspot , said method comprising : a . assigning one of the available channels from the 802 . 11 spectrum to each operator ; b . assigning a unique ESSID for each operator ; c . assigning the selected ESSID to all the 802 . 11 access points (wireless network technology) managed by each operator ; and d . providing user software that selects the ESSID to associate with , depending on the preferred network . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (local area networks) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030051041A1 CLAIM 47 . A converged network accessible by wireless client devices , comprising : a wide area network ; a local area network ; a gateway linked to said wide area and local area networks (wireless network) , said gateway integrating billing and authentication functions of said wide area and local area networks . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (local area networks) operates according to any wireless network technology . |
US20030051041A1 CLAIM 47 . A converged network accessible by wireless client devices , comprising : a wide area network ; a local area network ; a gateway linked to said wide area and local area networks (wireless network) , said gateway integrating billing and authentication functions of said wide area and local area networks . US20030051041A1 CLAIM 80 . A method for allowing multiple wireless operators to provide 802 . 11 services within a shared hotspot , said method comprising : a . assigning one of the available channels from the 802 . 11 spectrum to each operator ; b . assigning a unique ESSID for each operator ; c . assigning the selected ESSID to all the 802 . 11 access points (wireless network technology) managed by each operator ; and d . providing user software that selects the ESSID to associate with , depending on the preferred network . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030028808A1 Filed: 2002-07-16 Issued: 2003-02-06 Network system, authentication method and computer program product for authentication (Original Assignee) NEC Corp (Current Assignee) NEC Corp Noriyuki Kameda |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (authentication method) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030028808A1 CLAIM 8 . An authentication method (original data) of a network system comprising a switching hub having a plurality of connection ports , and an authentication server for authenticating a validity of a terminals connected to the switching hub via the connection ports , each of which is connected to one another via a router , wherein : the switching hub performs the steps of : receiving a frame transmitted from a terminals connected via the connection ports ; generating an authentication packet , when the frame received from the reception unit is an authentication frame , based on the authentication frame ; and making an inquiry about the validity of terminal to the authentication server using the authentication packet generated by the authentication packet generating step , and wherein the authentication server performs the steps of : storing authentication information of terminals to be authenticated beforehand ; retrieving to check whether or not the authentication information of the authentication packet obtained by the authentication inquiry unit is stored by the storing step ; and transmitting authenticated/unauthenticated as an authentication response packet to the switching hub based on the retrieved result by the retrieving step . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (authentication method) frames . |
US20030028808A1 CLAIM 8 . An authentication method (original data) of a network system comprising a switching hub having a plurality of connection ports , and an authentication server for authenticating a validity of a terminals connected to the switching hub via the connection ports , each of which is connected to one another via a router , wherein : the switching hub performs the steps of : receiving a frame transmitted from a terminals connected via the connection ports ; generating an authentication packet , when the frame received from the reception unit is an authentication frame , based on the authentication frame ; and making an inquiry about the validity of terminal to the authentication server using the authentication packet generated by the authentication packet generating step , and wherein the authentication server performs the steps of : storing authentication information of terminals to be authenticated beforehand ; retrieving to check whether or not the authentication information of the authentication packet obtained by the authentication inquiry unit is stored by the storing step ; and transmitting authenticated/unauthenticated as an authentication response packet to the switching hub based on the retrieved result by the retrieving step . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (authentication method) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030028808A1 CLAIM 8 . An authentication method (original data) of a network system comprising a switching hub having a plurality of connection ports , and an authentication server for authenticating a validity of a terminals connected to the switching hub via the connection ports , each of which is connected to one another via a router , wherein : the switching hub performs the steps of : receiving a frame transmitted from a terminals connected via the connection ports ; generating an authentication packet , when the frame received from the reception unit is an authentication frame , based on the authentication frame ; and making an inquiry about the validity of terminal to the authentication server using the authentication packet generated by the authentication packet generating step , and wherein the authentication server performs the steps of : storing authentication information of terminals to be authenticated beforehand ; retrieving to check whether or not the authentication information of the authentication packet obtained by the authentication inquiry unit is stored by the storing step ; and transmitting authenticated/unauthenticated as an authentication response packet to the switching hub based on the retrieved result by the retrieving step . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (authentication method) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030028808A1 CLAIM 8 . An authentication method (original data) of a network system comprising a switching hub having a plurality of connection ports , and an authentication server for authenticating a validity of a terminals connected to the switching hub via the connection ports , each of which is connected to one another via a router , wherein : the switching hub performs the steps of : receiving a frame transmitted from a terminals connected via the connection ports ; generating an authentication packet , when the frame received from the reception unit is an authentication frame , based on the authentication frame ; and making an inquiry about the validity of terminal to the authentication server using the authentication packet generated by the authentication packet generating step , and wherein the authentication server performs the steps of : storing authentication information of terminals to be authenticated beforehand ; retrieving to check whether or not the authentication information of the authentication packet obtained by the authentication inquiry unit is stored by the storing step ; and transmitting authenticated/unauthenticated as an authentication response packet to the switching hub based on the retrieved result by the retrieving step . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030217283A1 Filed: 2002-06-03 Issued: 2003-11-20 Method and system for encrypted network management and intrusion detection (Original Assignee) AirDefense Inc (Current Assignee) Extreme Networks Inc Scott Hrastar, Michael Lynn, Edwin Sale, Dawn Hollingsworth |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (processing element) and providing the intrusion detection module with a copy of original data (comprises two) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames (fixed time) ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . US20030217283A1 CLAIM 22 . The system of claim 1 , wherein the plurality of test applied by the system processor comprises two (original data) or more tests selected from the group consisting of signature test , protocol test , statistical anomaly test and policy test . US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (processing element) . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (time interval) . |
US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time interval (time interval) , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (comprises two) frames . |
US20030217283A1 CLAIM 22 . The system of claim 1 , wherein the plurality of test applied by the system processor comprises two (original data) or more tests selected from the group consisting of signature test , protocol test , statistical anomaly test and policy test . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (fixed time) received over all the wireless channels allocated to the wireless node . |
US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (comprises two) frames with the incoming data frames (fixed time) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030217283A1 CLAIM 22 . The system of claim 1 , wherein the plurality of test applied by the system processor comprises two (original data) or more tests selected from the group consisting of signature test , protocol test , statistical anomaly test and policy test . US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (comprises two) frames over a wireless interface comprising : an intrusion detection module (processing element) for correlating the original data frames with incoming data frames (fixed time) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . US20030217283A1 CLAIM 22 . The system of claim 1 , wherein the plurality of test applied by the system processor comprises two (original data) or more tests selected from the group consisting of signature test , protocol test , statistical anomaly test and policy test . US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (fixed time) from the incoming traffic ; and a data processing unit (fixed time) for correlating the copy with the incoming data frames and generating a impersonation detection signal (processing element) . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (processing element) resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . US20030217283A1 CLAIM 28 . A network security system , the system comprising : a) storing means for receiving and storing risk criteria data , network default data , and network performance and usage data ; b) configuration means for receiving configuration information and forwarding the received configuration information to the storing means ; c) communication data receiving means (transmitting unit) for receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; d) database update means for transferring updated data to the storing means based upon data received by the communication data receiving means ; e) testing means for applying a plurality of tests to data received by the communication data receiving means , wherein each of the plurality of tests is of a type selected from the group consisting of signature test , protocol test , statistical anomaly test and policy test and wherein each test compares data received by the frame data receiving means with data in the storing means or information derived therefrom ; f) alarm means for generating an alarm signal if the data received by the communication data receiving means represents a signature violation , a protocol violation , a statistical anomaly or a policy violation as determined by the testing means , wherein the generated alarm signal comprises a type and a severity ; g) notification means for notifying an administrator of an alarm generated by the alarm means , its type and its severity ; h) active defense means for actively defending the encrypted computer network based upon the type and severity of an alarm generated by the alarm means by : i) CRC errors ; ii) transmitting communications comprising random data ; or iii) locking-down the encrypted computer network ; and i) mapping means for mapping station identity . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (processing element) is integrated within the wireless node . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20030217283A1 CLAIM 9 . The system of claim 8 , further comprising one or more sensors located within an area serviced by the wireless network (wireless network) , wherein each of the one or more sensors comprise a wireless receiver capable of receiving communications transmitted over the wireless computer network and a transmitter capable of transmitting data associated with received communications over the communication channel to the first communication interface . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (processing element) for correlating the outgoing data frames with incoming data frames (fixed time) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . US20030217283A1 CLAIM 9 . The system of claim 8 , further comprising one or more sensors located within an area serviced by the wireless network (wireless network) , wherein each of the one or more sensors comprise a wireless receiver capable of receiving communications transmitted over the wireless computer network and a transmitter capable of transmitting data associated with received communications over the communication channel to the first communication interface . US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (fixed time) from the incoming traffic ; and a data processing unit (fixed time) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . US20030217283A1 CLAIM 26 . A network security method , the method comprising the steps of : a) receiving configuration information comprising one or more risk criteria , network default data , network policy , performance and usage data from a configuration file , an interactive data entry interface or a command line ; b) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication ; c) updating a database containing data corresponding to stations in the encrypted computer network based upon the received data ; d) updating state information associated with the encrypted computer network based upon the received data ; e) if a statistical interval has ended based upon the received data or a fixed time (incoming data frames, data processing unit) interval , updating a database of statistics associated with the encrypted computer network ; f) testing the received data to determine if it represents a signature violation by comparing the received data with configuration information or information derived therefrom ; g) testing the received data to determine if it represents a protocol violation by comparing the received data with configuration information or information derived therefrom ; h) testing the received data to determine if it represents a statistical anomaly by comparing the received data with configuration information , information derived therefrom or information in the database of statistics associated with the wireless computer network ; i) testing the received data to determine if it represents a policy violation by comparing the received data with configuration information or information derived therefrom ; j) generating an alarm signal if the received data represents a signature violation , a protocol violation , a statistical anomaly or a policy violation , wherein the generated alarm signal comprises a type and a severity ; k) in response to the generated alarm , i) notifying an administrator of the generated alarm , its type and its severity ; or ii) actively defending the wireless computer network based upon the generated alarm' ; s type and severity by : 1) CRC errors ; 2) transmitting communications comprising random data ; or 3) locking-down the encrypted computer network ; and l) mapping station identity . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US20030217283A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing risk criteria data , network default data , and network performance and usage data ; b) a first communication interface comprising a receiver that receives inbound communications from a communication channel associated with the communication interface ; c) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving data corresponding to a communication transmitted over an encrypted computer network and the signal used to transmit the communication via the communication interface ; ii) detecting a violation by applying a plurality of tests that each compare the received data with data in the system data store or information derived therefrom ; iii) generating an alarm signal if a violation was detected . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20030217283A1 CLAIM 9 . The system of claim 8 , further comprising one or more sensors located within an area serviced by the wireless network (wireless network) , wherein each of the one or more sensors comprise a wireless receiver capable of receiving communications transmitted over the wireless computer network and a transmitter capable of transmitting data associated with received communications over the communication channel to the first communication interface . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030219008A1 Filed: 2002-06-03 Issued: 2003-11-27 System and method for wireless lan dynamic channel change with honeypot trap (Original Assignee) AirDefense Inc (Current Assignee) Extreme Networks Inc Scott Hrastar |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (wireless communication network) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (processing element) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . US20030219008A1 CLAIM 15 . A network security system , the system comprising : a) storing means for receiving and storing configuration information comprising network configuration and default data ; b) wireless receiving means for receiving communications transmitted over the wireless communication network (wireless communication network) ; c) wireless transmitting means for transmitting communications over the wireless communication network ; d) defense request receiving means for receiving an active defense request signal from an intrusion detection system , wherein the received request signal comprises an access point indicator corresponding to an access point in the wireless computer network potentially compromised by an intruder ; e) honeypot processing means for : i) requesting configuration data associated with the access point from the access point or the intrusion detection system ; ii) receiving the configuration data associated with the access point ; iii) storing identification information associated with the access point based on the received configuration data ; iv) communicating with the intruder via the wireless receiver means and the wireless transmitter means as if the intruder were communicating with the access point based upon the stored identification information ; and v) transmitting a communication comprising a channel change request to the access point ; and f) mapping means for identifying a node or location associated with the intruder . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (processing element) . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (wireless communication network) , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (processing element) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . US20030219008A1 CLAIM 15 . A network security system , the system comprising : a) storing means for receiving and storing configuration information comprising network configuration and default data ; b) wireless receiving means for receiving communications transmitted over the wireless communication network (wireless communication network) ; c) wireless transmitting means for transmitting communications over the wireless communication network ; d) defense request receiving means for receiving an active defense request signal from an intrusion detection system , wherein the received request signal comprises an access point indicator corresponding to an access point in the wireless computer network potentially compromised by an intruder ; e) honeypot processing means for : i) requesting configuration data associated with the access point from the access point or the intrusion detection system ; ii) receiving the configuration data associated with the access point ; iii) storing identification information associated with the access point based on the received configuration data ; iv) communicating with the intruder via the wireless receiver means and the wireless transmitter means as if the intruder were communicating with the access point based upon the stored identification information ; and v) transmitting a communication comprising a channel change request to the access point ; and f) mapping means for identifying a node or location associated with the intruder . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (processing element) . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . US20030219008A1 CLAIM 5 . The system of claim 4 , wherein the system processor is further programmed or adapted to perform the step comprising of communicating information derived from monitoring the wireless computer network to an intrusion detection (intrusion attack) s system . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (processing element) resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . US20030219008A1 CLAIM 15 . A network security system , the system comprising : a) storing means for receiving and storing configuration information comprising network configuration and default data ; b) wireless receiving means (transmitting unit) for receiving communications transmitted over the wireless communication network ; c) wireless transmitting means for transmitting communications over the wireless communication network ; d) defense request receiving means for receiving an active defense request signal from an intrusion detection system , wherein the received request signal comprises an access point indicator corresponding to an access point in the wireless computer network potentially compromised by an intruder ; e) honeypot processing means for : i) requesting configuration data associated with the access point from the access point or the intrusion detection system ; ii) receiving the configuration data associated with the access point ; iii) storing identification information associated with the access point based on the received configuration data ; iv) communicating with the intruder via the wireless receiver means and the wireless transmitter means as if the intruder were communicating with the access point based upon the stored identification information ; and v) transmitting a communication comprising a channel change request to the access point ; and f) mapping means for identifying a node or location associated with the intruder . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (processing element) is integrated within the wireless node . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (processing element) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030219008A1 CLAIM 1 . A network security system , the system comprising : a) a system data store capable of storing network default and configuration data ; b) a wireless transmitter capable of transmitting communications over a wireless computer network ; c) a wireless receiver capable of receiving communications transmitted over the wireless computer network ; d) a system processor comprising one or more processing element (intrusion detection module, impersonation detection signal) s , wherein the system processor is in communication with the system data store , the wireless receiver and the wireless transmitter and wherein the system processor is programmed or adapted to perform the steps comprising of : i) receiving configuration data associated with an access point potentially compromised by an intruder ; ii) storing in the system data store identification information associated with the access point based on the received configuration data ; iii) communicating with the intruder via the wireless transmitter and receiver as if the intruder were communicating with the access point based upon the stored identification information ; and iv) transmitting a communication comprising a channel change request to the access point . US20030219008A1 CLAIM 5 . The system of claim 4 , wherein the system processor is further programmed or adapted to perform the step comprising of communicating information derived from monitoring the wireless computer network to an intrusion detection (intrusion attack) s system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JP2003288282A Filed: 2002-03-28 Issued: 2003-10-10 Unauthorized access prevention program (Original Assignee) Fujitsu Ltd; 富士通株式会社 Ichiro Miyajima, Ko Miyata, 一郎 宮島, 香 宮田 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (前記受) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (の対策) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策 (intrusion detection module incoming data frames) をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受 (wireless communication, wireless network, wireless communication network) 信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 10 . An impersonation detection system (detecting) for a wireless node of a wireless communication (前記受) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受 (wireless communication, wireless network, wireless communication network) 信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 11 . The impersonation detection system (detecting) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 12 . The impersonation detection system (detecting) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 13 . The impersonation detection system (detecting) of claim 12 wherein the secure link operates according to a communication protocol . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 14 . The impersonation detection system (detecting) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving step) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . JP2003288282A CLAIM 6 【請求項6】ネットワークを介した不正アクセスから所 定のサイトを防御する防御コンピュータに、前記防御コ ンピュータを管理する管理コンピュータからの指示に基 づいて、前記不正アクセスに対する対策を実施させる不 正アクセス防止プログラムであって、 前記管理コンピュータから、前記管理コンピュータが決 定した前記不正アクセスに対する対策を実施すべき旨の 指示情報を、前記ネットワークを介して受信する受信工 程と、 予め前記防御コンピュータに関連してローカルルール部 に格納されたルールに基づいて、前記指示情報による前 記管理手段が決定した不正アクセスに対する対策を実施 すべきであるか否かを決定する決定工程と、 前記決定工程において、前記不正アクセスに対する対策 を実施すべきと決定した場合には、当該対策を実施し、 前記不正アクセスに対する対策を実施すべきでないと決 定した場合には、当該対策を実施しない実施工程とを前 記防御コンピュータに実行させることを特徴とする不正 アクセス防止プログラム。 6 . An unauthorized access prevention program for causing a defense computer that protects a predetermined site from unauthorized access via a network to take countermeasures against the unauthorized access based on an instruction from a management computer that manages the defense computer . And a receiving step (transmitting unit) of receiving , from the management computer , instruction information indicating that countermeasures against the unauthorized access determined by the management computer should be taken via the network , and a local rule related to the defense computer in advance . A decision step of deciding whether or not a countermeasure against the unauthorized access determined by the management means based on the instruction information should be carried out based on a rule stored in the section ; and a countermeasure against the unauthorized access in the determining step . If you decide to implement Measures carried out , An unauthorized access prevention program , characterized in that , when it is determined that the countermeasure against the unauthorized access should not be implemented , the defense computer is caused to execute an implementation step in which the countermeasure is not implemented . |
US7409715B2 CLAIM 15 . The impersonation detection system (detecting) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 16 . The impersonation detection system (detecting) of claim 10 , wherein the wireless network (前記受) operates according to any wireless network technology . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受 (wireless communication, wireless network, wireless communication network) 信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (前記受) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受 (wireless communication, wireless network, wireless communication network) 信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 19 . The an impersonation detection system (detecting) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 CLAIM 20 . The impersonation detection system (detecting) of claim 18 , wherein the wireless network (前記受) operates according to any wireless network technology . |
JP2003288282A CLAIM 1 【請求項1】ネットワークを介した不正アクセスから複 数の所定のサイトを防御するための対策をそれぞれ実施 する複数の防御手段と、前記不正アクセスをそれぞれ検 知する複数の検知手段とに、前記ネットワークを介して 接続されたコンピュータに、前記不正アクセスの防止の 処理を実行させる不正アクセス防止プログラムであっ て、 前記何れかの検知手段で検知された不正アクセスに関す る情報を、当該不正アクセスを検知した検知手段から受 信する第一の工程と、 前記受 (wireless communication, wireless network, wireless communication network) 信した不正アクセスに関する情報に基づいて、当 該不正アクセスに対する対策を実施すべき前記防御手段 を決定すると共に、前記決定された各防御手段に対する 前記対策を決定する第二の工程と、 前記決定した各防御手段に対して、前記決定した各対策 を実施すべき旨の指示情報を送信する第三の工程とを前 記コンピュータに実行させることを特徴とする不正アク セス防止プログラム。 1 . A network for a plurality of protection means for respectively implementing measures for protecting a plurality of predetermined sites from unauthorized access via a network , and a plurality of detection means for respectively detecting (impersonation detection system) the unauthorized access . An unauthorized access prevention program for causing a computer connected via the computer to execute the unauthorized access prevention process , wherein the detection unit detects information about the unauthorized access detected by any of the detection units . From the first step of receiving from the above , and based on the received information about the unauthorized access , determine the defense means to implement the countermeasure against the unauthorized access , and determine the countermeasure against each of the determined defense means . Take the second step and implement each of the determined countermeasures for each of the determined defense measures . Unauthorized access prevention program characterized by executing a third step of transmitting an indication information indicating that the computer . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JP2003289337A Filed: 2002-03-28 Issued: 2003-10-10 Communication network, router, and distributed denial of service attack detection and protection method (Original Assignee) Nippon Telegr & Teleph Corp <Ntt>; 日本電信電話株式会社 Masaru Katayama, Kohei Shiomoto, Masanori Uga, Naoaki Yamanaka, 公平 塩本, 雅則 宇賀, 直明 山中, 勝 片山 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (前記受) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (transmission source address, apparatus, detecting) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 4 【請求項4】 前記通知する手段および前記受 (wireless communication, wireless network, wireless communication network) け取る手 段は、I−BGP(Internet-Border Gateway Protocol) を用いて前記計数結果を送受信する手段を備えた請求項 1記載の通信網。 4 . The means for notifying and the means for receiving are I-BGP (Internet-Border Gateway Protocol) The communication network according to claim 1 , further comprising means for transmitting and receiving the counting result by using . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (transmission source address, apparatus, detecting) frames received over all the wireless channels allocated to the wireless node . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (transmission source address, apparatus, detecting) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 10 . An impersonation detection system (transmission source address, apparatus, detecting) for a wireless node of a wireless communication (前記受) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (transmission source address, apparatus, detecting) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 4 【請求項4】 前記通知する手段および前記受 (wireless communication, wireless network, wireless communication network) け取る手 段は、I−BGP(Internet-Border Gateway Protocol) を用いて前記計数結果を送受信する手段を備えた請求項 1記載の通信網。 4 . The means for notifying and the means for receiving are I-BGP (Internet-Border Gateway Protocol) The communication network according to claim 1 , further comprising means for transmitting and receiving the counting result by using . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 11 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (transmission source address, apparatus, detecting) frames from the incoming traffic ; and a data processing unit (transmission source address, apparatus, detecting) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 12 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 13 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 12 wherein the secure link operates according to a communication protocol . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 14 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means (transmitting unit) and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 15 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 16 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 10 , wherein the wireless network (前記受) operates according to any wireless network technology . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 4 【請求項4】 前記通知する手段および前記受 (wireless communication, wireless network, wireless communication network) け取る手 段は、I−BGP(Internet-Border Gateway Protocol) を用いて前記計数結果を送受信する手段を備えた請求項 1記載の通信網。 4 . The means for notifying and the means for receiving are I-BGP (Internet-Border Gateway Protocol) The communication network according to claim 1 , further comprising means for transmitting and receiving the counting result by using . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (前記受) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (transmission source address, apparatus, detecting) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 4 【請求項4】 前記通知する手段および前記受 (wireless communication, wireless network, wireless communication network) け取る手 段は、I−BGP(Internet-Border Gateway Protocol) を用いて前記計数結果を送受信する手段を備えた請求項 1記載の通信網。 4 . The means for notifying and the means for receiving are I-BGP (Internet-Border Gateway Protocol) The communication network according to claim 1 , further comprising means for transmitting and receiving the counting result by using . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (transmission source address, apparatus, detecting) frames from the incoming traffic ; and a data processing unit (transmission source address, apparatus, detecting) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 19 . The an impersonation detection system (transmission source address, apparatus, detecting) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 CLAIM 20 . The impersonation detection system (transmission source address, apparatus, detecting) of claim 18 , wherein the wireless network (前記受) operates according to any wireless network technology . |
JP2003289337A CLAIM 1 【請求項1】 複数の外部通信網にそれぞれ接続された 複数のボーダルータを備えた通信網において、 前記ボーダルータは、自通信網に流入するコネクション 確立要求を含むTCP−SYNパケットを監視する手段 を備え、 この監視する手段は、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する手段と、 この計数する手段の計数結果を他ボーダルータに通知す る手段と、 他ボーダルータからの前記計数する手段の計数結果を受 け取る手段と、 この受け取る手段により受け取った他ボーダルータにお ける計数結果および前記計数する手段による自ボーダル ータの計数結果に基づき計数結果を集計する手段とを備 え、 この集計する手段は、 前記計数結果の所定時間内の増加率を検出する手段と、 この検出する手段の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する手段と を備えたことを特徴とする通信網。 1 . A communication network comprising a plurality of border routers respectively connected to a plurality of external communication networks , wherein the border router monitors a TCP-SYN packet including a connection establishment request flowing into its own communication network . This monitoring means comprises means for counting the number of TCP-SYN packets having the same destination address , means for notifying another border router of the counting result of this counting means , and the counting from the other border router . And counting means based on the counting result of the other border routers received by the receiving means and the counting result of the own border router by the counting means . Means for detecting (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) an increase rate of the counting result within a predetermined time , and a detection result of the detecting means . And a means for issuing an alarm including the information of the same destination address when the result exceeds a threshold value . JP2003289337A CLAIM 4 【請求項4】 前記通知する手段および前記受 (wireless communication, wireless network, wireless communication network) け取る手 段は、I−BGP(Internet-Border Gateway Protocol) を用いて前記計数結果を送受信する手段を備えた請求項 1記載の通信網。 4 . The means for notifying and the means for receiving are I-BGP (Internet-Border Gateway Protocol) The communication network according to claim 1 , further comprising means for transmitting and receiving the counting result by using . JP2003289337A CLAIM 9 【請求項9】 情報処理装置にインストールすることに より、その情報処理装置に、 外部通信網に接続されたルータを制御する装置に相応す る機能として、 自通信網に流入するコネクション確立要求を含むTCP −SYNパケットを監視する機能を実現させ、 この監視する機能として、 同一宛先アドレスを有するTCP−SYNパケットの個 数を計数する機能と、 この計数する機能の計数結果を他ボーダルータに通知す る機能と、 他ボーダルータからの前記計数する機能の計数結果を受 け取る機能と、 この受け取る機能により受け取った他ボーダルータにお ける計数結果および前記計数する機能による自ボーダル ータの計数結果に基づき計数結果を集計する機能とを実 現させ、 この集計する機能として、 前記計数結果の所定時間内の増加率を検出する機能と、 この検出する機能の検出結果が閾値を超えるときには前 記同一宛先アドレスの情報を含む警報を発出する機能と を実現させることを特徴とするプログラム。 9 . A TCP including a connection establishment request flowing into its own communication network as a function corresponding to a device controlling a router connected to an external communication network when installed in the information processing apparatus (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) . -Realize the function of monitoring SYN packets , and as the function of monitoring , the function of counting the number of TCP-SYN packets having the same destination address , and the function of notifying other border routers of the counting result of this counting function . , A function of receiving the counting result of the counting function from another border router , and a function of totaling the counting results based on the counting result in the other border router received by the receiving function and the counting result of the own border router by the counting function As a function of totalizing this , a function of detecting the increase rate of the counting result within a predetermined time , and an alarm including the information of the same destination address is issued when the detection result of the detecting function exceeds a threshold value . A program that realizes the function to perform . JP2003289337A CLAIM 15 【請求項15】 集計された同一宛先アドレスを有する TCP−SYNパケットの送信元アドレスを特定し、警 報を発出する際には、この特定された送信元アドレスの 情報を前記警報に書込む請求項14記載の分散型サービ ス拒絶攻撃検出防御方法。 15 . The information of the specified transmission source address (incoming data, intrusion detection module incoming data frames, impersonation detection system, data processing unit) is written in the alarm when the transmission source address of the TCP-SYN packet having the totaled same destination address is specified and the warning is issued . 14 . The distributed denial of service attack detection and protection method according to 14 . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030186679A1 Filed: 2002-03-27 Issued: 2003-10-02 Methods, apparatus and program product for monitoring network security (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp David Challener, David Stafford, Leendert Van Doorn |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (regular intervals) . |
US20030186679A1 CLAIM 4 . A method according to claim 3 wherein the step of intermittently and periodically determining the availability of access points comprises monitoring at predetermined regular intervals (time interval) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030188190A1 Filed: 2002-03-26 Issued: 2003-10-02 System and method of intrusion detection employing broad-scope monitoring (Original Assignee) BellSouth Intellectual Property Corp (Current Assignee) AT&T Delaware Intellectual Property Inc Jeffrey Aaron, Thomas Anschutz |
---|---|
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030188190A1 CLAIM 1 . An intrusion detection (intrusion attack) system for a computer network comprising : a plurality of devices coupled to the computer network , each device adapted to at least one of : sense data and provide the data to a data collection and processing center , and be adjustable ; and the data collection and processing center comprising a computer with a firewall coupled to the computer network , the data collection and processing center monitoring data communicated from the plurality of devices coupled to the network . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20030188190A1 CLAIM 9 . The system of claim 1 , wherein the computer network is one of a wired local network and a wireless network (wireless network) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030188190A1 CLAIM 9 . The system of claim 1 , wherein the computer network is one of a wired local network and a wireless network (wireless network) . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030188190A1 CLAIM 1 . An intrusion detection (intrusion attack) system for a computer network comprising : a plurality of devices coupled to the computer network , each device adapted to at least one of : sense data and provide the data to a data collection and processing center , and be adjustable ; and the data collection and processing center comprising a computer with a firewall coupled to the computer network , the data collection and processing center monitoring data communicated from the plurality of devices coupled to the network . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20030188190A1 CLAIM 9 . The system of claim 1 , wherein the computer network is one of a wired local network and a wireless network (wireless network) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JP2003264595A Filed: 2002-03-08 Issued: 2003-09-19 Packet relay device, packet relay system, and october guidance system (Original Assignee) Mitsubishi Electric Corp; 三菱電機株式会社 Yosuke Kinoshita, 洋輔 木下 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (侵入検知, apparatus) and providing the intrusion detection module with a copy of original data frames (汎用データ) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . JP2003264595A CLAIM 5 【請求項5】 上記オトリ誘導部は、オトリネットワー クに接続された汎用コンピュータにより構成され、その 汎用データ (original data frames) バスを介してパケット中継部に接続され、 上記パケット中継部は、オトリ誘導部から受信したオト リネットワークから第1のネットワークに対して送信さ れたパケットに対し、フレーム形式を第2のネットワー クの形式に変換して第1のネットワークに送出すること を特徴とする請求項4に記載のパケット中継装置。 5 . The Otori guidance unit is composed of a general-purpose computer connected to an Otori network , and is connected to a packet relay unit via a general-purpose data bus of the Otori network . 5 . The packet relay device according to claim 4 , wherein a packet format transmitted from the network to the first network is converted into a frame format of the second network and sent to the first network . . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (侵入検知, apparatus) . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (汎用データ) . |
JP2003264595A CLAIM 5 【請求項5】 上記オトリ誘導部は、オトリネットワー クに接続された汎用コンピュータにより構成され、その 汎用データ (original data frames) バスを介してパケット中継部に接続され、 上記パケット中継部は、オトリ誘導部から受信したオト リネットワークから第1のネットワークに対して送信さ れたパケットに対し、フレーム形式を第2のネットワー クの形式に変換して第1のネットワークに送出すること を特徴とする請求項4に記載のパケット中継装置。 5 . The Otori guidance unit is composed of a general-purpose computer connected to an Otori network , and is connected to a packet relay unit via a general-purpose data bus of the Otori network . 5 . The packet relay device according to claim 4 , wherein a packet format transmitted from the network to the first network is converted into a frame format of the second network and sent to the first network . . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (汎用データ) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JP2003264595A CLAIM 5 【請求項5】 上記オトリ誘導部は、オトリネットワー クに接続された汎用コンピュータにより構成され、その 汎用データ (original data frames) バスを介してパケット中継部に接続され、 上記パケット中継部は、オトリ誘導部から受信したオト リネットワークから第1のネットワークに対して送信さ れたパケットに対し、フレーム形式を第2のネットワー クの形式に変換して第1のネットワークに送出すること を特徴とする請求項4に記載のパケット中継装置。 5 . The Otori guidance unit is composed of a general-purpose computer connected to an Otori network , and is connected to a packet relay unit via a general-purpose data bus of the Otori network . 5 . The packet relay device according to claim 4 , wherein a packet format transmitted from the network to the first network is converted into a frame format of the second network and sent to the first network . . |
US7409715B2 CLAIM 10 . An impersonation detection system (侵入検知, apparatus) for a wireless node of a wireless communication network , the node for transmitting original data frames (汎用データ) over a wireless interface comprising : an intrusion detection module (侵入検知, apparatus) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . JP2003264595A CLAIM 5 【請求項5】 上記オトリ誘導部は、オトリネットワー クに接続された汎用コンピュータにより構成され、その 汎用データ (original data frames) バスを介してパケット中継部に接続され、 上記パケット中継部は、オトリ誘導部から受信したオト リネットワークから第1のネットワークに対して送信さ れたパケットに対し、フレーム形式を第2のネットワー クの形式に変換して第1のネットワークに送出すること を特徴とする請求項4に記載のパケット中継装置。 5 . The Otori guidance unit is composed of a general-purpose computer connected to an Otori network , and is connected to a packet relay unit via a general-purpose data bus of the Otori network . 5 . The packet relay device according to claim 4 , wherein a packet format transmitted from the network to the first network is converted into a frame format of the second network and sent to the first network . . |
US7409715B2 CLAIM 11 . The impersonation detection system (侵入検知, apparatus) of claim 10 , wherein the intrusion detection module (侵入検知, apparatus) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (侵入検知, apparatus) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 12 . The impersonation detection system (侵入検知, apparatus) of claim 11 , wherein the intrusion detection module (侵入検知, apparatus) further comprises means for qualifying an intrusion attack (侵入検知, apparatus) based on the impersonation detected signal . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 13 . The impersonation detection system (侵入検知, apparatus) of claim 12 wherein the secure link operates according to a communication protocol (セッション) . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . JP2003264595A CLAIM 13 【請求項13】 上記オトリ端末装置は、オトリ誘導さ れたパケットのパケット情報を解析し、この解析結果に 基づいて、セッション (communication protocol) リセットパケットを第1のネット ワークに対して送出することを特徴とする請求項9に記 載のオトリ誘導システム。 13 . The Ottori terminal device analyzes packet information of the Otori-guided packet , and sends a session reset packet to the first network based on the analysis result . 9 . The Otori guidance system according to item 9 . |
US7409715B2 CLAIM 14 . The impersonation detection system (侵入検知, apparatus) of claim 10 , wherein the connection means comprises , when the intrusion detection module (侵入検知, apparatus) resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 15 . The impersonation detection system (侵入検知, apparatus) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (侵入検知, apparatus) is integrated within the wireless node . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 16 . The impersonation detection system (侵入検知, apparatus) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (侵入検知, apparatus) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (侵入検知, apparatus) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (侵入検知, apparatus) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 19 . The an impersonation detection system (侵入検知, apparatus) of claim 18 , wherein the intrusion detection module (侵入検知, apparatus) further comprises means for qualifying an intrusion attack (侵入検知, apparatus) based on the impersonation detected signal . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 CLAIM 20 . The impersonation detection system (侵入検知, apparatus) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
JP2003264595A CLAIM 1 【請求項1】 第1のネットワークおよび第2のネット ワーク間でパケットを中継するパケット中継部と、第1 のネットワークから第2のネットワークに対して送信さ れたパケットを第1および第2のネットワークとは別の オトリネットワークへ送出するオトリ誘導部とを備え、 上記パケット中継部が、破棄すべきパケット又はオトリ 誘導すべきパケットの送信元又は送信先情報を記憶する フィルタリングテーブルと、 フィルタリングテーブルを用いて、第1のネットワーク から第2のネットワークに対して送信されたパケットの 送信元又は送信先情報に基づき、当該パケットの破棄又 はオトリ誘導を決定するフィルタリング処理部と、 第1のネットワークから第2のネットワークに対して送 信されたパケットを監視して、第2のネットワークへ不 正にアクセスしようとする不正アクセスパケットを検出 し、フィルタリングテーブルを更新する侵入検知 (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) 部とを 有することを特徴とするパケット中継装置。 1 . A packet relay unit for relaying a packet between a first network and a second network ; A packet sent from the second network to the second network , and an Otori guiding unit for sending the packet to the Otori network different from the first and second networks . A filtering table storing the source or destination information of the packet to be guided , and using the filtering table , based on the source or destination information of the packet transmitted from the first network to the second network , Unauthorized access packet that monitors the packet transmitted from the first network to the second network and tries to access the second network illegally by monitoring a filtering processing unit that determines whether to discard the packet or induce an Otori . Intrusion detection to detect and update the filtering table Packet relay apparatus (intrusion detection module, intrusion attack, intrusion detection module incoming data frames, impersonation detection system, data processing unit) characterized by having a part . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030149891A1 Filed: 2002-02-01 Issued: 2003-08-07 Method and device for providing network security by causing collisions (Original Assignee) 3Com Corp (Current Assignee) 3Com Corp Brant Thomsen |
---|---|
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US20030149891A1 CLAIM 5 . The method of claim 1 , wherein said devices (intrusion attack) in said network are substantially compliant with the IEEE 802 . 3 specification . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US20030149891A1 CLAIM 5 . The method of claim 1 , wherein said devices (intrusion attack) in said network are substantially compliant with the IEEE 802 . 3 specification . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020167965A1 Filed: 2002-01-18 Issued: 2002-11-14 Link context mobility method and system for providing such mobility, such as a system employing short range frequency hopping spread spectrum wireless protocols (Original Assignee) Strix Systems Inc (Current Assignee) Aurix Pte Ltd James Beasley, Dennis Dombrowski, James Fuhring, James Jollota, Duke Kamstra, Matthew Kuiken, Wade Mergenthal, Soiba Mohammad, Carol Sherick, Spencer Stephens, Alan White, Said Zandian |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node (network nodes) of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node (network nodes) and the intrusion detection module . |
US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node (network nodes) and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node (network nodes) of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (communication link) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020167965A1 CLAIM 2 . The system of claim 1 , further comprising a system controller coupled to the first and second base station units and to the network , wherein the system controller includes a Dynamic Host Configuration Protocol (“DHCP”) server , wherein requesting a unique session address includes : at the system controller , receiving the request , generating a locally unique Internet Protocol (“IP”) address via the DHCP server , mapping the generated IP address to the unique BD ADDR , wherein the unique BD ADDR is a six byte value , and wherein mapping includes generating a lower three bytes of the six bytes of the unique BD ADDR based on the generated IP address , and forwarding to the first base station unit the unique BD ADDR ; wherein the first and second base station units include : upper and lower Bluetooth protocol stacks , a mobility protocol to perform generic mobility link establishing and link clearing , wherein the mobility protocol is configured to operate above a Host Controller Interface (“HCI”) under the Bluetooth protocol , a mobility management entity , configured to operate above the HCI , for providing a protocol independent interface between the mobility protocol and the upper layers of the Bluetooth protocol stack , wherein the upper layers operate above the HCI , and a mobility process , configured to operate below the HCI , for interfacing between the mobility management entity and the lower layers of the Bluetooth protocol stack , wherein the lower layers operate below the HCI ; wherein the second base station is configured to determine that the communication link (air interface) with the mobile unit is lost or cleared and provide a message to the system controller , and wherein the system controller releases the unique BD ADDR in response to the received message . US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node (network nodes) ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (range wireless communication) . |
US20020167965A1 CLAIM 20 . A computer-readable medium whose contents cause a fixed short-range wireless communication (impersonation detection signal) s switch to perform a peer-to-peer method to handoff of a communications link with a wireless mobile unit to a neighboring and fixed short-range wireless communications switch in a communications network , the method comprising : at the fixed short-range wireless switch in the communications network , receiving a wireless communication from the wireless mobile unit , wherein the wireless communication is under a short-range wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless switches ; at the fixed short-range wireless switch in the communications network , obtaining a unique session identifier for the communication with the wireless mobile unit ; at the fixed short-range wireless switch in the communications network , establishing a communications link with the wireless mobile unit , wherein the communications link includes link context data associated with the wireless mobile unit , and wherein the link context data associated with the wireless mobile unit is identified at least in part based on the unique session identifier ; and determining that the wireless mobile unit is to be handed-off to the neighboring fixed short-range wireless switch ; and handing off to the neighboring fixed short-range wireless switch the communications link and link context associated with the wireless mobile unit , wherein the handing off is performed without assistance of the wireless mobile unit . US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US20020167965A1 CLAIM 2 . The system of claim 1 , further comprising a system controller coupled to the first and second base station units and to the network , wherein the system controller includes a Dynamic Host Configuration Protocol (“DHCP”) server , wherein requesting a unique session address includes : at the system controller , receiving the request , generating a locally unique Internet Protocol (communication protocol) (“IP”) address via the DHCP server , mapping the generated IP address to the unique BD ADDR , wherein the unique BD ADDR is a six byte value , and wherein mapping includes generating a lower three bytes of the six bytes of the unique BD ADDR based on the generated IP address , and forwarding to the first base station unit the unique BD ADDR ; wherein the first and second base station units include : upper and lower Bluetooth protocol stacks , a mobility protocol to perform generic mobility link establishing and link clearing , wherein the mobility protocol is configured to operate above a Host Controller Interface (“HCI”) under the Bluetooth protocol , a mobility management entity , configured to operate above the HCI , for providing a protocol independent interface between the mobility protocol and the upper layers of the Bluetooth protocol stack , wherein the upper layers operate above the HCI , and a mobility process , configured to operate below the HCI , for interfacing between the mobility management entity and the lower layers of the Bluetooth protocol stack , wherein the lower layers operate below the HCI ; wherein the second base station is configured to determine that the communication link with the mobile unit is lost or cleared and provide a message to the system controller , and wherein the system controller releases the unique BD ADDR in response to the received message . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node (network nodes) : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node (network nodes) . |
US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20020167965A1 CLAIM 29 . In a picocellular communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : a stationary wireless network (wireless network) access point coupled to the picocellular communications network , wherein the base station unit includes a memory and is configured for : receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between stationary wireless network access points (wireless network technology) in the picocellular communications network ; obtaining a unique session identifier for the communication with the mobile unit ; establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; determining that the mobile unit is to be handed-off to a neighboring stationary wireless network access point ; and handing off to the neighboring stationary wireless network access point the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 17 . A wireless node (network nodes) for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (communication link) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20020167965A1 CLAIM 2 . The system of claim 1 , further comprising a system controller coupled to the first and second base station units and to the network , wherein the system controller includes a Dynamic Host Configuration Protocol (“DHCP”) server , wherein requesting a unique session address includes : at the system controller , receiving the request , generating a locally unique Internet Protocol (“IP”) address via the DHCP server , mapping the generated IP address to the unique BD ADDR , wherein the unique BD ADDR is a six byte value , and wherein mapping includes generating a lower three bytes of the six bytes of the unique BD ADDR based on the generated IP address , and forwarding to the first base station unit the unique BD ADDR ; wherein the first and second base station units include : upper and lower Bluetooth protocol stacks , a mobility protocol to perform generic mobility link establishing and link clearing , wherein the mobility protocol is configured to operate above a Host Controller Interface (“HCI”) under the Bluetooth protocol , a mobility management entity , configured to operate above the HCI , for providing a protocol independent interface between the mobility protocol and the upper layers of the Bluetooth protocol stack , wherein the upper layers operate above the HCI , and a mobility process , configured to operate below the HCI , for interfacing between the mobility management entity and the lower layers of the Bluetooth protocol stack , wherein the lower layers operate below the HCI ; wherein the second base station is configured to determine that the communication link (air interface) with the mobile unit is lost or cleared and provide a message to the system controller , and wherein the system controller releases the unique BD ADDR in response to the received message . US20020167965A1 CLAIM 29 . In a picocellular communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : a stationary wireless network (wireless network) access point coupled to the picocellular communications network , wherein the base station unit includes a memory and is configured for : receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between stationary wireless network access points in the picocellular communications network ; obtaining a unique session identifier for the communication with the mobile unit ; establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; determining that the mobile unit is to be handed-off to a neighboring stationary wireless network access point ; and handing off to the neighboring stationary wireless network access point the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 18 . The wireless node (network nodes) of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020167965A1 CLAIM 40 . In a short-range wireless communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : fixed means for providing short-range wireless communications within the communications network , wherein the means for providing shortrange wireless communications comprises : means for receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between short-range wireless network nodes (wireless node) in the communications network ; means for obtaining a unique session identifier for the communication with the mobile unit ; means , coupled to the means for receiving , for establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; means for determining that the mobile unit is to be handed-off to a neighboring short-range network node ; and means for handing off to the neighboring short-range network node the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US20020167965A1 CLAIM 29 . In a picocellular communications network , wherein at least one mobile unit communicates with at least a portion of the network , an apparatus comprising : a stationary wireless network (wireless network) access point coupled to the picocellular communications network , wherein the base station unit includes a memory and is configured for : receiving a wireless communication from the mobile unit , wherein the wireless communication is under a wireless communications protocol , and wherein the wireless communications protocol does not provide for handoff of communications links between stationary wireless network access points (wireless network technology) in the picocellular communications network ; obtaining a unique session identifier for the communication with the mobile unit ; establishing a communications link with the mobile unit , wherein the communications link includes link context data associated with the mobile unit , and wherein the link context data associated with the mobile unit is identified at least in part based on the unique session identifier ; determining that the mobile unit is to be handed-off to a neighboring stationary wireless network access point ; and handing off to the neighboring stationary wireless network access point the communications link and link context associated with the mobile unit , wherein the handing off is performed without assistance of the mobile unit . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030105881A1 Filed: 2001-12-03 Issued: 2003-06-05 Method for detecting and preventing intrusion in a virtually-wired switching fabric (Original Assignee) HP Inc (Current Assignee) Hewlett Packard Development Co LP Julie Symons, Sharad Singhal |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (switching fabric) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (switching fabric) frames received over all the wireless channels allocated to the wireless node . |
US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (switching fabric) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (switching fabric) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (switch port) for detecting the incoming data (switching fabric) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030105881A1 CLAIM 3 . The method of claim 1 , wherein a) comprises receiving said packet from a device coupled to said first port , said first port being a switch port (second receiving unit) , and wherein there is a one-to-one mapping between ports of devices in said network and ports of switches in said network . US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US20030105881A1 CLAIM 34 . The network of claim 31 , wherein there is a one-to-one mapping between ports of said switches and ports of said devices (intrusion attack) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (switching fabric) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (switch port) for detecting the incoming data (switching fabric) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030105881A1 CLAIM 3 . The method of claim 1 , wherein a) comprises receiving said packet from a device coupled to said first port , said first port being a switch port (second receiving unit) , and wherein there is a one-to-one mapping between ports of devices in said network and ports of switches in said network . US20030105881A1 CLAIM 4 . The method of claim 1 , wherein c) comprises forwarding said packet to a device if said address is authorized for said first port , said first port coupled to said device , and wherein said network comprises a virtually-wired switching fabric (incoming data, incoming data frames) . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US20030105881A1 CLAIM 34 . The network of claim 31 , wherein there is a one-to-one mapping between ports of said switches and ports of said devices (intrusion attack) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | CN1422039A Filed: 2001-11-29 Issued: 2003-06-04 可控计算机网络的分布式黑客追踪系统 (Original Assignee) 上海交通大学 谷大武, 李小勇, 陆海宁 |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (时间间隔) . |
CN1422039A CLAIM 17 . 如权利要求16所述的分布式网络黑客追踪系统,其特征在于,步骤d中进行相关性分析,判定两条报警信息之间存在相关性的条件包括:a . 攻击类型相同;b . 收到报警信息的时间间隔 (time interval) 短于参数T;c . 攻击类型是TCP应用层的;d . 两条报警信息数据指纹的TCP报文数据部分相似度大于0 . 5。 |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (的接收) unit for receiving the copy ; an antenna for capturing the incoming traffic (的参数) received on all transmission channels allocated to the wireless node ; a second receiving (的接收) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
CN1422039A CLAIM 5 . 如权利要4所述的分布式网络黑客追踪系统,其特征在于,所述的接口驱动模块进行报文的接收 (first receiving, second receiving, first receiving unit) 和发送的操作。 CN1422039A CLAIM 18 . 如权利要求17所述的分布式网络黑客追踪系统,其特征在于,所述的参数 (incoming traffic) T的范围可以是30-150秒。 |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (网络路) . |
CN1422039A CLAIM 2 . 如权利要求1所述的分布式网络黑客追踪系统,其特征在于,所述的网络监测器分布在从攻击者到被攻击者的网络路 (communication protocol) 径上,每两个网关之间设置一网络监测器,每一网络监测器分别与管理器物理连接。 |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (的通信) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
CN1422039A CLAIM 11 . 如权利要4所述的分布式网络黑客追踪系统,其特征在于,所述的通信 (transmitting outgoing data frames) 与认证模块完成网络监测器和管理器之间的通信和认证工作。 |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (的接收) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (的参数) carried on all transmission channels allocated to the wireless node ; a second receiving (的接收) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
CN1422039A CLAIM 5 . 如权利要4所述的分布式网络黑客追踪系统,其特征在于,所述的接口驱动模块进行报文的接收 (first receiving, second receiving, first receiving unit) 和发送的操作。 CN1422039A CLAIM 18 . 如权利要求17所述的分布式网络黑客追踪系统,其特征在于,所述的参数 (incoming traffic) T的范围可以是30-150秒。 |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030084321A1 Filed: 2001-10-31 Issued: 2003-05-01 Node and mobile device for a mobile telecommunications network providing intrusion detection (Original Assignee) HP Inc (Current Assignee) Hewlett Packard Development Co LP Richard Tarquini, Richard Schertz, George Gales |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030084321A1 CLAIM 3 . The mobile device according to claim 1 , wherein the intrusion detection application further comprises an associative process engine and an input/output control layer , the input/output control layer operable to receive a signature file and pass the signature file to the associative process engine , the associative process engine operable to analyze a data packet (incoming traffic) with the signature file . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030084321A1 CLAIM 1 . A mobile device operable in a mobile telecommunications network , comprising : a memory module for storing data in machine readable format for retrieval and execution by a central processing unit ; and an operating system operable to execute an intrusion detection (intrusion attack) application stored in the memory module . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030084321A1 CLAIM 3 . The mobile device according to claim 1 , wherein the intrusion detection application further comprises an associative process engine and an input/output control layer , the input/output control layer operable to receive a signature file and pass the signature file to the associative process engine , the associative process engine operable to analyze a data packet (incoming traffic) with the signature file . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20030084321A1 CLAIM 1 . A mobile device operable in a mobile telecommunications network , comprising : a memory module for storing data in machine readable format for retrieval and execution by a central processing unit ; and an operating system operable to execute an intrusion detection (intrusion attack) application stored in the memory module . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020057764A1 Filed: 2001-09-27 Issued: 2002-05-16 Real-time incident and response information messaging in a system for the automatic notification that an emergency call has occurred from a wireline or wireless device (Original Assignee) Angelo Salvucci; Reich Don E.; Warner Kurt E.; Cook William C. (Current Assignee) 911 Notify Inc Angelo Salvucci, Don Reich, Kurt Warner, William Cook |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (telecommunications system) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020057764A1 CLAIM 26 . In a telecommunications system (wireless communication network) having at least one subscriber wireless device in communication with a telephone network which includes a network path to a PSAP , a method of notifying at least one designated telephone number that an emergency telephone call has been made from the subscriber wireless device , comprising steps of : A . recognizing an emergency call initiated from said wireless device by a detection mechanism at a detection point along said network path ; B . Generating additional information including real-time incident and response information ; C . associating said emergency call with said additional information separate from information in said emergency call ; and , D . automatically sending a message to an addressable communications device designated by said subscriber , said message including said additional information . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (telecommunications system) , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020057764A1 CLAIM 26 . In a telecommunications system (wireless communication network) having at least one subscriber wireless device in communication with a telephone network which includes a network path to a PSAP , a method of notifying at least one designated telephone number that an emergency telephone call has been made from the subscriber wireless device , comprising steps of : A . recognizing an emergency call initiated from said wireless device by a detection mechanism at a detection point along said network path ; B . Generating additional information including real-time incident and response information ; C . associating said emergency call with said additional information separate from information in said emergency call ; and , D . automatically sending a message to an addressable communications device designated by said subscriber , said message including said additional information . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020057764A1 CLAIM 2 . The method in accordance with claim 1 further characterized by : Creating subscriber data packet (incoming traffic) s from subscriber data collected from subscribers as part of said telephone service ; each of said subscriber data packets including a subscriber unique identifying information ; Periodically transferring a number of subscriber data packets to said subscriber database ; Creating , in said subscriber database , a number of subscriber data records corresponding to each said subscriber unique identifying information ; Storing in a particular subscriber data record a particular unique identifying information , a particular address of an addressable notify device supplied by a particular subscriber , and said real-time data collected from said message content of said call ; Fetching from said subscriber database memory said particular subscriber data record upon a condition that said particular subscriber unique identifying information in said particular subscriber data record matches said alert signal ; and , Utilizing said address of said particular addressable notify device , obtained from said particular subscriber data record , to activate said message response system to thereby send a message to said particular addressable notify device . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020057764A1 CLAIM 2 . The method in accordance with claim 1 further characterized by : Creating subscriber data packet (incoming traffic) s from subscriber data collected from subscribers as part of said telephone service ; each of said subscriber data packets including a subscriber unique identifying information ; Periodically transferring a number of subscriber data packets to said subscriber database ; Creating , in said subscriber database , a number of subscriber data records corresponding to each said subscriber unique identifying information ; Storing in a particular subscriber data record a particular unique identifying information , a particular address of an addressable notify device supplied by a particular subscriber , and said real-time data collected from said message content of said call ; Fetching from said subscriber database memory said particular subscriber data record upon a condition that said particular subscriber unique identifying information in said particular subscriber data record matches said alert signal ; and , Utilizing said address of said particular addressable notify device , obtained from said particular subscriber data record , to activate said message response system to thereby send a message to said particular addressable notify device . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030063714A1 Filed: 2001-09-26 Issued: 2003-04-03 Internet protocol (IP) emergency connections (ITEC) telephony (Original Assignee) Siemens Information and Communication Networks Inc (Current Assignee) Unify Inc Peggy Stumer, Robert Stampfl, Alfons Fartmann, Walter Hipfinger |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (more series) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (more series) received over all the wireless channels allocated to the wireless node . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (more series) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (more series) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (more series) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US20030063714A1 CLAIM 11 . A network including an apparatus for processing emergency calls made from connected devices , said network comprising : a plurality of network entities communicating with each other ; a plurality of devices connected to said network entities , at least one network entity having two or more connected said devices (intrusion attack) ; a network area router (NAR) in at least one network entity ; and an emergency connection identifier (ECI) module in at least one network entity with one or more ports , said ECI module in communication with said NAR , said ECI module identifying emergency calls made from devices connected to said one or more ports and forwarding identified emergency calls to said NAR , said NAR identifying a public safety access point (PSAP) corresponding to a point of origin of each identified emergency call and forwarding said each identified emergency call to said PSAP . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US20030063714A1 CLAIM 2 . A method as in claim 1 wherein said emergency call is a Voice over Internet Protocol (communication protocol) (VoIP) call and the step (b) of identifying emergency calls comprises the steps of : i) comparing a dialed number for each call with known emergency numbers ; and ii) sending an emergency connection identifier (ECI) packet to a network area router (NAR) for a dialed number matching a known emergency number . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (more series) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (more series) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030063714A1 CLAIM 12 . A network as in claim 11 wherein said ECI module comprises : an emergency number table including one or more series (incoming data frames) of dialed numbers corresponding to emergency telephone numbers ; and an ECI port equipment number (PEN) table including port equipment numbers for ports located in said network entity in which said ECI module is located and corresponding each said PEN with a source group index (SGI) number , said SGI number corresponding to a PSAP jurisdiction . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US20030063714A1 CLAIM 11 . A network including an apparatus for processing emergency calls made from connected devices , said network comprising : a plurality of network entities communicating with each other ; a plurality of devices connected to said network entities , at least one network entity having two or more connected said devices (intrusion attack) ; a network area router (NAR) in at least one network entity ; and an emergency connection identifier (ECI) module in at least one network entity with one or more ports , said ECI module in communication with said NAR , said ECI module identifying emergency calls made from devices connected to said one or more ports and forwarding identified emergency calls to said NAR , said NAR identifying a public safety access point (PSAP) corresponding to a point of origin of each identified emergency call and forwarding said each identified emergency call to said PSAP . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020066034A1 Filed: 2001-09-21 Issued: 2002-05-30 Distributed network security deception system (Original Assignee) Schlossberg Barry J.; Wenbiao Wang Barry Schlossberg, Wenbiao Wang |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (algorithm t) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020066034A1 CLAIM 48 . The method according to claim 46 , wherein the step of calculating a threat level for the computer network comprises the further steps of breaking intruder activities into multiple network communication layers , converting the multiple layers into Boolean values and applying the Boolean values in a Boolean logic algorithm t (first receiving, first receiving unit) o yield an overall threat level . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (communication protocol) . |
US20020066034A1 CLAIM 50 . The method according to claim 46 , further comprising the step of providing a secure communication protocol (communication protocol) to permit secure communications among all system components . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (algorithm t) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020066034A1 CLAIM 48 . The method according to claim 46 , wherein the step of calculating a threat level for the computer network comprises the further steps of breaking intruder activities into multiple network communication layers , converting the multiple layers into Boolean values and applying the Boolean values in a Boolean logic algorithm t (first receiving, first receiving unit) o yield an overall threat level . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JP2003092605A Filed: 2001-09-18 Issued: 2003-03-28 Content protection method and system, content protection program, and storage medium storing content protection program (Original Assignee) Nippon Telegr & Teleph Corp <Ntt>; 日本電信電話株式会社 Tsukasa Kimura, Takao Nakamura, 高雄 中村, 司 木村 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (検出手段と) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (apparatus, detecting) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . JP2003092605A CLAIM 4 【請求項4】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護システムであって、 電子メール利用者装置から送られてきた電子メールを、 電子メール本文と添付データに分解する添付データ分解 手段と、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出するヘッダ情報取得手段と、 前記ヘッダ情報を電子透かし技術を用いて添付データ内 に電子透かしとして埋め込む電子透かし埋込手段と、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成する添付 データ結合手段と、 前記透かし入り電子メールを通常の配送方法で別の電子 メールサーバ装置に転送する送信手段とを有する電子メ ールサーバ装置と、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信する受信手段と、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力する電子透かし検出手段と (original data) を有する電子透かし検出装置とを有することを特徴とす るコンテンツ保護システム。 4 . A content protection system for preventing illegal distribution of content when content is distributed using network communication including electronic mail , wherein the electronic mail sent from an electronic mail user device is Attached data decomposing means for decomposing into an email body and attached data , header information obtaining means for extracting header information described in the header portion of the email , and the header information in the attached data using a digital watermark technique . A digital watermark embedding means for embedding as a digital watermark in an electronic watermark , an attached data combining means for combining the electronic watermark embedded data with the email text to create a watermarked email , and Content data from an e-mail user device on the receiving side that has received the watermarked e-mail via the e-mail server device and an e-mail server device having a transmission means for transferring to another e-mail server device by a delivery method And a digital watermark is detected from the content data . If the teeth has been detected , content protection system characterized by having an electronic watermark detection apparatus and a digital watermark detection means for outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (検出手段と) frames . |
JP2003092605A CLAIM 4 【請求項4】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護システムであって、 電子メール利用者装置から送られてきた電子メールを、 電子メール本文と添付データに分解する添付データ分解 手段と、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出するヘッダ情報取得手段と、 前記ヘッダ情報を電子透かし技術を用いて添付データ内 に電子透かしとして埋め込む電子透かし埋込手段と、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成する添付 データ結合手段と、 前記透かし入り電子メールを通常の配送方法で別の電子 メールサーバ装置に転送する送信手段とを有する電子メ ールサーバ装置と、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信する受信手段と、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力する電子透かし検出手段と (original data) を有する電子透かし検出装置とを有することを特徴とす るコンテンツ保護システム。 4 . A content protection system for preventing illegal distribution of content when content is distributed using network communication including electronic mail , wherein the electronic mail sent from an electronic mail user device is Attached data decomposing means for decomposing into an email body and attached data , header information obtaining means for extracting header information described in the header portion of the email , and the header information in the attached data using a digital watermark technique . A digital watermark embedding means for embedding as a digital watermark in an electronic watermark , an attached data combining means for combining the electronic watermark embedded data with the email text to create a watermarked email , and Content data from an e-mail user device on the receiving side that has received the watermarked e-mail via the e-mail server device and an e-mail server device having a transmission means for transferring to another e-mail server device by a delivery method And a digital watermark is detected from the content data . If the teeth has been detected , content protection system characterized by having an electronic watermark detection apparatus and a digital watermark detection means for outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (検出手段と) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JP2003092605A CLAIM 4 【請求項4】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護システムであって、 電子メール利用者装置から送られてきた電子メールを、 電子メール本文と添付データに分解する添付データ分解 手段と、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出するヘッダ情報取得手段と、 前記ヘッダ情報を電子透かし技術を用いて添付データ内 に電子透かしとして埋め込む電子透かし埋込手段と、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成する添付 データ結合手段と、 前記透かし入り電子メールを通常の配送方法で別の電子 メールサーバ装置に転送する送信手段とを有する電子メ ールサーバ装置と、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信する受信手段と、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力する電子透かし検出手段と (original data) を有する電子透かし検出装置とを有することを特徴とす るコンテンツ保護システム。 4 . A content protection system for preventing illegal distribution of content when content is distributed using network communication including electronic mail , wherein the electronic mail sent from an electronic mail user device is Attached data decomposing means for decomposing into an email body and attached data , header information obtaining means for extracting header information described in the header portion of the email , and the header information in the attached data using a digital watermark technique . A digital watermark embedding means for embedding as a digital watermark in an electronic watermark , an attached data combining means for combining the electronic watermark embedded data with the email text to create a watermarked email , and Content data from an e-mail user device on the receiving side that has received the watermarked e-mail via the e-mail server device and an e-mail server device having a transmission means for transferring to another e-mail server device by a delivery method And a digital watermark is detected from the content data . If the teeth has been detected , content protection system characterized by having an electronic watermark detection apparatus and a digital watermark detection means for outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 10 . An impersonation detection system (apparatus, detecting) for a wireless node of a wireless communication network , the node for transmitting original data (検出手段と) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . JP2003092605A CLAIM 4 【請求項4】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護システムであって、 電子メール利用者装置から送られてきた電子メールを、 電子メール本文と添付データに分解する添付データ分解 手段と、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出するヘッダ情報取得手段と、 前記ヘッダ情報を電子透かし技術を用いて添付データ内 に電子透かしとして埋め込む電子透かし埋込手段と、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成する添付 データ結合手段と、 前記透かし入り電子メールを通常の配送方法で別の電子 メールサーバ装置に転送する送信手段とを有する電子メ ールサーバ装置と、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信する受信手段と、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力する電子透かし検出手段と (original data) を有する電子透かし検出装置とを有することを特徴とす るコンテンツ保護システム。 4 . A content protection system for preventing illegal distribution of content when content is distributed using network communication including electronic mail , wherein the electronic mail sent from an electronic mail user device is Attached data decomposing means for decomposing into an email body and attached data , header information obtaining means for extracting header information described in the header portion of the email , and the header information in the attached data using a digital watermark technique . A digital watermark embedding means for embedding as a digital watermark in an electronic watermark , an attached data combining means for combining the electronic watermark embedded data with the email text to create a watermarked email , and Content data from an e-mail user device on the receiving side that has received the watermarked e-mail via the e-mail server device and an e-mail server device having a transmission means for transferring to another e-mail server device by a delivery method And a digital watermark is detected from the content data . If the teeth has been detected , content protection system characterized by having an electronic watermark detection apparatus and a digital watermark detection means for outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 11 . The impersonation detection system (apparatus, detecting) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus, detecting) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 12 . The impersonation detection system (apparatus, detecting) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 13 . The impersonation detection system (apparatus, detecting) of claim 12 wherein the secure link operates according to a communication protocol . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 14 . The impersonation detection system (apparatus, detecting) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 15 . The impersonation detection system (apparatus, detecting) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 16 . The impersonation detection system (apparatus, detecting) of claim 10 , wherein the wireless network (該電子メール) operates according to any wireless network technology . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . JP2003092605A CLAIM 2 【請求項2】 前記電子メールサーバ装置において、 電子メールを一意に示すメッセージIDを取得し、 前記メッセージIDを前記電子透かし技術を用いて前記 添付データ内に埋め込み、 前記メッセージIDと前記ヘッダ情報を組にしてヘッダ 情報データベースに登録しておき、 前記電子透かし検出装置において、 電子透かしの検出処理により出力された情報をメッセー ジIDと見做して、前記ヘッダ情報データベース内の対 応する電子メールを取得する請求項1記載のコンテンツ 保護方法。 2 . The electronic mail server device acquires a message ID uniquely indicating an electronic mail , embeds the message ID in the attached data by using the electronic watermark technique (wireless network technology) , and stores the message ID and the header information . The combination is registered in the header information database , and in the digital watermark detection device , the information output by the digital watermark detection processing is regarded as a message ID , and the corresponding electronic mail in the header information database is acquired . The content protection method according to claim 1 . JP2003092605A CLAIM 5 【請求項5】 前記電子メールサーバ装置は、 電子メールを一意に示すメッセージIDを該電子メール (wireless network) から取得する手段と、 前記メッセージIDと前記ヘッダ情報を組にしてヘッダ 情報データベースに登録する手段を更に有し、 前記電子透かし埋込手段は、 前記メッセージIDを前記電子透かし技術を用いて前記 添付データ内に電子透かしとして埋め込む手段を含み、 前記電子透かし検出装置は、 前記電子透かし検出手段により出力された情報をメッセ ージIDと見做して、前記ヘッダ情報データベース内か ら対応する電子メールを取得する手段を含む請求項4記 載のコンテンツ保護システム。 5 . The electronic mail server device further comprises means for acquiring a message ID uniquely indicating the electronic mail from the electronic mail , and means for registering the message ID and the header information as a set in a header information database . The digital watermark embedding means includes means for embedding the message ID as a digital watermark in the attached data using the digital watermark technique , and the digital watermark detecting device is output by the digital watermark detecting means . The content protection system according to claim 4 , further comprising : a unit that regards the obtained information as a message ID and acquires a corresponding electronic mail from the header information database . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (該電子メール) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JP2003092605A CLAIM 5 【請求項5】 前記電子メールサーバ装置は、 電子メールを一意に示すメッセージIDを該電子メール (wireless network) から取得する手段と、 前記メッセージIDと前記ヘッダ情報を組にしてヘッダ 情報データベースに登録する手段を更に有し、 前記電子透かし埋込手段は、 前記メッセージIDを前記電子透かし技術を用いて前記 添付データ内に電子透かしとして埋め込む手段を含み、 前記電子透かし検出装置は、 前記電子透かし検出手段により出力された情報をメッセ ージIDと見做して、前記ヘッダ情報データベース内か ら対応する電子メールを取得する手段を含む請求項4記 載のコンテンツ保護システム。 5 . The electronic mail server device further comprises means for acquiring a message ID uniquely indicating the electronic mail from the electronic mail , and means for registering the message ID and the header information as a set in a header information database . The digital watermark embedding means includes means for embedding the message ID as a digital watermark in the attached data using the digital watermark technique , and the digital watermark detecting device is output by the digital watermark detecting means . The content protection system according to claim 4 , further comprising : a unit that regards the obtained information as a message ID and acquires a corresponding electronic mail from the header information database . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus, detecting) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 19 . The an impersonation detection system (apparatus, detecting) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . |
US7409715B2 CLAIM 20 . The impersonation detection system (apparatus, detecting) of claim 18 , wherein the wireless network (該電子メール) operates according to any wireless network technology . |
JP2003092605A CLAIM 1 【請求項1】 電子メールを含むネットワーク通信を用 いたコンテンツ配信の際にコンテンツの不正配布を防止 するためのコンテンツ保護方法において、 電子メールサーバ装置において、 電子メール利用者装置から送られてきた電子メールを電 子メール本文と添付データに分解し、 前記電子メールのヘッダ部に記述されているヘッダ情報 を抽出し、 前記ヘッダ情報と電子透かし技術を用いて添付データ内 に電子透かしを埋め込み、 前記電子透かしを埋め込んだ添付データを前記電子メー ル本文と結合して透かし入り電子メールを作成し、 透かし入り電子メールを通常の配送方法で別の電子メー ルサーバ装置に転送し、 電子透かし検出装置において、 電子メールサーバ装置を介して、前記透かし入り電子メ ールを受信した受信側の電子メール利用者装置からコン テンツデータを受信し、 前記コンテンツデータから電子透かしの検出を行い、電 子透かしを検出した場合、埋め込まれていた情報を不正 送信に関する情報として出力することを特徴とするコン テンツ保護方法。 1 . A content protection method for preventing illegal distribution of content at the time of content distribution using network communication including electronic mail , wherein an electronic mail sent from an electronic mail user apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) in an electronic mail server apparatus . The mail is decomposed into an electronic mail text and attached data , header information described in the header part of the electronic mail is extracted , and a digital watermark is embedded in the attached data using the header information and digital watermark technology . The attached data in which the watermark is embedded is combined with the email body to create a watermarked email , and the watermarked email is transferred to another email server device by a normal delivery method . The electronic mail on the receiving side that received the watermarked electronic mail via the mail server device Receiving content data from the user device , wherein the detection is performed watermark from the content data , when detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a digital watermark , the content protection method and outputting the information embedded as information related to fraud transmission . JP2003092605A CLAIM 2 【請求項2】 前記電子メールサーバ装置において、 電子メールを一意に示すメッセージIDを取得し、 前記メッセージIDを前記電子透かし技術を用いて前記 添付データ内に埋め込み、 前記メッセージIDと前記ヘッダ情報を組にしてヘッダ 情報データベースに登録しておき、 前記電子透かし検出装置において、 電子透かしの検出処理により出力された情報をメッセー ジIDと見做して、前記ヘッダ情報データベース内の対 応する電子メールを取得する請求項1記載のコンテンツ 保護方法。 2 . The electronic mail server device acquires a message ID uniquely indicating an electronic mail , embeds the message ID in the attached data by using the electronic watermark technique (wireless network technology) , and stores the message ID and the header information . The combination is registered in the header information database , and in the digital watermark detection device , the information output by the digital watermark detection processing is regarded as a message ID , and the corresponding electronic mail in the header information database is acquired . The content protection method according to claim 1 . JP2003092605A CLAIM 5 【請求項5】 前記電子メールサーバ装置は、 電子メールを一意に示すメッセージIDを該電子メール (wireless network) から取得する手段と、 前記メッセージIDと前記ヘッダ情報を組にしてヘッダ 情報データベースに登録する手段を更に有し、 前記電子透かし埋込手段は、 前記メッセージIDを前記電子透かし技術を用いて前記 添付データ内に電子透かしとして埋め込む手段を含み、 前記電子透かし検出装置は、 前記電子透かし検出手段により出力された情報をメッセ ージIDと見做して、前記ヘッダ情報データベース内か ら対応する電子メールを取得する手段を含む請求項4記 載のコンテンツ保護システム。 5 . The electronic mail server device further comprises means for acquiring a message ID uniquely indicating the electronic mail from the electronic mail , and means for registering the message ID and the header information as a set in a header information database . The digital watermark embedding means includes means for embedding the message ID as a digital watermark in the attached data using the digital watermark technique , and the digital watermark detecting device is output by the digital watermark detecting means . The content protection system according to claim 4 , further comprising : a unit that regards the obtained information as a message ID and acquires a corresponding electronic mail from the header information database . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020055980A1 Filed: 2001-08-15 Issued: 2002-05-09 Controlled server loading (Original Assignee) University of Nebraska (Current Assignee) University of Nebraska Steve Goddard |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (multiple client) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020055980A1 CLAIM 16 . The method of claim 15 wherein each concurrent connection is a persistent connection over which data requests from multiple client (wireless communication network) s can be sent by the dispatcher to the back-end server . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (multiple client) , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020055980A1 CLAIM 16 . The method of claim 15 wherein each concurrent connection is a persistent connection over which data requests from multiple client (wireless communication network) s can be sent by the dispatcher to the back-end server . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020146002A1 Filed: 2001-07-24 Issued: 2002-10-10 Network administration apparatus, network administrating program, network administrating method and computer network system (Original Assignee) Allied Telesis KK (Current Assignee) Allied Telesis KK Takayuki Sato |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (predetermined time period) . |
US20020146002A1 CLAIM 8 . A network administration apparatus as claimed in claim 7 , wherein said database updating unit deletes said corresponding device identifying information of said network device detected by said detecting unit from said VLAN information database when a predetermined time period (time interval) has passed after detection that said network device has been removed from said network or turned off . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving device) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US20020146002A1 CLAIM 20 . A network administrating method for use in a network administration apparatus operable to administrate a network device that performs communication in a network , said network administration apparatus comprising a VLAN information database for storing one or more VLAN groups to which one or more network devices connected to said network are to belong , and one or more units of device identifying information respectively specifying said one or more network devices , each of said one or more VLAN groups corresponding to at least one unit of device identifying information , said method comprising : receiving device (transmitting unit, transmitting outgoing data frames) identifying information of a network device therefrom ; storing received device identifying information to correspond to a VLAN group to which said network device having said received device identifying information is to belong ; and assigning said VLAN group that corresponds to said received device identifying information to said network device having said received device identifying information . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (receiving device) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20020146002A1 CLAIM 20 . A network administrating method for use in a network administration apparatus operable to administrate a network device that performs communication in a network , said network administration apparatus comprising a VLAN information database for storing one or more VLAN groups to which one or more network devices connected to said network are to belong , and one or more units of device identifying information respectively specifying said one or more network devices , each of said one or more VLAN groups corresponding to at least one unit of device identifying information , said method comprising : receiving device (transmitting unit, transmitting outgoing data frames) identifying information of a network device therefrom ; storing received device identifying information to correspond to a VLAN group to which said network device having said received device identifying information is to belong ; and assigning said VLAN group that corresponds to said received device identifying information to said network device having said received device identifying information . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030056001A1 Filed: 2001-07-20 Issued: 2003-03-20 Selective routing of data flows using a TCAM (Original Assignee) Nokia Inc (Current Assignee) Nokia Technologies Oy Ashutosh Mate, Atul Mahamuni, Vijay Chander |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (packet header information) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030056001A1 CLAIM 1 . A method for classifying a plurality of data flows in a router comprising the steps of : partitioning a ternary content addressable memory (TCAM) into at least a first partition and a second partition ; said first partition includes indices having highest priority ranging from a lowest index to a partition index and said second partition includes indices having lowest priority ranging from a highest index to said partition index ; loading one or more first flow TCAM entries of a first of said plurality of data flows into said first partition in a predetermined order ; loading one or more second TCAM entries of a second of said plurality of data flows into said second partition in a predetermined order ; setting bit values of a corresponding mask for each of said first TCAM entries and said second TCAM entries such that bits of said respective first TCAM entries and said second TCAM entries are individually masked by said masks ; and comparing a prefix comprising predetermined packet header information (incoming traffic) of an incoming packet to said loaded one or more first TCAM entries and one or more second TCAM entries such that a matching said one or more first TCAM entries subsumes any matching said one or more second TCAM entries . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (packet header information) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030056001A1 CLAIM 1 . A method for classifying a plurality of data flows in a router comprising the steps of : partitioning a ternary content addressable memory (TCAM) into at least a first partition and a second partition ; said first partition includes indices having highest priority ranging from a lowest index to a partition index and said second partition includes indices having lowest priority ranging from a highest index to said partition index ; loading one or more first flow TCAM entries of a first of said plurality of data flows into said first partition in a predetermined order ; loading one or more second TCAM entries of a second of said plurality of data flows into said second partition in a predetermined order ; setting bit values of a corresponding mask for each of said first TCAM entries and said second TCAM entries such that bits of said respective first TCAM entries and said second TCAM entries are individually masked by said masks ; and comparing a prefix comprising predetermined packet header information (incoming traffic) of an incoming packet to said loaded one or more first TCAM entries and one or more second TCAM entries such that a matching said one or more first TCAM entries subsumes any matching said one or more second TCAM entries . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020021675A1 Filed: 2001-07-18 Issued: 2002-02-21 System and method for packet network configuration debugging and database (Original Assignee) AT&T Corp (Current Assignee) AT&T Corp Anja Feldmann |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (order r) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020021675A1 CLAIM 5 . The invention of claim 4 wherein dependencies in the router configuration files are identified and the router configuration files are parsed in a pre-specified order r (original data, original data frames, data processing unit) eflecting the dependencies . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (order r) frames . |
US20020021675A1 CLAIM 5 . The invention of claim 4 wherein dependencies in the router configuration files are identified and the router configuration files are parsed in a pre-specified order r (original data, original data frames, data processing unit) eflecting the dependencies . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (order r) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20020021675A1 CLAIM 5 . The invention of claim 4 wherein dependencies in the router configuration files are identified and the router configuration files are parsed in a pre-specified order r (original data, original data frames, data processing unit) eflecting the dependencies . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (order r) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020021675A1 CLAIM 5 . The invention of claim 4 wherein dependencies in the router configuration files are identified and the router configuration files are parsed in a pre-specified order r (original data, original data frames, data processing unit) eflecting the dependencies . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (network policies) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (order r) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020021675A1 CLAIM 5 . The invention of claim 4 wherein dependencies in the router configuration files are identified and the router configuration files are parsed in a pre-specified order r (original data, original data frames, data processing unit) eflecting the dependencies . US20020021675A1 CLAIM 7 . The invention of claim 6 wherein error checks may be customized to check for compliance with network policies (incoming traffic) . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (traffic engineering) . |
US20020021675A1 CLAIM 1 . A method of analyzing configuration of a packet-switched network comprising the steps of : receiving configuration information on the packet-switched network ; populating a data model comprising data abstractions of routers in the packet-switched network , interfaces on the routers , links connecting interfaces , routing protocols , and access control , wherein the data model represents the packet-switched network at a level of abstraction appropriate for traffic engineering (communication protocol, wireless network technology) . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (traffic engineering) . |
US20020021675A1 CLAIM 1 . A method of analyzing configuration of a packet-switched network comprising the steps of : receiving configuration information on the packet-switched network ; populating a data model comprising data abstractions of routers in the packet-switched network , interfaces on the routers , links connecting interfaces , routing protocols , and access control , wherein the data model represents the packet-switched network at a level of abstraction appropriate for traffic engineering (communication protocol, wireless network technology) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (network policies) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (order r) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020021675A1 CLAIM 5 . The invention of claim 4 wherein dependencies in the router configuration files are identified and the router configuration files are parsed in a pre-specified order r (original data, original data frames, data processing unit) eflecting the dependencies . US20020021675A1 CLAIM 7 . The invention of claim 6 wherein error checks may be customized to check for compliance with network policies (incoming traffic) . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (traffic engineering) . |
US20020021675A1 CLAIM 1 . A method of analyzing configuration of a packet-switched network comprising the steps of : receiving configuration information on the packet-switched network ; populating a data model comprising data abstractions of routers in the packet-switched network , interfaces on the routers , links connecting interfaces , routing protocols , and access control , wherein the data model represents the packet-switched network at a level of abstraction appropriate for traffic engineering (communication protocol, wireless network technology) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020083343A1 Filed: 2001-06-12 Issued: 2002-06-27 Computer architecture for an intrusion detection system (Original Assignee) HP Inc (Current Assignee) Hewlett Packard Enterprise Development LP Mark Crosbie, Rosemarie Shepley, Benjamin Kuperman, Leonard Frayman |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (low bandwidth) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (reading means) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020083343A1 CLAIM 6 . The computer architecture of claim 1 , wherein there is low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) connection between said control agent and each of said data gathering components and said at least one correlator and a high bandwidth connection between said control agent and each said data gathering component and said correlator . US20020083343A1 CLAIM 19 . A computer architecture for detecting intrusions , comprising : reading means (original data, second receiving, original data frames) for reading kernel records ; reformatting means for reformatting each of the read kernel records into a different format ; parsing means for parsing the records and comparing the parsed records against one or more templates . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames comprises frames (control agent) that allow statistical comparisons . |
US20020083343A1 CLAIM 1 . A computer architecture for an intrusion detection system , comprising : a control agent (outgoing data frames comprises frames) to interface with a management system and to monitor system activity ; at least one data gathering component which gathers kernel audit data and syslog data ; at least one correlator to interpret and analyzes the kernel audit data and the syslog data using at least one detection template . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (reading means) frames . |
US20020083343A1 CLAIM 19 . A computer architecture for detecting intrusions , comprising : reading means (original data, second receiving, original data frames) for reading kernel records ; reformatting means for reformatting each of the read kernel records into a different format ; parsing means for parsing the records and comparing the parsed records against one or more templates . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (low bandwidth) allocated to the wireless node and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
US20020083343A1 CLAIM 6 . The computer architecture of claim 1 , wherein there is low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) connection between said control agent and each of said data gathering components and said at least one correlator and a high bandwidth connection between said control agent and each said data gathering component and said correlator . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (reading means) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20020083343A1 CLAIM 19 . A computer architecture for detecting intrusions , comprising : reading means (original data, second receiving, original data frames) for reading kernel records ; reformatting means for reformatting each of the read kernel records into a different format ; parsing means for parsing the records and comparing the parsed records against one or more templates . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (low bandwidth) , the node for transmitting original data (reading means) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020083343A1 CLAIM 6 . The computer architecture of claim 1 , wherein there is low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) connection between said control agent and each of said data gathering components and said at least one correlator and a high bandwidth connection between said control agent and each said data gathering component and said correlator . US20020083343A1 CLAIM 19 . A computer architecture for detecting intrusions , comprising : reading means (original data, second receiving, original data frames) for reading kernel records ; reformatting means for reformatting each of the read kernel records into a different format ; parsing means for parsing the records and comparing the parsed records against one or more templates . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (reading means) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020083343A1 CLAIM 19 . A computer architecture for detecting intrusions , comprising : reading means (original data, second receiving, original data frames) for reading kernel records ; reformatting means for reformatting each of the read kernel records into a different format ; parsing means for parsing the records and comparing the parsed records against one or more templates . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20020083343A1 CLAIM 1 . A computer architecture for an intrusion detection (intrusion attack) system , comprising : a control agent to interface with a management system and to monitor system activity ; at least one data gathering component which gathers kernel audit data and syslog data ; at least one correlator to interpret and analyzes the kernel audit data and the syslog data using at least one detection template . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (low bandwidth) operates according to any wireless network technology . |
US20020083343A1 CLAIM 6 . The computer architecture of claim 1 , wherein there is low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) connection between said control agent and each of said data gathering components and said at least one correlator and a high bandwidth connection between said control agent and each said data gathering component and said correlator . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (low bandwidth) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20020083343A1 CLAIM 6 . The computer architecture of claim 1 , wherein there is low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) connection between said control agent and each of said data gathering components and said at least one correlator and a high bandwidth connection between said control agent and each said data gathering component and said correlator . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (reading means) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020083343A1 CLAIM 19 . A computer architecture for detecting intrusions , comprising : reading means (original data, second receiving, original data frames) for reading kernel records ; reformatting means for reformatting each of the read kernel records into a different format ; parsing means for parsing the records and comparing the parsed records against one or more templates . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US20020083343A1 CLAIM 1 . A computer architecture for an intrusion detection (intrusion attack) system , comprising : a control agent to interface with a management system and to monitor system activity ; at least one data gathering component which gathers kernel audit data and syslog data ; at least one correlator to interpret and analyzes the kernel audit data and the syslog data using at least one detection template . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (low bandwidth) operates according to any wireless network technology . |
US20020083343A1 CLAIM 6 . The computer architecture of claim 1 , wherein there is low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) connection between said control agent and each of said data gathering components and said at least one correlator and a high bandwidth connection between said control agent and each said data gathering component and said correlator . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | EP1160646A2 Filed: 2001-05-22 Issued: 2001-12-05 Floating intrusion detection platforms (Original Assignee) AT&T Wireless Services Inc (Current Assignee) AT&T Wireless Services Inc Arturo Maria |
---|---|
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (software agent) based on the impersonation detected signal . |
EP1160646A2 CLAIM 1 A method for implementing an intrusion detection system in a network , comprising : receiving a request at a software agent (intrusion attack) program to initiate intrusion detection services on a remote computer ; installing intrusion detection software on said remote computer via said software agent program ; and executing said intrusion detection software on said remote computer via said software agent program . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (software agent) based on the impersonation detected signal . |
EP1160646A2 CLAIM 1 A method for implementing an intrusion detection system in a network , comprising : receiving a request at a software agent (intrusion attack) program to initiate intrusion detection services on a remote computer ; installing intrusion detection software on said remote computer via said software agent program ; and executing said intrusion detection software on said remote computer via said software agent program . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | EP1259026A1 Filed: 2001-05-15 Issued: 2002-11-20 Method and device for managing mobile nodes (Original Assignee) Motorola Solutions Inc (Current Assignee) Motorola Solutions Inc Claude Castelluccia, Thierry Ernst |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
EP1259026A1 CLAIM 3 A method of mobility management in a communications network (1) including the steps of : communicating a careof address of a mobile node (5) to a plurality of recipient correspondent nodes (2 , 3 , 4) , in which the step of communicating includes transmitting a data packet (incoming traffic) which includes the careof address and an address list of recipient correspondent nodes to a first of said recipient correspondent nodes (2) and thereon sequentially to the remaining recipient correspondent nodes (3 , 4) in the list . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
EP1259026A1 CLAIM 3 A method of mobility management in a communications network (1) including the steps of : communicating a careof address of a mobile node (5) to a plurality of recipient correspondent nodes (2 , 3 , 4) , in which the step of communicating includes transmitting a data packet (incoming traffic) which includes the careof address and an address list of recipient correspondent nodes to a first of said recipient correspondent nodes (2) and thereon sequentially to the remaining recipient correspondent nodes (3 , 4) in the list . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20020065938A1 Filed: 2001-05-15 Issued: 2002-05-30 Edge adapter architecture apparatus and method (Original Assignee) Cloudshield Tech Inc (Current Assignee) LOOKINGGLASS CYBER SOLUTIONS Inc Peder Jungck, Zahid Najam, Andrew Nguyen, Ramachandra-Rao Penke |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (other port) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20020065938A1 CLAIM 1 . An architecture for intercepting and processing packets transmitted from a source to a destination over a network , the architecture comprising : a packet interceptor coupled with said network and operative to selectively intercept said packets prior to receipt by said destination ; at least one primary processor coupled with said packet interceptor and operative to perform primary processing tasks on said intercepted packets , said at least one stateless processor including : at least two primary packet processors coupled in parallel , said processing of said intercepted packets being distributed among said at least two primary packet processors ; at least one second (intrusion detection module incoming data frames) ary processor coupled with said at least one stateless processor and operative to perform stateful processing tasks on said intercepted packets , said at least one secondary processor including : at least two secondary packet processors coupled in series with each other , each of said at least two secondary packet processors operative to perform a portion of said stateful processing tasks on said intercepted packets , a last one in said series of said at least two secondary packet processors being coupled with said network and operative to selectively release said intercepted packet back to said network . US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (other port) frames received over all the wireless channels allocated to the wireless node . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (other port) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (other port) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (other port) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (other port) . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (other port) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (other port) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20020065938A1 CLAIM 12 . The architecture of claim 1 , wherein one portion of said stateful processing tasks comprises inspection and analysis of said intercepted packets and another port (incoming data, incoming data frames, communication protocol) ion of said stateful processing tasks comprises performing an action on said intercepted packets . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | EP1154610A2 Filed: 2001-03-15 Issued: 2001-11-14 Methods and system for defeating TCP Syn flooding attacks (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Marc Lamberton, Eric Levy-Abegnoli, Pascal Thubert |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
EP1154610A2 CLAIM 1 A method for defeating , in a server unit [110] of an IP (Internet Protocol (communication protocol) ) network [105] , a SYN flooding attack , said server unit running TCP (Transport Control Protocol) to allow the establishment of one or more TCP connections [102] with one or more client units [100] , said method comprising the steps of : upon having activated TCP [400] in said server unit : listening [410 , 412] for the receiving of a SYN message sent [120] from one said client unit [100] ; upon receiving [414] a said SYN message : computing [420] an ISR (Initial Sequence number Receiver side) [131] ; responding [430] to said client unit [100] with a SYN-ACK message [130] including computed said ISR ; resuming [432] to said listening step . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20010012296A1 Filed: 2001-01-17 Issued: 2001-08-09 Multi-port network communication device with selective mac address filtering (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP Jon Burgess, Graeme Hickman, Shaun Paice, Dominic Ashworth, Paul Garner |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20010012296A1 CLAIM 1 . A multi-port network communication device including a plurality of ports for the reception and transmission of addressed data packet (incoming traffic) s which include media access control address data ; a forwarding mechanism for directing packets received at any of said plurality of ports to at least one of the plurality of ports , a memory for the selectively controllable storage of permitted media access control addresses , and means for restricting forwarding of packets from the device in response to an examination of media access control data in said packets and said permitted media access control addresses ; wherein said means for restricting prevents the forwarding of a unicast packet having a source address and a destination address when neither of those addresses in the unicast packet corresponds to a permitted media access control address , said device including means for comparing both the source address and the destination address of said unicast packet with said permitted media access control addresses |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20010012296A1 CLAIM 1 . A multi-port network communication device including a plurality of ports for the reception and transmission of addressed data packet (incoming traffic) s which include media access control address data ; a forwarding mechanism for directing packets received at any of said plurality of ports to at least one of the plurality of ports , a memory for the selectively controllable storage of permitted media access control addresses , and means for restricting forwarding of packets from the device in response to an examination of media access control data in said packets and said permitted media access control addresses ; wherein said means for restricting prevents the forwarding of a unicast packet having a source address and a destination address when neither of those addresses in the unicast packet corresponds to a permitted media access control address , said device including means for comparing both the source address and the destination address of said unicast packet with said permitted media access control addresses |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6580372B1 Filed: 2000-06-06 Issued: 2003-06-17 Automatic electronic device detection (Original Assignee) Scott C. Harris Scott C. Harris |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (processing element) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (processing element) . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (processing element) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (taking action) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (processing element) . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action (incoming traffic) based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (processing element) resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (processing element) is integrated within the wireless node . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (processing element) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (taking action) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action (incoming traffic) based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6580372B1 CLAIM 1 . A system comprising : a location detector , operating to automatically detect a location of a communicating device ; a processing element (intrusion detection module, impersonation detection signal) , receiving information from said location detector , and deternmining if a location represented by said information matches one of a plurality of use-restricted locations representing a location of a station for dispensing hazardous materials ; and an action producing element , taking action based on detecting said matching to permit communication to specified parties , but does not permit communication to others . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6647418B1 Filed: 2000-05-26 Issued: 2003-11-11 Method and apparatus for filtering packets using a dedicated processor (Original Assignee) AT&T Wireless Services Inc (Current Assignee) AT&T Mobility II LLC ; AT&T Wireless Services Inc Arturo Maria, Leslie Dale Owens |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6647418B1 CLAIM 9 . The apparatus of claim 1 , wherein said output means comprises means for forwarding data packets to a single end user (transmission channels) terminal . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology (dynamic random access memory) . |
US6647418B1 CLAIM 3 . The apparatus of claim 2 , wherein said first memory comprises dynamic random access memory (wireless network technology) . US6647418B1 CLAIM 8 . The apparatus of claim 1 , wherein said first network is a fixed wireless network (wireless network) , and said input means comprises means for receiving said data packets from said fixed wireless network . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6647418B1 CLAIM 8 . The apparatus of claim 1 , wherein said first network is a fixed wireless network (wireless network) , and said input means comprises means for receiving said data packets from said fixed wireless network . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6647418B1 CLAIM 9 . The apparatus of claim 1 , wherein said output means comprises means for forwarding data packets to a single end user (transmission channels) terminal . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology (dynamic random access memory) . |
US6647418B1 CLAIM 3 . The apparatus of claim 2 , wherein said first memory comprises dynamic random access memory (wireless network technology) . US6647418B1 CLAIM 8 . The apparatus of claim 1 , wherein said first network is a fixed wireless network (wireless network) , and said input means comprises means for receiving said data packets from said fixed wireless network . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6519703B1 Filed: 2000-04-14 Issued: 2003-02-11 Methods and apparatus for heuristic firewall (Original Assignee) James B. Joyce (Current Assignee) Bandura Cyber Inc James B. Joyce |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (processing element) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (processing element) . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (processing element) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (frequency domain) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (processing element) . |
US6519703B1 CLAIM 13 . A method in accordance with claim 1 wherein analyzing a packet stream utilizing a plurality of differently-trained heuristic stages comprises analyzing a packet stream utilizing a heuristic stage trained to analyze packet streams transformed into a frequency domain (transmission channels) . US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (processing element) resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (processing element) is integrated within the wireless node . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (processing element) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (frequency domain) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6519703B1 CLAIM 13 . A method in accordance with claim 1 wherein analyzing a packet stream utilizing a plurality of differently-trained heuristic stages comprises analyzing a packet stream utilizing a heuristic stage trained to analyze packet streams transformed into a frequency domain (transmission channels) . US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6519703B1 CLAIM 37 . A firewall in accordance with claim 35 wherein said first heuristic stage comprises an input layer comprising a plurality of input layer processing element (intrusion detection module, impersonation detection signal) s , at least one hidden layer of processing elements , and an output layer of processing elements . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6338082B1 Filed: 2000-03-15 Issued: 2002-01-08 Method, product, and apparatus for requesting a network resource (Original Assignee) Eric Schneider (Current Assignee) Mec Management LLC Eric Schneider |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (network bandwidth) . |
US6338082B1 CLAIM 3 . A method , as set forth in claim 2 , wherein said step of determining whether the valid domain name is resolvable includes the step of minimizing the network bandwidth (time interval, data processing unit) required to determine whether the valid domain name is resolvable . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (network bandwidth) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6338082B1 CLAIM 3 . A method , as set forth in claim 2 , wherein said step of determining whether the valid domain name is resolvable includes the step of minimizing the network bandwidth (time interval, data processing unit) required to determine whether the valid domain name is resolvable . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (network bandwidth) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6338082B1 CLAIM 3 . A method , as set forth in claim 2 , wherein said step of determining whether the valid domain name is resolvable includes the step of minimizing the network bandwidth (time interval, data processing unit) required to determine whether the valid domain name is resolvable . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6343212B1 Filed: 2000-03-10 Issued: 2002-01-29 Outputting a warning signal when approaching a protected area warning of an impending mode change (Original Assignee) Sony International Europe GmbH (Current Assignee) Sony International Europe GmbH Matthias Weber, Gregor Winkler |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (time period) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6343212B1 CLAIM 1 . A base station for protecting a predetermined area from disturbing usage of mobile terminals of a wireless communication (wireless communication) s system , comprising : a generator for generating mode change information for changing an operation mode of said mobile terminals to prevent said mobile terminals from operating in a disturbing mode , and for generating identifying information representing at least one group of mobile terminals that receive said mode change information but are excluded from changing their operation mode ; and a transmitter coupled to said generator for transmitting said generated mode change information and said identifying information within said predetermined area by means of system information messages on a broadcast control channel of said wireless communication system . US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (time period) . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (time period) comprises frames that allow statistical comparisons . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (time period) transmitted over a time interval . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (time period) . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (time period) received over all the wireless channels allocated to the wireless node . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (time period) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames (time period) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6343212B1 CLAIM 1 . A base station for protecting a predetermined area from disturbing usage of mobile terminals of a wireless communication (wireless communication) s system , comprising : a generator for generating mode change information for changing an operation mode of said mobile terminals to prevent said mobile terminals from operating in a disturbing mode , and for generating identifying information representing at least one group of mobile terminals that receive said mode change information but are excluded from changing their operation mode ; and a transmitter coupled to said generator for transmitting said generated mode change information and said identifying information within said predetermined area by means of system information messages on a broadcast control channel of said wireless communication system . US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (time period) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6343212B1 CLAIM 17 . A mobile terminal for a wireless cellular telecommunication system , comprising : transmitting and receiving means (transmitting unit) for transmitting information to and receiving information from base stations of said telecommunication system and for receiving mode change information transmitted from a base station by means of system information messages on a broadcast control channel of said wireless telecommunication system for protecting a predetermined area from disturbing usage of the mobile terminal ; and control means for detecting received mode change information and a mode of the mobile terminal depending on the received change information so that said predetermined area is protected , wherein in a case of being located in a cell adjacent to said predetermined area said transmitting and receiving means receives information on the position of said broadcast control channel of the base station for protecting said predetermined area , said control means determines the receiving power of said broadcast control channel of the base station and outputs an alarm signal to a user either through audible sounds or signaling means that a mode of the mobile terminal will soon be changed . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (time period) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (time period) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6343212B1 CLAIM 19 . The mobile terminal according to claim 17 , including a timing means for calculating the time period (data frames) since the last reception and detection of said mode change information and for comparing said time period with a predetermined time threshold , whereby the mobile terminal is reset to an original mode in the event that the time period exceeds said time threshold . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6362736B1 Filed: 2000-01-04 Issued: 2002-03-26 Method and apparatus for automatic recovery of a stolen object (Original Assignee) Nokia of America Corp (Current Assignee) SOUND VIEW INNOVATIONS LLC ; Alcatel Lucent SAS Narayan L. Gehlot |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface (wireless interface) ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6362736B1 CLAIM 24 . A system for automatically locating a personal electronic object , said object having at least two global positioning system receivers and at least two wireless communication (wireless communication) interfaces , the system comprising : a stimulus sensor ; and a security controller ; wherein said security controller , in response to a signal from said stimulus sensor , utilizes at least one of said global positioning system receivers to determine a location of the personal electronic object and manages transmission of the location through at least one of said at least two wireless communication interfaces . US6362736B1 CLAIM 32 . A device for automatically locating a personal electronic object comprising : at least two wireless interface (wireless interface) s ; at least two location sensors ; and a security controller ; wherein said security controller compares a location of the personal electronic object determined with at least one of said at least two location sensors to determine if said location is within a predefined boundary , when said location is not within said predefined boundary then said security controller transmits said location through at least one of said at least two wireless interfaces . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface (wireless interface) comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6362736B1 CLAIM 24 . A system for automatically locating a personal electronic object , said object having at least two global positioning system receivers and at least two wireless communication (wireless communication) interfaces , the system comprising : a stimulus sensor ; and a security controller ; wherein said security controller , in response to a signal from said stimulus sensor , utilizes at least one of said global positioning system receivers to determine a location of the personal electronic object and manages transmission of the location through at least one of said at least two wireless communication interfaces . US6362736B1 CLAIM 32 . A device for automatically locating a personal electronic object comprising : at least two wireless interface (wireless interface) s ; at least two location sensors ; and a security controller ; wherein said security controller compares a location of the personal electronic object determined with at least one of said at least two location sensors to determine if said location is within a predefined boundary , when said location is not within said predefined boundary then said security controller transmits said location through at least one of said at least two wireless interfaces . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface (wireless interface) ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6362736B1 CLAIM 32 . A device for automatically locating a personal electronic object comprising : at least two wireless interface (wireless interface) s ; at least two location sensors ; and a security controller ; wherein said security controller compares a location of the personal electronic object determined with at least one of said at least two location sensors to determine if said location is within a predefined boundary , when said location is not within said predefined boundary then said security controller transmits said location through at least one of said at least two wireless interfaces . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6149353A Filed: 1999-12-16 Issued: 2000-11-21 Wireless prepaid telephone system with dispensable intruments (Original Assignee) KUYPER REENA (ONE-EIGHTH INTEREST) (Current Assignee) Dot 23 Technologies LLC Byard G. Nilsson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (unique control) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6149353A CLAIM 12 . A wireless telephone instrument for prepaid use with an approving central station to communicate with remote stations through a public switched telephone network , comprising : a housing configured in a compact form and defining an interior space ; an earphone fixed to said housing for providing voice sounds from audio signals ; a microphone fixed to said housing for providing audio signals representative of voice sounds ; a power supply ; a switch coupled to said power supply to energize said instrument ; a transceiver fixed to said housing and connected to said earphone for wireless communication (wireless communication) with said approving central station and selected ones of said remote stations ; and a control unit fixed to said housing and including a memory for storing data on said wireless telephone instrument including identification data , said control unit operating initially with said transceiver to transmit data including identification data from said memory to said approving central station upon said instrument being energized , and thereafter operating with the transceiver and the microphone to then transmit voice data including spoken numbers for identifying remote stations . US6149353A CLAIM 29 . A wireless telephone system for use with wireless telephone instruments individually prepaid for limited use , said system for enabling limited telecommunication from said wireless telephone instruments to other telephone instruments through a dial-up network , said system comprising : a voice generator for providing vocal cues ; a voice detector for translating voice representations to digital telephone signals ; a platform for interfacing said wireless telephone instruments to provide vocal cues from said voice generator to said wireless telephone instruments and to receive identification data and voice representations from said wireless telephone instruments for providing digital telephone signals ; a memory for storing prepaid balances for said wireless telephone instruments ; and control means for controlling said voice detector to receive voice signals from the wireless telephone instruments selectively : to dial-up a target telephone through said network in accordance with said voice representations from said wireless telephone instruments , to express vocal communication and to express a unique control (original data, original data frames, communication protocol) code for commanding a specific control operation . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (unique control) frames . |
US6149353A CLAIM 29 . A wireless telephone system for use with wireless telephone instruments individually prepaid for limited use , said system for enabling limited telecommunication from said wireless telephone instruments to other telephone instruments through a dial-up network , said system comprising : a voice generator for providing vocal cues ; a voice detector for translating voice representations to digital telephone signals ; a platform for interfacing said wireless telephone instruments to provide vocal cues from said voice generator to said wireless telephone instruments and to receive identification data and voice representations from said wireless telephone instruments for providing digital telephone signals ; a memory for storing prepaid balances for said wireless telephone instruments ; and control means for controlling said voice detector to receive voice signals from the wireless telephone instruments selectively : to dial-up a target telephone through said network in accordance with said voice representations from said wireless telephone instruments , to express vocal communication and to express a unique control (original data, original data frames, communication protocol) code for commanding a specific control operation . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (unique control) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6149353A CLAIM 29 . A wireless telephone system for use with wireless telephone instruments individually prepaid for limited use , said system for enabling limited telecommunication from said wireless telephone instruments to other telephone instruments through a dial-up network , said system comprising : a voice generator for providing vocal cues ; a voice detector for translating voice representations to digital telephone signals ; a platform for interfacing said wireless telephone instruments to provide vocal cues from said voice generator to said wireless telephone instruments and to receive identification data and voice representations from said wireless telephone instruments for providing digital telephone signals ; a memory for storing prepaid balances for said wireless telephone instruments ; and control means for controlling said voice detector to receive voice signals from the wireless telephone instruments selectively : to dial-up a target telephone through said network in accordance with said voice representations from said wireless telephone instruments , to express vocal communication and to express a unique control (original data, original data frames, communication protocol) code for commanding a specific control operation . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data (unique control) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (transfer command) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6149353A CLAIM 8 . A process of wireless operation whereby a plurality of wireless telephone instruments are interfaced with a public switched telephone network to communicate with other telephone terminals , comprising the steps of : upon actuation of a wireless telephone instrument to be active , receiving identification data registered by the active wireless telephone instrument to identify the active wireless telephone instrument ; testing received identification data for the active wireless telephone instrument for calling approval ; cueing the active wireless telephone instrument for spoken calling data signals to identify a called telephone terminal ; bridging the active wireless telephone instrument through the public switched telephone network to the called telephone terminal for communication between the active wireless telephone instrument and the called telephone terminal ; and monitoring the spoken calling data signals for a transfer command (air interface, data processing unit) and responsively transferring the active wireless telephone instrument . US6149353A CLAIM 12 . A wireless telephone instrument for prepaid use with an approving central station to communicate with remote stations through a public switched telephone network , comprising : a housing configured in a compact form and defining an interior space ; an earphone fixed to said housing for providing voice sounds from audio signals ; a microphone fixed to said housing for providing audio signals representative of voice sounds ; a power supply ; a switch coupled to said power supply to energize said instrument ; a transceiver fixed to said housing and connected to said earphone for wireless communication (wireless communication) with said approving central station and selected ones of said remote stations ; and a control unit fixed to said housing and including a memory for storing data on said wireless telephone instrument including identification data , said control unit operating initially with said transceiver to transmit data including identification data from said memory to said approving central station upon said instrument being energized , and thereafter operating with the transceiver and the microphone to then transmit voice data including spoken numbers for identifying remote stations . US6149353A CLAIM 29 . A wireless telephone system for use with wireless telephone instruments individually prepaid for limited use , said system for enabling limited telecommunication from said wireless telephone instruments to other telephone instruments through a dial-up network , said system comprising : a voice generator for providing vocal cues ; a voice detector for translating voice representations to digital telephone signals ; a platform for interfacing said wireless telephone instruments to provide vocal cues from said voice generator to said wireless telephone instruments and to receive identification data and voice representations from said wireless telephone instruments for providing digital telephone signals ; a memory for storing prepaid balances for said wireless telephone instruments ; and control means for controlling said voice detector to receive voice signals from the wireless telephone instruments selectively : to dial-up a target telephone through said network in accordance with said voice representations from said wireless telephone instruments , to express vocal communication and to express a unique control (original data, original data frames, communication protocol) code for commanding a specific control operation . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit (said area) for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (transfer command) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6149353A CLAIM 8 . A process of wireless operation whereby a plurality of wireless telephone instruments are interfaced with a public switched telephone network to communicate with other telephone terminals , comprising the steps of : upon actuation of a wireless telephone instrument to be active , receiving identification data registered by the active wireless telephone instrument to identify the active wireless telephone instrument ; testing received identification data for the active wireless telephone instrument for calling approval ; cueing the active wireless telephone instrument for spoken calling data signals to identify a called telephone terminal ; bridging the active wireless telephone instrument through the public switched telephone network to the called telephone terminal for communication between the active wireless telephone instrument and the called telephone terminal ; and monitoring the spoken calling data signals for a transfer command (air interface, data processing unit) and responsively transferring the active wireless telephone instrument . US6149353A CLAIM 20 . A system according to claim 17 wherein said data for a wireless telephone instrument includes area data and said central control unit verifies the use of a wireless telephone instrument based on said area (first receiving unit) data . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (unique control) . |
US6149353A CLAIM 29 . A wireless telephone system for use with wireless telephone instruments individually prepaid for limited use , said system for enabling limited telecommunication from said wireless telephone instruments to other telephone instruments through a dial-up network , said system comprising : a voice generator for providing vocal cues ; a voice detector for translating voice representations to digital telephone signals ; a platform for interfacing said wireless telephone instruments to provide vocal cues from said voice generator to said wireless telephone instruments and to receive identification data and voice representations from said wireless telephone instruments for providing digital telephone signals ; a memory for storing prepaid balances for said wireless telephone instruments ; and control means for controlling said voice detector to receive voice signals from the wireless telephone instruments selectively : to dial-up a target telephone through said network in accordance with said voice representations from said wireless telephone instruments , to express vocal communication and to express a unique control (original data, original data frames, communication protocol) code for commanding a specific control operation . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (transfer command) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6149353A CLAIM 8 . A process of wireless operation whereby a plurality of wireless telephone instruments are interfaced with a public switched telephone network to communicate with other telephone terminals , comprising the steps of : upon actuation of a wireless telephone instrument to be active , receiving identification data registered by the active wireless telephone instrument to identify the active wireless telephone instrument ; testing received identification data for the active wireless telephone instrument for calling approval ; cueing the active wireless telephone instrument for spoken calling data signals to identify a called telephone terminal ; bridging the active wireless telephone instrument through the public switched telephone network to the called telephone terminal for communication between the active wireless telephone instrument and the called telephone terminal ; and monitoring the spoken calling data signals for a transfer command (air interface, data processing unit) and responsively transferring the active wireless telephone instrument . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit (said area) for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (transfer command) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6149353A CLAIM 8 . A process of wireless operation whereby a plurality of wireless telephone instruments are interfaced with a public switched telephone network to communicate with other telephone terminals , comprising the steps of : upon actuation of a wireless telephone instrument to be active , receiving identification data registered by the active wireless telephone instrument to identify the active wireless telephone instrument ; testing received identification data for the active wireless telephone instrument for calling approval ; cueing the active wireless telephone instrument for spoken calling data signals to identify a called telephone terminal ; bridging the active wireless telephone instrument through the public switched telephone network to the called telephone terminal for communication between the active wireless telephone instrument and the called telephone terminal ; and monitoring the spoken calling data signals for a transfer command (air interface, data processing unit) and responsively transferring the active wireless telephone instrument . US6149353A CLAIM 20 . A system according to claim 17 wherein said data for a wireless telephone instrument includes area data and said central control unit verifies the use of a wireless telephone instrument based on said area (first receiving unit) data . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6363489B1 Filed: 1999-11-29 Issued: 2002-03-26 Method for automatic intrusion detection and deflection in a network (Original Assignee) Forescout Technologies Inc (Current Assignee) Forescout Technologies Inc Oded Comay, Doron Shikmoni, Yehezkel Yeshurun, Oded Amir |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (intrusion detection module) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (intrusion detection module) . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (intrusion detection module) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (intrusion detection module) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (one packet) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6363489B1 CLAIM 10 . The method of claim 9 , wherein the communication is performed with a plurality of packets , the network features a plurality of nodes and said intrusion procedure is said scan , such that step (b) further comprises the steps of : (i) analyzing a plurality of packets from said plurality of nodes ; (ii) determining a profile of ranges of legitimate packet behavior ; and (iii) if at least one packet (transmission channels) from the unauthorized source lies outside said ranges , determining a probability that said scan is being performed . US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (intrusion detection module) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (intrusion detection module) resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (intrusion detection module) is integrated within the wireless node . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (intrusion detection module) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (intrusion detection module) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (one packet) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6363489B1 CLAIM 10 . The method of claim 9 , wherein the communication is performed with a plurality of packets , the network features a plurality of nodes and said intrusion procedure is said scan , such that step (b) further comprises the steps of : (i) analyzing a plurality of packets from said plurality of nodes ; (ii) determining a profile of ranges of legitimate packet behavior ; and (iii) if at least one packet (transmission channels) from the unauthorized source lies outside said ranges , determining a probability that said scan is being performed . US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (intrusion detection module) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6363489B1 CLAIM 15 . A system for detecting and handling the communication from an unauthorized source on a network , the system comprising : (a) An entry point to the network such that the communication passes through said entry point to reach the network ; (b) An earmark provisioning module for preparing earmarks for sending to unauthorized source , such that said earmarks are specially crafted false data that will identify an unauthorized source ; (c) An intrusion detection module (intrusion detection module) for analyzing the communication and for detecting said earmark in the communication ; and (d) An intrusion-handling module for handling the communication if said earmark is detected by said intrusion detection module . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6281790B1 Filed: 1999-09-01 Issued: 2001-08-28 Method and apparatus for remotely monitoring a site (Original Assignee) Net Talon Security Systems Inc (Current Assignee) NetTalon Security Systems Inc ; Net Talon Security Systems Inc David E. Kimmel, James T. Byrne, Jr., Donald R. Jones, Jr., Ronald Dobois |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (remote monitoring) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (remote monitoring) . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (remote monitoring) comprises frames that allow statistical comparisons . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (remote monitoring) transmitted over a time interval . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (remote monitoring) . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (remote monitoring) received over all the wireless channels allocated to the wireless node . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (remote monitoring) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (remote monitoring) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (remote monitoring) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US6281790B1 CLAIM 16 . Apparatus according to claim 15 , wherein said mobile computer accesses said information via a wireless network (wireless network) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames (remote monitoring) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . US6281790B1 CLAIM 16 . Apparatus according to claim 15 , wherein said mobile computer accesses said information via a wireless network (wireless network) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (remote monitoring) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6281790B1 CLAIM 12 . Apparatus according to claim 1 , comprising : a remote monitoring (data frames) system which can access said information . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US6281790B1 CLAIM 16 . Apparatus according to claim 15 , wherein said mobile computer accesses said information via a wireless network (wireless network) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030147518A1 Filed: 1999-06-30 Issued: 2003-08-07 Methods and apparatus to deliver caller identification information (Original Assignee) Motorola Solutions Inc (Current Assignee) Motorola Solutions Inc Nandakishore A. Albal, James E. Gauger |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (third communication) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030147518A1 CLAIM 6 . The method of claim 1 further comprising the step of providing the name of the caller to a third communication (second receiving) device of the subscriber . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (remote data) . |
US20030147518A1 CLAIM 14 . The method of claim 1 further comprising the step of directing the communication node to access a remote data (wireless network technology) base to identify at least one of a name and location of the caller . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (third communication) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030147518A1 CLAIM 6 . The method of claim 1 further comprising the step of providing the name of the caller to a third communication (second receiving) device of the subscriber . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (remote data) . |
US20030147518A1 CLAIM 14 . The method of claim 1 further comprising the step of directing the communication node to access a remote data (wireless network technology) base to identify at least one of a name and location of the caller . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6550012B1 Filed: 1999-06-08 Issued: 2003-04-15 Active firewall system and methodology (Original Assignee) Network Associates Inc (Current Assignee) McAfee LLC Emilio Villa, Adrian Zidaritz, Michael David Varga, Gerhard Eschelbeck, Michael Kevin Jones, Mark James McArdle |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6550012B1 CLAIM 15 . The method of claim 14 , wherein each certogram comprises information (second receiving unit) organized into attribute/value format . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6550012B1 CLAIM 15 . The method of claim 14 , wherein each certogram comprises information (second receiving unit) organized into attribute/value format . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6553028B1 Filed: 1999-04-30 Issued: 2003-04-22 Method and apparatus for multicast switching using a centralized switching engine (Original Assignee) Cisco Technology Inc (Current Assignee) Cisco Technology Inc Cheng Tang, Chickayya G. Naik, Jonathan Davar, Yiqun Cai |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (n group) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (subsequent frame) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6553028B1 CLAIM 4 . The method of claim 3 further comprising the step of creating a shortcut install type/length/value (TLV) structure defining the multicast flow at the MSS , the shortcut install TVL containing a source IP address (IP SA) of the packet , a destination group (wireless communication) IP address (IP DA) of the packet , an incoming interface virtual local area network (VLAN) identifier (ID) of the packet and a list of outgoing interface VLAN IDs for receiving the packet . US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (subsequent frame) received over all the wireless channels allocated to the wireless node . |
US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (subsequent frame) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (n group) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (subsequent frame) received over the air interface (acknowledgment message) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6553028B1 CLAIM 4 . The method of claim 3 further comprising the step of creating a shortcut install type/length/value (TLV) structure defining the multicast flow at the MSS , the shortcut install TVL containing a source IP address (IP SA) of the packet , a destination group (wireless communication) IP address (IP DA) of the packet , an incoming interface virtual local area network (VLAN) identifier (ID) of the packet and a list of outgoing interface VLAN IDs for receiving the packet . US6553028B1 CLAIM 10 . The method of claim 9 further comprising the steps of , after programming the table structures to establish the hardware shortcut at the switch for the multicast flow : creating a positive acknowledgment message (air interface) at the MSC ; and responding to the SCCM transmitted by the MSS with the acknowledgment message . US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (subsequent frame) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (subsequent frame) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (subsequent frame) received from the air interface (acknowledgment message) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6553028B1 CLAIM 10 . The method of claim 9 further comprising the steps of , after programming the table structures to establish the hardware shortcut at the switch for the multicast flow : creating a positive acknowledgment message (air interface) at the MSC ; and responding to the SCCM transmitted by the MSS with the acknowledgment message . US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (subsequent frame) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (subsequent frame) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6553028B1 CLAIM 30 . The method of claim 1 , further comprising : accessing the switch hardware shortcut using a IP SA , IP DA and incoming VLAN ID of the subsequent frame (incoming traffic, incoming data frames) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6393484B1 Filed: 1999-04-12 Issued: 2002-05-21 System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Leonardo C. Massarani |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6393484B1 CLAIM 7 . In a controlled or shared access network including a layered communication system ; a DHCP server and database ; an Address Resolution Protocol (ARP) installed in the network ; an authentication server and a timer for limiting authentication of a user/device to access the network , a method of preventing unauthorized user/devices from obtaining shared network services , comprising the steps of : a) initiating a DHCP exchange by a user/device in an attempt to obtain a valid IP address ; b) initiating a MAC broadcast DHCP request for an IP address which contains the user/device MAC address ; c) forwarding the request to a DHCP server for processing and extraction of the user/device MAC address ; d) accessing the database to determine if the user/device is registered ; e) refusing to handle the request if the user/device MAC address is not registered and invalid ; f) selecting an appropriate IP address to return to the end user (transmission channels) if the address is registered and valid ; g) adding an ARP IP to the MAC address with the selected IP address and the user/device MAC address ; and h) granting provisional access to the user/device within a timer period during which the user is authenticated or access is revoked ; i) disabling the Address Resolution Protocol (ARP) in the router/switches for MAC addresses in a table at the access points prior t receiving user/device requests for access to the network . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (access points) . |
US6393484B1 CLAIM 1 . In a dynamic user/device environment , a system preventing unauthorized user/devices from accessing a shared IP network , comprising : a) a plurality of router/switches in a layered communication system coupled to the user/devices at access points (wireless network technology) ; b) a Dynamic Host Control Protocol (DHCP) server and database coupled to the router/switches ; c) means for storing in the database user/device registration information including a Medium Access Control (MAC) address ; d) means for disabling Address Resolution Protocol (ARP) in the router/switches for MAC addresses in a table at the access points ; e) means for initiating a user/device request including a MAC address with the DHCP server for access to the network ; f) means for determining from the request whether the MAC address is registered in the database for the user/device ; g) means for selecting an appropriate IP address if the user/device is registered or refusing to handle the request if the MAC address is not registered : and h) means for adding an ARP to the MAC address table at the router/switch for the selected IP address and user/device MAC address whereby the user/device has provisional access to the network . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (end user) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6393484B1 CLAIM 7 . In a controlled or shared access network including a layered communication system ; a DHCP server and database ; an Address Resolution Protocol (ARP) installed in the network ; an authentication server and a timer for limiting authentication of a user/device to access the network , a method of preventing unauthorized user/devices from obtaining shared network services , comprising the steps of : a) initiating a DHCP exchange by a user/device in an attempt to obtain a valid IP address ; b) initiating a MAC broadcast DHCP request for an IP address which contains the user/device MAC address ; c) forwarding the request to a DHCP server for processing and extraction of the user/device MAC address ; d) accessing the database to determine if the user/device is registered ; e) refusing to handle the request if the user/device MAC address is not registered and invalid ; f) selecting an appropriate IP address to return to the end user (transmission channels) if the address is registered and valid ; g) adding an ARP IP to the MAC address with the selected IP address and the user/device MAC address ; and h) granting provisional access to the user/device within a timer period during which the user is authenticated or access is revoked ; i) disabling the Address Resolution Protocol (ARP) in the router/switches for MAC addresses in a table at the access points prior t receiving user/device requests for access to the network . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (access points) . |
US6393484B1 CLAIM 1 . In a dynamic user/device environment , a system preventing unauthorized user/devices from accessing a shared IP network , comprising : a) a plurality of router/switches in a layered communication system coupled to the user/devices at access points (wireless network technology) ; b) a Dynamic Host Control Protocol (DHCP) server and database coupled to the router/switches ; c) means for storing in the database user/device registration information including a Medium Access Control (MAC) address ; d) means for disabling Address Resolution Protocol (ARP) in the router/switches for MAC addresses in a table at the access points ; e) means for initiating a user/device request including a MAC address with the DHCP server for access to the network ; f) means for determining from the request whether the MAC address is registered in the database for the user/device ; g) means for selecting an appropriate IP address if the user/device is registered or refusing to handle the request if the MAC address is not registered : and h) means for adding an ARP to the MAC address table at the router/switch for the selected IP address and user/device MAC address whereby the user/device has provisional access to the network . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6338089B1 Filed: 1999-03-31 Issued: 2002-01-08 Method and system for providing session pools for high performance web browser and server communications (Original Assignee) Bull HN Information Systems Inc (Current Assignee) Bull HN Information Systems Inc Cian M. Quinlan |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (predetermined value) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6338089B1 CLAIM 2 . The method of claim 1 wherein the predetermined field is a session context field within each URL coded to specify a predetermined value (second receiving unit) for signaling when a session connection is to be established by the TPG component using an available pre-established session connection from one of the number of session pools . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (predetermined value) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6338089B1 CLAIM 2 . The method of claim 1 wherein the predetermined field is a session context field within each URL coded to specify a predetermined value (second receiving unit) for signaling when a session connection is to be established by the TPG component using an available pre-established session connection from one of the number of session pools . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6609205B1 Filed: 1999-03-18 Issued: 2003-08-19 Network intrusion detection signature analysis using decision graphs (Original Assignee) Cisco Technology Inc (Current Assignee) Cisco Technology Inc Thomas E. Bernhard, Steven D. Shanklin, Gerald S. Lathem |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (incoming data) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (incoming data) frames received over all the wireless channels allocated to the wireless node . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (incoming data) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (incoming data) frames received over the air interface (multiple sessions) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . US6609205B1 CLAIM 4 . The method of claim 1 , wherein at least one event is of a type indicated by information across multiple sessions (air interface) said datastream . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (incoming data) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (incoming data) frames received from the air interface (multiple sessions) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . US6609205B1 CLAIM 4 . The method of claim 1 , wherein at least one event is of a type indicated by information across multiple sessions (air interface) said datastream . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (incoming data) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6609205B1 CLAIM 1 . A method of using a signature processor to detect signatures in an incoming data (incoming data) stream , the signatures representing intrusion to a local network , comprising the steps of : selecting at least two reference signatures having at least one common event ; representing each said common event as a node of a decision graph ; representing a non-common event associated with each signature as a subsequent level node of said decision graph ; defining at least one function for each said signature , for determining a transition between nodes associated with that signature ; providing events indicated by said datastream as input to said decision graph ; and traversing said decision graph so as to determine whether said events comprise a signature that matches one of said reference signatures ; wherein said events are of at least one event type . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6651168B1 Filed: 1999-01-29 Issued: 2003-11-18 Authentication framework for multiple authentication processes and mechanisms (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp I-Lung Kao, Ivan Matthew Milman, David J. Schneider, Ronald Gene Willard |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (having access) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (authentication method) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6651168B1 CLAIM 1 . An authentication subsystem for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : a first conversation function driver coupled to a first authentication module , defining a first programmed sequence of steps to authenticate a user with a first authentication process , said first driver having access (wireless communication network, wireless network technology) to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; a second conversation function driver coupled to a second authentication module , defining a second programmed sequence of steps to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; an authentication framework in the computer system ; and a generic conversation function including an interpreter/processor in the authentication framework coupled to the user display and input device , defining a generic programmed sequence of steps for selectively re-configuring the user display and input device layouts and a command line interface in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to selectively re-configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to selectively re-configure the user display and input device for authenticating a user during the second authentication process . US6651168B1 CLAIM 8 . An authentication method (original data) for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : defining a first programmed sequence of steps in a first conversation function driver coupled to a first authentication module , to authenticate a user with a first authentication process , said first driver having access to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; defining a second programmed sequence of steps in a second conversation function driver coupled to a second authentication module , to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; and defining a generic programmed sequence of steps in a generic conversation function including an interpreter/processor in an authentication framework coupled to the user display and input device , for selectively re-configuring the user display and input device layouts and a command line in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to re- configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to re-configure the user display and input device for authenticating a user during the second authentication process . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (authentication method) frames . |
US6651168B1 CLAIM 8 . An authentication method (original data) for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : defining a first programmed sequence of steps in a first conversation function driver coupled to a first authentication module , to authenticate a user with a first authentication process , said first driver having access to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; defining a second programmed sequence of steps in a second conversation function driver coupled to a second authentication module , to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; and defining a generic programmed sequence of steps in a generic conversation function including an interpreter/processor in an authentication framework coupled to the user display and input device , for selectively re-configuring the user display and input device layouts and a command line in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to re- configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to re-configure the user display and input device for authenticating a user during the second authentication process . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (authentication method) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6651168B1 CLAIM 8 . An authentication method (original data) for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : defining a first programmed sequence of steps in a first conversation function driver coupled to a first authentication module , to authenticate a user with a first authentication process , said first driver having access to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; defining a second programmed sequence of steps in a second conversation function driver coupled to a second authentication module , to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; and defining a generic programmed sequence of steps in a generic conversation function including an interpreter/processor in an authentication framework coupled to the user display and input device , for selectively re-configuring the user display and input device layouts and a command line in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to re- configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to re-configure the user display and input device for authenticating a user during the second authentication process . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (having access) , the node for transmitting original data (authentication method) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6651168B1 CLAIM 1 . An authentication subsystem for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : a first conversation function driver coupled to a first authentication module , defining a first programmed sequence of steps to authenticate a user with a first authentication process , said first driver having access (wireless communication network, wireless network technology) to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; a second conversation function driver coupled to a second authentication module , defining a second programmed sequence of steps to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; an authentication framework in the computer system ; and a generic conversation function including an interpreter/processor in the authentication framework coupled to the user display and input device , defining a generic programmed sequence of steps for selectively re-configuring the user display and input device layouts and a command line interface in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to selectively re-configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to selectively re-configure the user display and input device for authenticating a user during the second authentication process . US6651168B1 CLAIM 8 . An authentication method (original data) for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : defining a first programmed sequence of steps in a first conversation function driver coupled to a first authentication module , to authenticate a user with a first authentication process , said first driver having access to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; defining a second programmed sequence of steps in a second conversation function driver coupled to a second authentication module , to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; and defining a generic programmed sequence of steps in a generic conversation function including an interpreter/processor in an authentication framework coupled to the user display and input device , for selectively re-configuring the user display and input device layouts and a command line in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to re- configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to re-configure the user display and input device for authenticating a user during the second authentication process . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (having access) . |
US6651168B1 CLAIM 1 . An authentication subsystem for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : a first conversation function driver coupled to a first authentication module , defining a first programmed sequence of steps to authenticate a user with a first authentication process , said first driver having access (wireless communication network, wireless network technology) to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; a second conversation function driver coupled to a second authentication module , defining a second programmed sequence of steps to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; an authentication framework in the computer system ; and a generic conversation function including an interpreter/processor in the authentication framework coupled to the user display and input device , defining a generic programmed sequence of steps for selectively re-configuring the user display and input device layouts and a command line interface in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to selectively re-configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to selectively re-configure the user display and input device for authenticating a user during the second authentication process . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (having access) . |
US6651168B1 CLAIM 1 . An authentication subsystem for enabling a computer system to authenticate a user with a selected one of a plurality of authentication processes , each having a distinct sequence of steps and a unique input/output (I/O) interface for exchanging authentication information with the computer system , comprising : a first conversation function driver coupled to a first authentication module , defining a first programmed sequence of steps to authenticate a user with a first authentication process , said first driver having access (wireless communication network, wireless network technology) to first display configuration information and first input device configuration information used during said first authentication process , to configure a user display and input device for the first authentication process ; a second conversation function driver coupled to a second authentication module , defining a second programmed sequence of steps to authenticate a user with a second authentication process , said second driver having access to second display configuration information and second input device configuration information used during said second authentication process , to configure the user display and input device for the second authentication process ; an authentication framework in the computer system ; and a generic conversation function including an interpreter/processor in the authentication framework coupled to the user display and input device , defining a generic programmed sequence of steps for selectively re-configuring the user display and input device layouts and a command line interface in response to said first programmed sequence of steps or said second programmed sequence of steps ; said generic conversation function receiving said first programmed sequence of steps from the first conversation driver , to selectively re-configure the user display and input device for authenticating a user during the first authentication process ; said generic conversation function receiving said second programmed sequence of steps from the second conversation driver , to selectively re-configure the user display and input device for authenticating a user during the second authentication process . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JPH11316677A Filed: 1999-01-25 Issued: 1999-11-16 How to secure a computer network (Original Assignee) Lucent Technol Inc; ルーセント テクノロジーズ インコーポレイテッド Eric Grosse, グロッセ エリック |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (どうか) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface (specific use) ; b) detecting at the intrusion detection module incoming data frames (apparatus) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JPH11316677A CLAIM 7 【請求項7】 前記プローブの実行は、特定のユーザー 端末上を動作するウェブブラウザー上にて実行されるこ とを特徴とする請求項3記載の方法。 7 . The method according to claim 3 , wherein the execution of the probe is executed on a web browser running on a specific use (wireless interface) r terminal . JPH11316677A CLAIM 9 【請求項9】 複数のユーザー端末を有するプライベー トネットワークの保安方法であって、 (A)プライベートネットワークとパブリックネットワ ークとの間の通信トラフィックストリームを監視するス テップと、 前記通信トラフィックストリームは、複数のファイルを 含み、前記複数のファイルの特定の1つのファイルは、 前記複数のユーザー端末の特定の1つに対応付けられて おり、 (B)複数のプローブの少なくとも1つのプローブを前 記複数のファイルの特定の1つへと挿入するステップ と、 (C)前記ファイルが対応付けられたユーザー端末の特 定の1つによりプローブが実行されたかどうか (wireless communication) を判断す るステップと、 (D)プローブが実行された場合には、プローブの実行 が行われた前記ユーザー端末の特定の1つを識別するス テップとを有することを特徴とする方法。 9 . A method for securing a private network having a plurality of user terminals , comprising : (A) monitoring a communication traffic stream between a private network and a public network ; Wherein a specific one of the plurality of files is : (B) inserting at least one of a plurality of probes into a specific one of the plurality of files ; and (C) inserting the at least one probe into a specific one of the plurality of files . Determining whether a probe has been performed by a particular one of the user terminals associated with (D) ; and (D) if a probe has been performed , a particular one of the user terminals on which the probe has been performed . Identifying one . JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 10 . An impersonation detection system (apparatus) for a wireless node of a wireless communication (どうか) network , the node for transmitting original data frames over a wireless interface (specific use) comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JPH11316677A CLAIM 7 【請求項7】 前記プローブの実行は、特定のユーザー 端末上を動作するウェブブラウザー上にて実行されるこ とを特徴とする請求項3記載の方法。 7 . The method according to claim 3 , wherein the execution of the probe is executed on a web browser running on a specific use (wireless interface) r terminal . JPH11316677A CLAIM 9 【請求項9】 複数のユーザー端末を有するプライベー トネットワークの保安方法であって、 (A)プライベートネットワークとパブリックネットワ ークとの間の通信トラフィックストリームを監視するス テップと、 前記通信トラフィックストリームは、複数のファイルを 含み、前記複数のファイルの特定の1つのファイルは、 前記複数のユーザー端末の特定の1つに対応付けられて おり、 (B)複数のプローブの少なくとも1つのプローブを前 記複数のファイルの特定の1つへと挿入するステップ と、 (C)前記ファイルが対応付けられたユーザー端末の特 定の1つによりプローブが実行されたかどうか (wireless communication) を判断す るステップと、 (D)プローブが実行された場合には、プローブの実行 が行われた前記ユーザー端末の特定の1つを識別するス テップとを有することを特徴とする方法。 9 . A method for securing a private network having a plurality of user terminals , comprising : (A) monitoring a communication traffic stream between a private network and a public network ; Wherein a specific one of the plurality of files is : (B) inserting at least one of a plurality of probes into a specific one of the plurality of files ; and (C) inserting the at least one probe into a specific one of the plurality of files . Determining whether a probe has been performed by a particular one of the user terminals associated with (D) ; and (D) if a probe has been performed , a particular one of the user terminals on which the probe has been performed . Identifying one . JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 11 . The impersonation detection system (apparatus) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (通信トラフィック) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JPH11316677A CLAIM 1 【請求項1】 (A)コンピュータネットワークの通信 トラフィックストリームを監視するステップと、 前記通信トラフィック (incoming traffic) ストリームは複数のファイルを含 み、 (B)前記複数のファイルのうち少なくとも1つのファ イルへとプローブを挿入するステップと、 (C)前記プローブがコンピュータネットワーク内で実 行されたかを判断するステップと、 (D)プローブが実行された場合には、プローブの実行 が行われたコンピュータネットワーク内の位置を識別す るステップとを有することを特徴とするコンピュータネ ットワークの保安方法。 1) monitoring a communication traffic stream of a computer network , wherein the communication traffic stream includes a plurality of files ; and (B) inserting a probe into at least one of the plurality of files . (C) determining whether the probe was performed in a computer network ; and (D) identifying the location in the computer network where the probe was performed if the probe was performed . A security method for a computer network , comprising : JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 12 . The impersonation detection system (apparatus) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 13 . The impersonation detection system (apparatus) of claim 12 wherein the secure link operates according to a communication protocol . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 14 . The impersonation detection system (apparatus) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 15 . The impersonation detection system (apparatus) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 16 . The impersonation detection system (apparatus) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface (specific use) ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JPH11316677A CLAIM 7 【請求項7】 前記プローブの実行は、特定のユーザー 端末上を動作するウェブブラウザー上にて実行されるこ とを特徴とする請求項3記載の方法。 7 . The method according to claim 3 , wherein the execution of the probe is executed on a web browser running on a specific use (wireless interface) r terminal . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (通信トラフィック) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JPH11316677A CLAIM 1 【請求項1】 (A)コンピュータネットワークの通信 トラフィックストリームを監視するステップと、 前記通信トラフィック (incoming traffic) ストリームは複数のファイルを含 み、 (B)前記複数のファイルのうち少なくとも1つのファ イルへとプローブを挿入するステップと、 (C)前記プローブがコンピュータネットワーク内で実 行されたかを判断するステップと、 (D)プローブが実行された場合には、プローブの実行 が行われたコンピュータネットワーク内の位置を識別す るステップとを有することを特徴とするコンピュータネ ットワークの保安方法。 1) monitoring a communication traffic stream of a computer network , wherein the communication traffic stream includes a plurality of files ; and (B) inserting a probe into at least one of the plurality of files . (C) determining whether the probe was performed in a computer network ; and (D) identifying the location in the computer network where the probe was performed if the probe was performed . A security method for a computer network , comprising : JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 19 . The an impersonation detection system (apparatus) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 CLAIM 20 . The impersonation detection system (apparatus) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
JPH11316677A CLAIM 20 【請求項20】 (C)前記複数のプローブを記憶する データベースをさらに有することを特徴とする請求項1 9記載のネットワークセキュリティ装置。 20 . The apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) according to claim 1 , further comprising : (C) a database for storing the plurality of probes . 10 . A network security device according to claim 9 . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6343362B1 Filed: 1999-01-21 Issued: 2002-01-29 System and method providing custom attack simulation language for testing networks (Original Assignee) Networks Associates Inc (Current Assignee) McAfee LLC Thomas Henry Ptacek, Timothy Nakula Newsham, Oliver Friedrichs |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US6343362B1 CLAIM 2 . The system of claim 1 , wherein said communication-protocol packets comprise Internet Protocol (communication protocol) (IP) packets . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6308053B1 Filed: 1999-01-04 Issued: 2001-10-23 Recyclable wireless telephone unit with a secured activation switch (Original Assignee) KUYPER REENA (ONE-EIGHTH INTEREST); Thompson Bettina Jean (Current Assignee) RPX Corp ; Thompson Bettina Jean Byard G. Nilsson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6308053B1 CLAIM 1 . A prepaid keyless mobile telephone instrument capable of recycling and for use with at least one central station for communication with select telephone terminals through a switched telephone network , the keyless mobile telephone instrument having a consumable period of legitimate use before recycling , and comprising : a hand held housing ; keyless mobile telephone instrument elements fixed to the housing for wireless communication (wireless communication) with a central station ; activation controls fixed to the housing for activating the keyless mobile telephone instrument elements to communicate with a central station ; and a manually removable cover shield attached to the housing , the cover shield being formed and attached for removal during the consumable period of legitimate use and being manually replaceable at the conclusion of the consumable period of legitimate use to thereby facilitate recycling of the instrument . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6308053B1 CLAIM 1 . A prepaid keyless mobile telephone instrument capable of recycling and for use with at least one central station for communication with select telephone terminals through a switched telephone network , the keyless mobile telephone instrument having a consumable period of legitimate use before recycling , and comprising : a hand held housing ; keyless mobile telephone instrument elements fixed to the housing for wireless communication (wireless communication) with a central station ; activation controls fixed to the housing for activating the keyless mobile telephone instrument elements to communicate with a central station ; and a manually removable cover shield attached to the housing , the cover shield being formed and attached for removal during the consumable period of legitimate use and being manually replaceable at the conclusion of the consumable period of legitimate use to thereby facilitate recycling of the instrument . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6415321B1 Filed: 1998-12-29 Issued: 2002-07-02 Domain mapping method and system (Original Assignee) Cisco Technology Inc (Current Assignee) Cisco Technology Inc ; Cisco Systems Inc Robert E. Gleichauf, Gerald S Lathem, Scott V. Waddell |
---|---|
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6415321B1 CLAIM 1 . A system for mapping a network domain , the system comprising : plural network devices interfaced with the network , each network device having network information ; and a domain mapping device interfaced with the network , the domain mapping device operable to : receive and store the network information from one or more network devices , provide the network information to an intrusion detection (intrusion attack) system upon receiving a query , analyze the stored network information , generate a network map based on the analysis and the stored network information , determine a potential vulnerability based on the analysis , and configure the intrusion detection system based on the network map and the potential vulnerability . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6415321B1 CLAIM 1 . A system for mapping a network domain , the system comprising : plural network devices interfaced with the network , each network device having network information ; and a domain mapping device interfaced with the network , the domain mapping device operable to : receive and store the network information from one or more network devices , provide the network information to an intrusion detection (intrusion attack) system upon receiving a query , analyze the stored network information , generate a network map based on the analysis and the stored network information , determine a potential vulnerability based on the analysis , and configure the intrusion detection system based on the network map and the potential vulnerability . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6246935B1 Filed: 1998-12-28 Issued: 2001-06-12 Vehicle instrument panel computer interface and display (Original Assignee) DaimlerChrysler Co LLC (Current Assignee) FCA US LLC Stephen J. Buckley |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (communications medium) . |
US6246935B1 CLAIM 1 . A system for enabling communication between a removable stand-alone computer , a built-in display and a built-in computer system of a vehicle , the system comprising : a communication interface positioned at a first preselected location within the vehicle ; a second preselected location within the vehicle for receipt of the stand-alone computer ; a communications medium (communication protocol) coupling the stand-alone computer to the communication interface ; a video display mounted in the instrument panel of the vehicle ; and a video link coupling display information from the stand-alone computer to the video display such that the stand-alone computer can be operated graphically through the video display . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6510236B1 Filed: 1998-12-11 Issued: 2003-01-21 Authentication framework for managing authentication requests from multiple authentication devices (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Michael A. Crane, Ivan Matthew Milman |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (coupled thereto) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6510236B1 CLAIM 1 . A method for authenticating clients , each of which is coupled to an authentication device of one of a plurality of permitted authentication device types , comprising the steps of : passing requests for authentication to an application server , each request including information identifying a client , an authentication device coupled thereto (original data) , and authentication data ; in response to a determination at the application server that a request originates from a recognized authentication device type , passing the authentication data from the application server to an authentication device server capable of authenticating the data ; and responsive to a positive authentication by the authentication device server , returning an authorization from the application server back to the client . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (coupled thereto) frames . |
US6510236B1 CLAIM 1 . A method for authenticating clients , each of which is coupled to an authentication device of one of a plurality of permitted authentication device types , comprising the steps of : passing requests for authentication to an application server , each request including information identifying a client , an authentication device coupled thereto (original data) , and authentication data ; in response to a determination at the application server that a request originates from a recognized authentication device type , passing the authentication data from the application server to an authentication device server capable of authenticating the data ; and responsive to a positive authentication by the authentication device server , returning an authorization from the application server back to the client . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (coupled thereto) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6510236B1 CLAIM 1 . A method for authenticating clients , each of which is coupled to an authentication device of one of a plurality of permitted authentication device types , comprising the steps of : passing requests for authentication to an application server , each request including information identifying a client , an authentication device coupled thereto (original data) , and authentication data ; in response to a determination at the application server that a request originates from a recognized authentication device type , passing the authentication data from the application server to an authentication device server capable of authenticating the data ; and responsive to a positive authentication by the authentication device server , returning an authorization from the application server back to the client . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (coupled thereto) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (communication link) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6510236B1 CLAIM 1 . A method for authenticating clients , each of which is coupled to an authentication device of one of a plurality of permitted authentication device types , comprising the steps of : passing requests for authentication to an application server , each request including information identifying a client , an authentication device coupled thereto (original data) , and authentication data ; in response to a determination at the application server that a request originates from a recognized authentication device type , passing the authentication data from the application server to an authentication device server capable of authenticating the data ; and responsive to a positive authentication by the authentication device server , returning an authorization from the application server back to the client . US6510236B1 CLAIM 9 . The method as described in claim 1 wherein the requests are passed to and from the application server over secure communication link (air interface) s . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (communication link) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6510236B1 CLAIM 9 . The method as described in claim 1 wherein the requests are passed to and from the application server over secure communication link (air interface) s . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6370648B1 Filed: 1998-12-08 Issued: 2002-04-09 Computer network intrusion detection (Original Assignee) Visa International Service Association (Current Assignee) Visa International Service Association Thanh A. Diep |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (predetermined time period) . |
US6370648B1 CLAIM 4 . A method as recited in claim 1 wherein retrieving a user input sequence further comprises : logging , in a chronological manner , commands and program names entered in the computer network thereby creating a command log ; arranging the command log according to individual users on the computer network ; and identifying the user input sequence from the command log using a predetermined time period (time interval) . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6370648B1 CLAIM 9 . A method of determining similarity between a user sequence and a sequence template in a computer network intrusion detection (intrusion attack) system using correlation matching , the method comprising : (a) retrieving the user sequence including a plurality of user commands ; (b) retrieving a template sequence including a plurality of template commands ; (c) transforming one of the user sequence and the template sequence such that the user sequence and the template sequence are of substantially the same length ; (d) performing a series of comparisons between the user sequence and the template sequence producing matches ; (e) deriving a similarity factor from the number of matches between the plurality of user commands and the plurality of template commands ; and (f) associating the similarity factor with said template sequence as an indication of likelihood of intrusion , whereby the complexity of the computer network intrusion system is low . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6370648B1 CLAIM 9 . A method of determining similarity between a user sequence and a sequence template in a computer network intrusion detection (intrusion attack) system using correlation matching , the method comprising : (a) retrieving the user sequence including a plurality of user commands ; (b) retrieving a template sequence including a plurality of template commands ; (c) transforming one of the user sequence and the template sequence such that the user sequence and the template sequence are of substantially the same length ; (d) performing a series of comparisons between the user sequence and the template sequence producing matches ; (e) deriving a similarity factor from the number of matches between the plurality of user commands and the plurality of template commands ; and (f) associating the similarity factor with said template sequence as an indication of likelihood of intrusion , whereby the complexity of the computer network intrusion system is low . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6321338B1 Filed: 1998-11-09 Issued: 2001-11-20 Network surveillance (Original Assignee) SRI International Inc (Current Assignee) SRI International Inc Phillip A. Porras, Alfonso Valdes |
---|---|
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (transfer command) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6321338B1 CLAIM 2 . The method of claim 1 , wherein the measure monitors data transfers by monitoring network packet data transfer command (air interface, data processing unit) s . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (transfer command) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6321338B1 CLAIM 2 . The method of claim 1 , wherein the measure monitors data transfers by monitoring network packet data transfer command (air interface, data processing unit) s . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (transfer command) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6321338B1 CLAIM 2 . The method of claim 1 , wherein the measure monitors data transfers by monitoring network packet data transfer command (air interface, data processing unit) s . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (transfer command) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6321338B1 CLAIM 2 . The method of claim 1 , wherein the measure monitors data transfers by monitoring network packet data transfer command (air interface, data processing unit) s . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6327570B1 Filed: 1998-11-06 Issued: 2001-12-04 Personal business service system and method (Original Assignee) Dian Stevens (Current Assignee) III Holdings 1 LLC Dian Stevens |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (wireless networks) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (wireless networks) received over all the wireless channels allocated to the wireless node . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data frames (wireless networks) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (wireless networks) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (wireless networks) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (wireless networks) from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6327570B1 CLAIM 10 . A method of personalized customer service comprising the steps of : gathering personal consumer buying information for a particular consumer into at least one central control node via a private network interconnecting subscribing business entities ; performing statistical analysis on said particular consumer buying information to derive consumer product information for said particular consumer ; displaying and presenting said derived consumer product information to participating consumers via personal agent devices ; communicating via local area wireless networks (incoming data frames) between subscribing business entities and participating consumers when participating consumers are in subscribing business locations . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6324650B1 Filed: 1998-11-02 Issued: 2001-11-27 Message content protection and conditional disclosure (Original Assignee) John W.L. Ogilvie (Current Assignee) Resource Consortium Ltd John W.L. Ogilvie |
---|---|
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (presents data) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6324650B1 CLAIM 19 . A computer storage medium having a configuration that represents data (air interface) and instructions which will cause at least a portion of a computer system to perform method steps for controlled message disclosure , the method steps comprising the steps of : obtaining at least one disclosure condition ; storing copies of a message in a network ; checking for occurrence of the disclosure condition ; and if occurrence of the disclosure condition is detected then disclosing at least a portion of the message . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (presents data) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6324650B1 CLAIM 19 . A computer storage medium having a configuration that represents data (air interface) and instructions which will cause at least a portion of a computer system to perform method steps for controlled message disclosure , the method steps comprising the steps of : obtaining at least one disclosure condition ; storing copies of a message in a network ; checking for occurrence of the disclosure condition ; and if occurrence of the disclosure condition is detected then disclosing at least a portion of the message . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | WO9917477A2 Filed: 1998-09-30 Issued: 1999-04-08 Multi tier wireless communication system (Original Assignee) Honeywell Inc. Jeffrey J. Kriz |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (relatively high power, logic circuitry) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
WO9917477A2 CLAIM 1 . A system comprising : a plurality of devices , each device coupled to a low power transceiver that transmits and receives information ; a plurality of router nodes , each router node having a transceiver capable of receiving device information from one or more proximate wireless devices and capable of wireless communication (wireless communication) at a higher power level with other router nodes ; and a controller coupled to at least one router node for receiving device information , wherein the router nodes transmit device information either to the controller or to another router for further transmission of the device information . WO9917477A2 CLAIM 18 . A device which communicates with a router node of a monitoring system which has a first tier of low power , low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) device nodes which communicate with routers configured with a higher power , higher bandwidth network , the device comprising : a low power wireless transceiver operating at a frequency which is unlicensed , for communicating with a router node located proximate to the transceiver ; and a power management module responsive to signals received by the transceiver for controlling a sleep power mode of the device . WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (low bandwidth) allocated to the wireless node and extracting the incoming data (relatively high power, logic circuitry) frames received over all the wireless channels allocated to the wireless node . |
WO9917477A2 CLAIM 18 . A device which communicates with a router node of a monitoring system which has a first tier of low power , low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) device nodes which communicate with routers configured with a higher power , higher bandwidth network , the device comprising : a low power wireless transceiver operating at a frequency which is unlicensed , for communicating with a router node located proximate to the transceiver ; and a power management module responsive to signals received by the transceiver for controlling a sleep power mode of the device . WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (relatively high power, logic circuitry) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (relatively high power, logic circuitry) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
WO9917477A2 CLAIM 1 . A system comprising : a plurality of devices , each device coupled to a low power transceiver that transmits and receives information ; a plurality of router nodes , each router node having a transceiver capable of receiving device information from one or more proximate wireless devices and capable of wireless communication (wireless communication) at a higher power level with other router nodes ; and a controller coupled to at least one router node for receiving device information , wherein the router nodes transmit device information either to the controller or to another router for further transmission of the device information . WO9917477A2 CLAIM 18 . A device which communicates with a router node of a monitoring system which has a first tier of low power , low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) device nodes which communicate with routers configured with a higher power , higher bandwidth network , the device comprising : a low power wireless transceiver operating at a frequency which is unlicensed , for communicating with a router node located proximate to the transceiver ; and a power management module responsive to signals received by the transceiver for controlling a sleep power mode of the device . WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (video camera) allocated to the wireless node ; a second receiving unit for detecting the incoming data (relatively high power, logic circuitry) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . WO9917477A2 CLAIM 34 . The router node of claim 33 , wherein the hardwired device comprises a video camera (transmission channels) . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving device) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
WO9917477A2 CLAIM 1 . A system comprising : a plurality of devices , each device coupled to a low power transceiver that transmits and receives information ; a plurality of router nodes , each router node having a transceiver capable of receiving device (transmitting unit, transmitting outgoing data frames) information from one or more proximate wireless devices and capable of wireless communication at a higher power level with other router nodes ; and a controller coupled to at least one router node for receiving device information , wherein the router nodes transmit device information either to the controller or to another router for further transmission of the device information . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (low bandwidth) operates according to any wireless network technology . |
WO9917477A2 CLAIM 18 . A device which communicates with a router node of a monitoring system which has a first tier of low power , low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) device nodes which communicate with routers configured with a higher power , higher bandwidth network , the device comprising : a low power wireless transceiver operating at a frequency which is unlicensed , for communicating with a router node located proximate to the transceiver ; and a power management module responsive to signals received by the transceiver for controlling a sleep power mode of the device . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (low bandwidth) comprising : means for transmitting outgoing data frames (receiving device) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (relatively high power, logic circuitry) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
WO9917477A2 CLAIM 1 . A system comprising : a plurality of devices , each device coupled to a low power transceiver that transmits and receives information ; a plurality of router nodes , each router node having a transceiver capable of receiving device (transmitting unit, transmitting outgoing data frames) information from one or more proximate wireless devices and capable of wireless communication at a higher power level with other router nodes ; and a controller coupled to at least one router node for receiving device information , wherein the router nodes transmit device information either to the controller or to another router for further transmission of the device information . WO9917477A2 CLAIM 18 . A device which communicates with a router node of a monitoring system which has a first tier of low power , low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) device nodes which communicate with routers configured with a higher power , higher bandwidth network , the device comprising : a low power wireless transceiver operating at a frequency which is unlicensed , for communicating with a router node located proximate to the transceiver ; and a power management module responsive to signals received by the transceiver for controlling a sleep power mode of the device . WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (video camera) allocated to the wireless node ; a second receiving unit for detecting the incoming data (relatively high power, logic circuitry) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
WO9917477A2 CLAIM 21 . The device of claim 18 , and further comprising logic circuitry (incoming data, incoming data frames) for generating packets of information to be sent to a router , the packets comprising a device id , a priority , device status and data . WO9917477A2 CLAIM 26 . A network of router nodes communicatively coupled to a central controller of a security monitoring system , the network comprising : a first router node hardwired into the central controller ; a second router node having a first receiver for receiving low power transmissions of physical condition related information from a plurality of devices located proximate the second router node , a second receiver for receiving high bandwidth transmissions from other routers in the system , and a first transmitter coupled to the first and second receivers that transmits information from the plurality of devices at a relatively high power (incoming data, incoming data frames) to the first router node . WO9917477A2 CLAIM 34 . The router node of claim 33 , wherein the hardwired device comprises a video camera (transmission channels) . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (low bandwidth) operates according to any wireless network technology . |
WO9917477A2 CLAIM 18 . A device which communicates with a router node of a monitoring system which has a first tier of low power , low bandwidth (wireless channels, wireless network, wireless communication network, wireless network technology) device nodes which communicate with routers configured with a higher power , higher bandwidth network , the device comprising : a low power wireless transceiver operating at a frequency which is unlicensed , for communicating with a router node located proximate to the transceiver ; and a power management module responsive to signals received by the transceiver for controlling a sleep power mode of the device . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6195547B1 Filed: 1998-09-24 Issued: 2001-02-27 System and method for a previously activated mobile station to challenge network mobile station knowledge during over the air activation (Original Assignee) Telefonaktiebolaget LM Ericsson AB (Current Assignee) Optis Wireless Technology LLC Michel Corriveau, Michel Houde |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6195547B1 CLAIM 1 . A method for activating over the air a previously activated mobile station in a wireless communication (wireless communication) s network having an over the air processor , the method comprising the steps of : i) the over the air processor requesting the data configuration information of the mobile station ; ii) the mobile station making a first challenge request of the request for data configuration information and transmitting certain mobile station parameters to the network ; iii) the network in response to the first challenge request from the mobile station using the certain mobile station parameters to generate a first return challenge response and forwarding the first return challenge response to the mobile station ; iv) the mobile station validating the first return challenge response and forwarding data configuration information to the over the air processor ; v) the over the air processor sending new programming information to the mobile station to re-activate the mobile station with new operating parameters , wherein the over the air processor further requests the mobile station to commit to the new operating parameters ; vi) the mobile station upon receipt of the request to commit to new operating parameters making a second challenge request to the network and transmitting certain mobile station parameters to the network ; vii) the network in response to the second challenge request from the mobile station using the certain mobile station parameters to generate a second return challenge response and forwarding the second return challenge response to the mobile station ; and viii) upon receipt of the second return challenge response the mobile station validating the second return challenge response and then committing to the new operating parameters . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (programming information) . |
US6195547B1 CLAIM 1 . A method for activating over the air a previously activated mobile station in a wireless communications network having an over the air processor , the method comprising the steps of : i) the over the air processor requesting the data configuration information of the mobile station ; ii) the mobile station making a first challenge request of the request for data configuration information and transmitting certain mobile station parameters to the network ; iii) the network in response to the first challenge request from the mobile station using the certain mobile station parameters to generate a first return challenge response and forwarding the first return challenge response to the mobile station ; iv) the mobile station validating the first return challenge response and forwarding data configuration information to the over the air processor ; v) the over the air processor sending new programming information (time interval) to the mobile station to re-activate the mobile station with new operating parameters , wherein the over the air processor further requests the mobile station to commit to the new operating parameters ; vi) the mobile station upon receipt of the request to commit to new operating parameters making a second challenge request to the network and transmitting certain mobile station parameters to the network ; vii) the network in response to the second challenge request from the mobile station using the certain mobile station parameters to generate a second return challenge response and forwarding the second return challenge response to the mobile station ; and viii) upon receipt of the second return challenge response the mobile station validating the second return challenge response and then committing to the new operating parameters . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6195547B1 CLAIM 1 . A method for activating over the air a previously activated mobile station in a wireless communication (wireless communication) s network having an over the air processor , the method comprising the steps of : i) the over the air processor requesting the data configuration information of the mobile station ; ii) the mobile station making a first challenge request of the request for data configuration information and transmitting certain mobile station parameters to the network ; iii) the network in response to the first challenge request from the mobile station using the certain mobile station parameters to generate a first return challenge response and forwarding the first return challenge response to the mobile station ; iv) the mobile station validating the first return challenge response and forwarding data configuration information to the over the air processor ; v) the over the air processor sending new programming information to the mobile station to re-activate the mobile station with new operating parameters , wherein the over the air processor further requests the mobile station to commit to the new operating parameters ; vi) the mobile station upon receipt of the request to commit to new operating parameters making a second challenge request to the network and transmitting certain mobile station parameters to the network ; vii) the network in response to the second challenge request from the mobile station using the certain mobile station parameters to generate a second return challenge response and forwarding the second return challenge response to the mobile station ; and viii) upon receipt of the second return challenge response the mobile station validating the second return challenge response and then committing to the new operating parameters . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US6195547B1 CLAIM 16 . An over the air activation system for use in a wireless telecommunications network for activating a previously activated mobile station , the mobile station being programmed with certain identification and operating parameters for communicating with the wireless network (wireless network) , the system comprising : a mobile switching center for communicating through a base station with the mobile station ; an over the air processor for forwarding to the mobile station a first message requesting the data configuration of the mobile station and for receiving from the mobile station a first challenge message comprising certain mobile station parameters that excludes secret data information and includes a first challenge request for the request for data configuration information , the over the air processor forwarding a first challenge request message with the certain mobile station parameters to an authentication center ; the authentication center in response to the first challenge request message generating a return challenge request message calculated from the certain mobile station parameters and secret data information of the mobile station stored in the authentication center and forwarding the return challenge request message to the over the air processor including authentication information and authorization command which is forwarded by the over the air processor to the mobile station ; the mobile station validating the calculated return challenge request message and forwarding a data configuration information message to the over the air processor in response to the authorization command to permit the over the air processor to send new programming information to the mobile station to re-activate the mobile station with new operating parameters said new programming information including a commit instruction to the mobile station to commit to use the new operating parameters ; and the mobile station generating a second challenge request message to the over the air processor request to commit to new operating parameters and the second challenge request message including the certain mobile station parameters and excluding secret data information , the over the air processor forwarding the second challenge request message to the authentication center including the certain mobile station parameters and the authentication center in response to the second challenge request message generating a second return challenge request message calculated from the certain mobile station parameters and secret data information of the mobile station stored in the authentication center and forwarding the second return challenge request message to the over the air processor including authentication information and authorization command which is forwarded by the over the air processor to the mobile station , the mobile station , upon successful validation of the second authorization command , committing to the new operation parameters . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6195547B1 CLAIM 16 . An over the air activation system for use in a wireless telecommunications network for activating a previously activated mobile station , the mobile station being programmed with certain identification and operating parameters for communicating with the wireless network (wireless network) , the system comprising : a mobile switching center for communicating through a base station with the mobile station ; an over the air processor for forwarding to the mobile station a first message requesting the data configuration of the mobile station and for receiving from the mobile station a first challenge message comprising certain mobile station parameters that excludes secret data information and includes a first challenge request for the request for data configuration information , the over the air processor forwarding a first challenge request message with the certain mobile station parameters to an authentication center ; the authentication center in response to the first challenge request message generating a return challenge request message calculated from the certain mobile station parameters and secret data information of the mobile station stored in the authentication center and forwarding the return challenge request message to the over the air processor including authentication information and authorization command which is forwarded by the over the air processor to the mobile station ; the mobile station validating the calculated return challenge request message and forwarding a data configuration information message to the over the air processor in response to the authorization command to permit the over the air processor to send new programming information to the mobile station to re-activate the mobile station with new operating parameters said new programming information including a commit instruction to the mobile station to commit to use the new operating parameters ; and the mobile station generating a second challenge request message to the over the air processor request to commit to new operating parameters and the second challenge request message including the certain mobile station parameters and excluding secret data information , the over the air processor forwarding the second challenge request message to the authentication center including the certain mobile station parameters and the authentication center in response to the second challenge request message generating a second return challenge request message calculated from the certain mobile station parameters and secret data information of the mobile station stored in the authentication center and forwarding the second return challenge request message to the over the air processor including authentication information and authorization command which is forwarded by the over the air processor to the mobile station , the mobile station , upon successful validation of the second authorization command , committing to the new operation parameters . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
US6195547B1 CLAIM 16 . An over the air activation system for use in a wireless telecommunications network for activating a previously activated mobile station , the mobile station being programmed with certain identification and operating parameters for communicating with the wireless network (wireless network) , the system comprising : a mobile switching center for communicating through a base station with the mobile station ; an over the air processor for forwarding to the mobile station a first message requesting the data configuration of the mobile station and for receiving from the mobile station a first challenge message comprising certain mobile station parameters that excludes secret data information and includes a first challenge request for the request for data configuration information , the over the air processor forwarding a first challenge request message with the certain mobile station parameters to an authentication center ; the authentication center in response to the first challenge request message generating a return challenge request message calculated from the certain mobile station parameters and secret data information of the mobile station stored in the authentication center and forwarding the return challenge request message to the over the air processor including authentication information and authorization command which is forwarded by the over the air processor to the mobile station ; the mobile station validating the calculated return challenge request message and forwarding a data configuration information message to the over the air processor in response to the authorization command to permit the over the air processor to send new programming information to the mobile station to re-activate the mobile station with new operating parameters said new programming information including a commit instruction to the mobile station to commit to use the new operating parameters ; and the mobile station generating a second challenge request message to the over the air processor request to commit to new operating parameters and the second challenge request message including the certain mobile station parameters and excluding secret data information , the over the air processor forwarding the second challenge request message to the authentication center including the certain mobile station parameters and the authentication center in response to the second challenge request message generating a second return challenge request message calculated from the certain mobile station parameters and secret data information of the mobile station stored in the authentication center and forwarding the second return challenge request message to the over the air processor including authentication information and authorization command which is forwarded by the over the air processor to the mobile station , the mobile station , upon successful validation of the second authorization command , committing to the new operation parameters . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6317831B1 Filed: 1998-09-21 Issued: 2001-11-13 Method and apparatus for establishing a secure connection over a one-way data path (Original Assignee) Great Elm Capital Group Inc (Current Assignee) Unwired Planet LLC Peter F. King |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6317831B1 CLAIM 22 . A wireless communication (wireless communication) system , comprising : a wired network having a plurality of server computers ; a wireless carrier network operatively connected to said wired network , said wireless carrier network supporting a narrowband channel and a wideband channel ; a network gateway coupled between said wired network and said wireless carrier network , said network gateway includes a secure connection processor that establishes a secure connection over the narrowband channel by exchanging security information over the wideband channel ; and a plurality of wireless mobile devices that can exchange data with the server computers on said wired network via said wireless carrier network and said network gateway , wherein messages are supplied from said network gateway to said wireless mobile devices over the secure connection established over the narrowband channel . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data (outgoing message) frames . |
US6317831B1 CLAIM 23 . A mobile device capable of connecting to a network of computers through a wireless link , said mobile device comprising : a display screen that displays graphics and text ; a message buffer that temporarily stores a message from a computer on the network of computers , the message having a service identity associated therewith ; an application that utilizes the message received from the computer on the network of computers ; and a cryptographic controller that controls encryption or signature of outgoing message (outgoing data) s and controls the decryption or authentication of incoming messages , said cryptographic controller operates to establish a secure connection over which it receives the incoming messages by using a narrowband channel , wherein a companion wideband channel is used to exchange security information needed to establish the secure connection over the narrowband channel . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data (outgoing message) frames comprises frames that allow statistical comparisons . |
US6317831B1 CLAIM 23 . A mobile device capable of connecting to a network of computers through a wireless link , said mobile device comprising : a display screen that displays graphics and text ; a message buffer that temporarily stores a message from a computer on the network of computers , the message having a service identity associated therewith ; an application that utilizes the message received from the computer on the network of computers ; and a cryptographic controller that controls encryption or signature of outgoing message (outgoing data) s and controls the decryption or authentication of incoming messages , said cryptographic controller operates to establish a secure connection over which it receives the incoming messages by using a narrowband channel , wherein a companion wideband channel is used to exchange security information needed to establish the secure connection over the narrowband channel . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data (outgoing message) frames transmitted over a time interval (temporarily store) . |
US6317831B1 CLAIM 23 . A mobile device capable of connecting to a network of computers through a wireless link , said mobile device comprising : a display screen that displays graphics and text ; a message buffer that temporarily store (time interval) s a message from a computer on the network of computers , the message having a service identity associated therewith ; an application that utilizes the message received from the computer on the network of computers ; and a cryptographic controller that controls encryption or signature of outgoing message (outgoing data) s and controls the decryption or authentication of incoming messages , said cryptographic controller operates to establish a secure connection over which it receives the incoming messages by using a narrowband channel , wherein a companion wideband channel is used to exchange security information needed to establish the secure connection over the narrowband channel . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6317831B1 CLAIM 22 . A wireless communication (wireless communication) system , comprising : a wired network having a plurality of server computers ; a wireless carrier network operatively connected to said wired network , said wireless carrier network supporting a narrowband channel and a wideband channel ; a network gateway coupled between said wired network and said wireless carrier network , said network gateway includes a secure connection processor that establishes a secure connection over the narrowband channel by exchanging security information over the wideband channel ; and a plurality of wireless mobile devices that can exchange data with the server computers on said wired network via said wireless carrier network and said network gateway , wherein messages are supplied from said network gateway to said wireless mobile devices over the secure connection established over the narrowband channel . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data (outgoing message) frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6317831B1 CLAIM 23 . A mobile device capable of connecting to a network of computers through a wireless link , said mobile device comprising : a display screen that displays graphics and text ; a message buffer that temporarily stores a message from a computer on the network of computers , the message having a service identity associated therewith ; an application that utilizes the message received from the computer on the network of computers ; and a cryptographic controller that controls encryption or signature of outgoing message (outgoing data) s and controls the decryption or authentication of incoming messages , said cryptographic controller operates to establish a secure connection over which it receives the incoming messages by using a narrowband channel , wherein a companion wideband channel is used to exchange security information needed to establish the secure connection over the narrowband channel . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data (outgoing message) frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6317831B1 CLAIM 23 . A mobile device capable of connecting to a network of computers through a wireless link , said mobile device comprising : a display screen that displays graphics and text ; a message buffer that temporarily stores a message from a computer on the network of computers , the message having a service identity associated therewith ; an application that utilizes the message received from the computer on the network of computers ; and a cryptographic controller that controls encryption or signature of outgoing message (outgoing data) s and controls the decryption or authentication of incoming messages , said cryptographic controller operates to establish a secure connection over which it receives the incoming messages by using a narrowband channel , wherein a companion wideband channel is used to exchange security information needed to establish the secure connection over the narrowband channel . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6219786B1 Filed: 1998-09-09 Issued: 2001-04-17 Method and system for monitoring and controlling network access (Original Assignee) SurfControl Inc (Current Assignee) Forcepoint LLC Mark Cunningham, Andrew Trevarrow |
---|---|
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6219786B1 CLAIM 10 . The method of claim 1 further comprising a step of executing first-line network intrusion detection (intrusion attack) at an entry point of said network , such that transmissions from nodes that are external to said network are subject to first-line network intrusion restriction rules , said first-line network intrusion detection being independent of said step of applying said access rules . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6219786B1 CLAIM 10 . The method of claim 1 further comprising a step of executing first-line network intrusion detection (intrusion attack) at an entry point of said network , such that transmissions from nodes that are external to said network are subject to first-line network intrusion restriction rules , said first-line network intrusion detection being independent of said step of applying said access rules . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6519646B1 Filed: 1998-09-01 Issued: 2003-02-11 Method and apparatus for encoding content characteristics (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc Amit Gupta, Elliot Poger, Christoph Schuba |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (transmitting one) . |
US6519646B1 CLAIM 9 . The method of claim 1 wherein said method for obtaining said at least one retrieval characteristic comprises : transmitting encoding information , said encoding information defining encoded information regarding one or more retrieval characteristics ; transmitting one (communication protocol) or more retrieval characteristics in the form of encoding information for said information to be retrieved prior to retrieval of said information . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6208247B1 Filed: 1998-08-18 Issued: 2001-03-27 Wireless integrated sensor network using multiple relayed communications (Original Assignee) Rockwell Science Center LLC (Current Assignee) Skyworks Solutions Inc Jonathan R. Agre, Loren P. Clare, 5th Henry O. Marcy, Allen J. Twarowski, William Kaiser, Wilmer A. Mickelson, Michael D. Yakos, Christian J. Loeffelholz, Jonathan R. Engdahl |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (second station, data buffer, time period, n channels) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (second station, data buffer, time period, n channels) . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (second station, data buffer, time period, n channels) comprises frames that allow statistical comparisons . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station (first receiving, first receiving unit, second receiving unit, outgoing data frames comprises frames) and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (second station, data buffer, time period, n channels) transmitted over a time interval (time interval) . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 6 . The station of claim 5 , further comprising : a sum-of-squares accumulator , which operates on the filtered data output of said digital filter , squares the filtered data output from said digital filters and accumulates the squared filtered data output over a time interval (time interval) to obtain an average power spectral density for application as an input to said comparators . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (second station, data buffer, time period, n channels) . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (second station, data buffer, time period, n channels) received over all the wireless channels allocated to the wireless node . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (second station, data buffer, time period, n channels) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (second station, data buffer, time period, n channels) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (first station) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (first station) for detecting the incoming data frames (second station, data buffer, time period, n channels) from the incoming traffic ; and a data processing unit (second station, data buffer, time period, n channels) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station (first receiving, first receiving unit, second receiving unit, outgoing data frames comprises frames) and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (second station, data buffer, time period, n channels) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (first station) unit for receiving the copy of the outgoing data frames (second station, data buffer, time period, n channels) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (first station) for detecting the incoming data frames from the incoming traffic ; and a data processing unit (second station, data buffer, time period, n channels) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6208247B1 CLAIM 1 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said transmitter and receiver operate in a plurality of communication channels (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) that are defined time period (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) s , subdivisions of a longer periodically repeating time frame . US6208247B1 CLAIM 3 . An electronic communicating and sensing station , comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor , to transmit information about the sensed condition , a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; a data buffer (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) for storing data from said sensor , a spectral analyzer which operates on the data in said data buffer , to compute a power spectral density in at least one spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectral analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the output signals from said comparators together forming the output of said digital signal processor . US6208247B1 CLAIM 9 . A network of electronic communicating and sensing stations , comprising at least two stations , a first station (first receiving, first receiving unit, second receiving unit, outgoing data frames comprises frames) and a second station (data frames, original data frames, incoming data frames, outgoing data frames, data processing unit, transmitting original data frames, outgoing data) , each comprising : a sensor which provides an output indicative of a sensed condition , a digital signal processor , coupled to receive the sensor output and configured to compare characteristics of the sensor output to a stored set of characteristics , and producing an output based upon said comparison , a programmable microprocessor coupled to said digital signal processor to evaluate its output , a wireless transmitter that is controlled by said programmable microprocessor to transmit information about the sensed condition , and a wireless receiver that is controlled by said programmable microprocessor to receive data and instructions for programming said programmable microprocessor ; wherein said second station is arranged to communicate with said first station by receiving said information by said wireless receiver ; and wherein said digital signal processor comprises : a data buffer for storing data from said sensor , a spectrum analyzer which operates on the data in said dati buffer , to compute a power spectral density in at least on(spectral band , and one or more comparators , each comparing the power spectral density in a respective spectral band computed by said spectrum analyzer with a respective stored power spectral density and producing an output signal when said power spectral density exceeds said stored power spectral density , the outputs from said comparators together forming the output of said digital signal processor . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6256314B1 Filed: 1998-08-11 Issued: 2001-07-03 Apparatus and methods for routerless layer 3 forwarding in a network (Original Assignee) Avaya Technology LLC (Current Assignee) Avaya Inc Benny Rodrig, Lior Shabtai |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (downstream port, upstream port, other port) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (downstream port, upstream port, other port) frames received over all the wireless channels allocated to the wireless node . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (downstream port, upstream port, other port) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (downstream port, upstream port, other port) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data (downstream port, upstream port, other port) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet (incoming traffic) ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . US6256314B1 CLAIM 9 . A method according to claim 1 wherein said forwarding information comprises information (second receiving unit) pertaining only to stations whose IP addresses have been designated by the user as being eligible to be learned . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (downstream port, upstream port, other port) . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (downstream port, upstream port, other port) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data (downstream port, upstream port, other port) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6256314B1 CLAIM 1 . A method by which a network element , having a plurality of ports , performs layer 3 forwarding within a network comprising one or more routers , the method comprising : for each of the one or more routers in the network , identifying at least one of the plurality of ports , via which the router is reachable , as an upstream port (communication protocol, incoming data, incoming data frames) with respect to the router , and identifying one or more other port (communication protocol, incoming data, incoming data frames) s in the plurality of ports from which the router is not reachable as downstream port (communication protocol, incoming data, incoming data frames) s with respect to the router ; learning forwarding information including one or more IP addresses respectively associated with one or more IP stations reachable from the one or more other ports ; receiving a data packet (incoming traffic) ; and performing layer 3 forwarding upon receiving the packet if the packet has a layer 2 destination address equal to a MAC address for one of the one or more routers and has a layer 3 IP destination address equal to one of the one or more learned IP addresses . US6256314B1 CLAIM 9 . A method according to claim 1 wherein said forwarding information comprises information (second receiving unit) pertaining only to stations whose IP addresses have been designated by the user as being eligible to be learned . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6185491B1 Filed: 1998-07-31 Issued: 2001-02-06 Networked vehicle controlling attached devices using JavaBeans™ (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc Jamison Gray, Eric Chu |
---|---|
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (digital multimedia broadcasting, video camera) allocated to the wireless node and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
US6185491B1 CLAIM 4 . The vehicle of claim 2 in which said at least a first device is one of a cabin lighting interface , amp/speaker , CD player , AM/FM radio and tape player , GPS , heat/air conditioning , radar , air bag activation and status , video camera (wireless channels, transmission channels) s , emergency rescue , alarms , anti-theft system , odometers , gyroscope , route guidance , access control , location transponder , video games , an internet connection , a digital multimedia broadcasting (wireless channels, transmission channels) receiver , telephone receivers , digital video decoders and recorders , a digital audio broadcasting receiver , voice recognition systems , a cellular telephone handset either directly connected or linked via infrared , a digital cell phone module and a gateway to other buses . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (digital multimedia broadcasting, video camera) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6185491B1 CLAIM 4 . The vehicle of claim 2 in which said at least a first device is one of a cabin lighting interface , amp/speaker , CD player , AM/FM radio and tape player , GPS , heat/air conditioning , radar , air bag activation and status , video camera (wireless channels, transmission channels) s , emergency rescue , alarms , anti-theft system , odometers , gyroscope , route guidance , access control , location transponder , video games , an internet connection , a digital multimedia broadcasting (wireless channels, transmission channels) receiver , telephone receivers , digital video decoders and recorders , a digital audio broadcasting receiver , voice recognition systems , a cellular telephone handset either directly connected or linked via infrared , a digital cell phone module and a gateway to other buses . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (communications medium, internet connection) . |
US6185491B1 CLAIM 1 . A vehicle comprising : a . a communications medium (communication protocol) ; b . one or more devices connected to said communications medium , each device controllable over said medium ; c . a vehicle control center , connected to said medium , said vehicle control center including a control element and memory , said memory including one or more beans for controlling said one or more devices ; and wherein each of said one or more beans is a portable and re-usable , self-contained Java software component . US6185491B1 CLAIM 4 . The vehicle of claim 2 in which said at least a first device is one of a cabin lighting interface , amp/speaker , CD player , AM/FM radio and tape player , GPS , heat/air conditioning , radar , air bag activation and status , video cameras , emergency rescue , alarms , anti-theft system , odometers , gyroscope , route guidance , access control , location transponder , video games , an internet connection (communication protocol) , a digital multimedia broadcasting receiver , telephone receivers , digital video decoders and recorders , a digital audio broadcasting receiver , voice recognition systems , a cellular telephone handset either directly connected or linked via infrared , a digital cell phone module and a gateway to other buses . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (digital multimedia broadcasting, video camera) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6185491B1 CLAIM 4 . The vehicle of claim 2 in which said at least a first device is one of a cabin lighting interface , amp/speaker , CD player , AM/FM radio and tape player , GPS , heat/air conditioning , radar , air bag activation and status , video camera (wireless channels, transmission channels) s , emergency rescue , alarms , anti-theft system , odometers , gyroscope , route guidance , access control , location transponder , video games , an internet connection , a digital multimedia broadcasting (wireless channels, transmission channels) receiver , telephone receivers , digital video decoders and recorders , a digital audio broadcasting receiver , voice recognition systems , a cellular telephone handset either directly connected or linked via infrared , a digital cell phone module and a gateway to other buses . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20030043763A1 Filed: 1998-07-29 Issued: 2003-03-06 Wireless networked message routing (Original Assignee) US Philips Corp (Current Assignee) Signify Holding BV Paul D Grayson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (acknowledgement message) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US20030043763A1 CLAIM 1 . A wireless communication (wireless communication) s system comprising a plurality of nodes clustered for the exchange of data and control message packets , each node having a unique address within the system , and being arranged to ignore received messages not containing their own node address , and each being arranged to generate and transmit an acknowledgement message (intrusion detection module incoming data frames) to the originating node of a data packet received directly , characterised in that each node further comprises a store holding a node address for each other node of the system , each node being arranged , on determining lack of receipt of an acknowledgement message for a message packet transmitted to a target node , to select a further node address from the store and transmit the said message packet to said further node as a re-routed message packet , each node being configured to identify the original target of a received re-routed message packet and to transmit said re-routed message packet to its original target . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US20030043763A1 CLAIM 1 . A wireless communication (wireless communication) s system comprising a plurality of nodes clustered for the exchange of data and control message packets , each node having a unique address within the system , and being arranged to ignore received messages not containing their own node address , and each being arranged to generate and transmit an acknowledgement message to the originating node of a data packet received directly , characterised in that each node further comprises a store holding a node address for each other node of the system , each node being arranged , on determining lack of receipt of an acknowledgement message for a message packet transmitted to a target node , to select a further node address from the store and transmit the said message packet to said further node as a re-routed message packet , each node being configured to identify the original target of a received re-routed message packet and to transmit said re-routed message packet to its original target . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit (node address) for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20030043763A1 CLAIM 1 . A wireless communications system comprising a plurality of nodes clustered for the exchange of data and control message packets , each node having a unique address within the system , and being arranged to ignore received messages not containing their own node address (first receiving unit) , and each being arranged to generate and transmit an acknowledgement message to the originating node of a data packet (incoming traffic) received directly , characterised in that each node further comprises a store holding a node address for each other node of the system , each node being arranged , on determining lack of receipt of an acknowledgement message for a message packet transmitted to a target node , to select a further node address from the store and transmit the said message packet to said further node as a re-routed message packet , each node being configured to identify the original target of a received re-routed message packet and to transmit said re-routed message packet to its original target . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit (node address) for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20030043763A1 CLAIM 1 . A wireless communications system comprising a plurality of nodes clustered for the exchange of data and control message packets , each node having a unique address within the system , and being arranged to ignore received messages not containing their own node address (first receiving unit) , and each being arranged to generate and transmit an acknowledgement message to the originating node of a data packet (incoming traffic) received directly , characterised in that each node further comprises a store holding a node address for each other node of the system , each node being arranged , on determining lack of receipt of an acknowledgement message for a message packet transmitted to a target node , to select a further node address from the store and transmit the said message packet to said further node as a re-routed message packet , each node being configured to identify the original target of a received re-routed message packet and to transmit said re-routed message packet to its original target . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6202081B1 Filed: 1998-07-21 Issued: 2001-03-13 Method and protocol for synchronized transfer-window based firewall traversal (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP Stanley T. Naudus |
---|---|
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (acknowledgment message) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6202081B1 CLAIM 4 . The method of claim 1 wherein the first secure message is an open-transfer-window message and the second secure message is an open-transfer-window acknowledgment message (air interface) to from a firewall traversal protocol . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US6202081B1 CLAIM 8 . The method of claim 1 wherein the first secure message , second secure message and plurality of secure data packets are Internet Protocol (communication protocol) data packets with firewall traversal information included in an Internet Protocol Authentication Header . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (acknowledgment message) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6202081B1 CLAIM 4 . The method of claim 1 wherein the first secure message is an open-transfer-window message and the second secure message is an open-transfer-window acknowledgment message (air interface) to from a firewall traversal protocol . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6363056B1 Filed: 1998-07-15 Issued: 2002-03-26 Low overhead continuous monitoring of network performance (Original Assignee) International Business Machines Corp (Current Assignee) International Business Machines Corp Mandis Sadr Mohammad Beigi, Raymond Byars Jennings, Dinesh Chandra Verma |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (next data packet) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (particular egress) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . US6363056B1 CLAIM 42 . A method for measuring network characteristics between a first and a second router in a network , the method comprising : configuring at least one ingress access point on the first router to generate a plurality of probe packets ; generating each of the probe packets based on the contents of a next data packet (original data, transmission channels, transmitting original data frames) passing through the ingress access point ; configuring at least one egress access point on the second router to detect the probe packet ; and correlating each of the probe packets received at the egress access point with each of the probe packets sent by the ingress access point to determine the network characteristics between the ingress and egress access points . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (network bandwidth, time interval) . |
US6363056B1 CLAIM 3 . A method as recited in claim 1 , wherein the preset criteria is such that a probe packet is generated after a specific time interval (time interval, data processing unit) has elapsed at the first ingress access point . US6363056B1 CLAIM 5 . A method as recited in claim 1 , wherein the network characteristics include network bandwidth (time interval, data processing unit) , and the step of correlating includes the step of comparing a count of probe packets sent by the ingress access point to a count of probe packets received by the egress access point . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (next data packet) frames . |
US6363056B1 CLAIM 42 . A method for measuring network characteristics between a first and a second router in a network , the method comprising : configuring at least one ingress access point on the first router to generate a plurality of probe packets ; generating each of the probe packets based on the contents of a next data packet (original data, transmission channels, transmitting original data frames) passing through the ingress access point ; configuring at least one egress access point on the second router to detect the probe packet ; and correlating each of the probe packets received at the egress access point with each of the probe packets sent by the ingress access point to determine the network characteristics between the ingress and egress access points . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (particular egress) received over all the wireless channels allocated to the wireless node . |
US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (next data packet) frames with the incoming data frames (particular egress) for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . US6363056B1 CLAIM 42 . A method for measuring network characteristics between a first and a second router in a network , the method comprising : configuring at least one ingress access point on the first router to generate a plurality of probe packets ; generating each of the probe packets based on the contents of a next data packet (original data, transmission channels, transmitting original data frames) passing through the ingress access point ; configuring at least one egress access point on the second router to detect the probe packet ; and correlating each of the probe packets received at the egress access point with each of the probe packets sent by the ingress access point to determine the network characteristics between the ingress and egress access points . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (next data packet) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames (particular egress) received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . US6363056B1 CLAIM 42 . A method for measuring network characteristics between a first and a second router in a network , the method comprising : configuring at least one ingress access point on the first router to generate a plurality of probe packets ; generating each of the probe packets based on the contents of a next data packet (original data, transmission channels, transmitting original data frames) passing through the ingress access point ; configuring at least one egress access point on the second router to detect the probe packet ; and correlating each of the probe packets received at the egress access point with each of the probe packets sent by the ingress access point to determine the network characteristics between the ingress and egress access points . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (next data packet) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (particular egress) from the incoming traffic ; and a data processing unit (network bandwidth, time interval) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6363056B1 CLAIM 3 . A method as recited in claim 1 , wherein the preset criteria is such that a probe packet is generated after a specific time interval (time interval, data processing unit) has elapsed at the first ingress access point . US6363056B1 CLAIM 5 . A method as recited in claim 1 , wherein the network characteristics include network bandwidth (time interval, data processing unit) , and the step of correlating includes the step of comparing a count of probe packets sent by the ingress access point to a count of probe packets received by the egress access point . US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . US6363056B1 CLAIM 42 . A method for measuring network characteristics between a first and a second router in a network , the method comprising : configuring at least one ingress access point on the first router to generate a plurality of probe packets ; generating each of the probe packets based on the contents of a next data packet (original data, transmission channels, transmitting original data frames) passing through the ingress access point ; configuring at least one egress access point on the second router to detect the probe packet ; and correlating each of the probe packets received at the egress access point with each of the probe packets sent by the ingress access point to determine the network characteristics between the ingress and egress access points . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (first packet) . |
US6363056B1 CLAIM 33 . A method for providing bandwidth accounting between a first and a second ISP access point in a network , the method comprising : configuring at least one ingress access point to have a first packet (communication protocol) count of ‘N-in’ ; said at least one ingress access point keeping track of a second packet count ‘N-out’ of packets sent into the network ; and generating a probe packet whenever ‘N-out’=‘N-in’ , wherein said probe packets being given a destination address of an Nth packet sent into the network , and being given a source address of an ingress router associated with the at least one ingress point . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (access points) . |
US6363056B1 CLAIM 1 . A method for determining network characteristics between a first and a second access point in a network , the method comprising : configuring the first access point as an ingress access point to generate a plurality of probe packets ; generating each of the probe packets based on contents of a data packet and on preset criteria ; configuring the second access point as an egress access point to detect the probe packets ; and correlating each of the probe packets received at the egress access point with one of the probe packets sent by the ingress access point to determine the network characteristics between the two access points (wireless network technology) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames (particular egress) received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (next data packet) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (particular egress) from the incoming traffic ; and a data processing unit (network bandwidth, time interval) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6363056B1 CLAIM 3 . A method as recited in claim 1 , wherein the preset criteria is such that a probe packet is generated after a specific time interval (time interval, data processing unit) has elapsed at the first ingress access point . US6363056B1 CLAIM 5 . A method as recited in claim 1 , wherein the network characteristics include network bandwidth (time interval, data processing unit) , and the step of correlating includes the step of comparing a count of probe packets sent by the ingress access point to a count of probe packets received by the egress access point . US6363056B1 CLAIM 15 . A method as recited in claims 13 , further comprising the step of determining network faults by comparing the expected number of probe packets at a particular egress (incoming data frames) access point to a number of probe packets actually received at the particular egress access point . US6363056B1 CLAIM 42 . A method for measuring network characteristics between a first and a second router in a network , the method comprising : configuring at least one ingress access point on the first router to generate a plurality of probe packets ; generating each of the probe packets based on the contents of a next data packet (original data, transmission channels, transmitting original data frames) passing through the ingress access point ; configuring at least one egress access point on the second router to detect the probe packet ; and correlating each of the probe packets received at the egress access point with each of the probe packets sent by the ingress access point to determine the network characteristics between the ingress and egress access points . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (access points) . |
US6363056B1 CLAIM 1 . A method for determining network characteristics between a first and a second access point in a network , the method comprising : configuring the first access point as an ingress access point to generate a plurality of probe packets ; generating each of the probe packets based on contents of a data packet and on preset criteria ; configuring the second access point as an egress access point to detect the probe packets ; and correlating each of the probe packets received at the egress access point with one of the probe packets sent by the ingress access point to determine the network characteristics between the two access points (wireless network technology) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6279113B1 Filed: 1998-06-04 Issued: 2001-08-21 Dynamic signature inspection-based network intrusion detection (Original Assignee) Internet Tools Inc (Current Assignee) CA Inc Vimal Vaidya |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (time interval) . |
US6279113B1 CLAIM 3 . The method of claim 2 wherein said generating step includes generating an additional attack signature profile configured to recognize an occurrence of a predetermined threshold number of events within a predetermined time interval (time interval) , said occurrence of said predetermined threshold number of events within said predetermined time interval constituting said network intrusion attempt . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6279113B1 CLAIM 13 . The system of claim 8 further comprising an intrusion detection (intrusion attack) alert mechanism in communicative contact with said processing means , said detection alert mechanism being configured to perform a predetermined act if said processing of said attack signature profile reveals a network intrusion , said predetermined act being one of alerting a network administrator , denying access to said network object , or tracing an application session associated with said network intrusion . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (intrusion detection) based on the impersonation detected signal . |
US6279113B1 CLAIM 13 . The system of claim 8 further comprising an intrusion detection (intrusion attack) alert mechanism in communicative contact with said processing means , said detection alert mechanism being configured to perform a predetermined act if said processing of said attack signature profile reveals a network intrusion , said predetermined act being one of alerting a network administrator , denying access to said network object , or tracing an application session associated with said network intrusion . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6557037B1 Filed: 1998-05-29 Issued: 2003-04-29 System and method for easing communications between devices connected respectively to public networks such as the internet and to private networks by facilitating resolution of human-readable addresses (Original Assignee) Sun Microsystems Inc (Current Assignee) Oracle America Inc Joseph E. Provino |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (response message) . |
US6557037B1 CLAIM 2 . A system as defined in claim 1 in which the external device is further configured to use the network address provided in the network address response message (communication protocol) in generating at least one message for transmission to the internal device . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (one device) . |
US6557037B1 CLAIM 4 . A system as defined in claim 3 in which the external device is configured to establish a communications session with the network service provider , the network service provider providing the external device with the identification of a further nameserver , the further nameserver being configured to provide an association between a secondary address and a network address for at least one device (wireless network technology) . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (one device) . |
US6557037B1 CLAIM 4 . A system as defined in claim 3 in which the external device is configured to establish a communications session with the network service provider , the network service provider providing the external device with the identification of a further nameserver , the further nameserver being configured to provide an association between a secondary address and a network address for at least one device (wireless network technology) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6275942B1 Filed: 1998-05-20 Issued: 2001-08-14 System, method and computer program product for automatic response to computer system misuse using active response modules (Original Assignee) Network Associates Inc (Current Assignee) Networks Associates Technology Inc ; McAfee LLC Thomas Bernhard, Terry Escamilla, William Leddy, Richard Letsinger, Crosby Marks, Steven E. Smaha, Steven R. Snapp |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (processing element) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (processing element) . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (processing element) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (processing element) . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (processing element) resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (processing element) is integrated within the wireless node . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (processing element) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (processing element) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (processing element) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6275942B1 CLAIM 8 . A system , comprising : a data processing element (intrusion detection module, impersonation detection signal) ; an intrusion detection system ; a plurality of pre-defined ARMs each having means for instructing said data processing element to perform an action in response to a command from said intrusion detection system ; means for activating a subset of said plurality of pre-defined ARMs for a misuse ; wherein said intrusion detection system comprises : means for detecting said misuse ; means for identifying said subset activated for said misuse ; and means for invoking said subset to thereby respond to said misuse . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5982281A Filed: 1998-05-02 Issued: 1999-11-09 Offender and victim collision avoidance and advanced warning system (Original Assignee) Pro Tech Monitoring Inc (Current Assignee) 3M Attenti Ltd Hoyt M. Layson, Jr. |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node (wireless communication, digital wireless) of a wireless communication (wireless communication, digital wireless) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (data fusion) frames transmitted by the wireless node over a wireless interface (wireless communication, digital wireless) ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . US5982281A CLAIM 9 . The warning system according to claim 8 wherein the offender' ; s portable tracking device additionally includes a memory card and a processor for use with algorithms to (1) compare the current location of the offender' ; s portable tracking device to a schedule of rules and location constraints stored in the memory card to determine if a static violation has occurred , (2) perform location data fusion (original data) processing by comparing the current location of the offender' ; s portable tracking device against the location of the associated portable tracking device to determine if a dynamic violation has occurred , (3) generate instructional commands to an offender , (4) generate warning information messages to a victim , (5) generate notification messages to a supervising agency , law enforcement agency and a central data base system , (6) determine when the location and status message of the offender' ; s portable tracking device is required to be sent , (7) determine when the location and status message of the associated portable tracking device is past due and (8) provide assured delivery of messages to offenders , victims , supervising agencies , law enforcement agencies , and central data base system . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node (wireless communication, digital wireless) and the intrusion detection module . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (data fusion) frames . |
US5982281A CLAIM 9 . The warning system according to claim 8 wherein the offender' ; s portable tracking device additionally includes a memory card and a processor for use with algorithms to (1) compare the current location of the offender' ; s portable tracking device to a schedule of rules and location constraints stored in the memory card to determine if a static violation has occurred , (2) perform location data fusion (original data) processing by comparing the current location of the offender' ; s portable tracking device against the location of the associated portable tracking device to determine if a dynamic violation has occurred , (3) generate instructional commands to an offender , (4) generate warning information messages to a victim , (5) generate notification messages to a supervising agency , law enforcement agency and a central data base system , (6) determine when the location and status message of the offender' ; s portable tracking device is required to be sent , (7) determine when the location and status message of the associated portable tracking device is past due and (8) provide assured delivery of messages to offenders , victims , supervising agencies , law enforcement agencies , and central data base system . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels (wireless communication, digital wireless) allocated to the wireless node (wireless communication, digital wireless) and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (data fusion) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5982281A CLAIM 9 . The warning system according to claim 8 wherein the offender' ; s portable tracking device additionally includes a memory card and a processor for use with algorithms to (1) compare the current location of the offender' ; s portable tracking device to a schedule of rules and location constraints stored in the memory card to determine if a static violation has occurred , (2) perform location data fusion (original data) processing by comparing the current location of the offender' ; s portable tracking device against the location of the associated portable tracking device to determine if a dynamic violation has occurred , (3) generate instructional commands to an offender , (4) generate warning information messages to a victim , (5) generate notification messages to a supervising agency , law enforcement agency and a central data base system , (6) determine when the location and status message of the offender' ; s portable tracking device is required to be sent , (7) determine when the location and status message of the associated portable tracking device is past due and (8) provide assured delivery of messages to offenders , victims , supervising agencies , law enforcement agencies , and central data base system . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node (wireless communication, digital wireless) of a wireless communication (wireless communication, digital wireless) network , the node for transmitting original data (data fusion) frames over a wireless interface (wireless communication, digital wireless) comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . US5982281A CLAIM 9 . The warning system according to claim 8 wherein the offender' ; s portable tracking device additionally includes a memory card and a processor for use with algorithms to (1) compare the current location of the offender' ; s portable tracking device to a schedule of rules and location constraints stored in the memory card to determine if a static violation has occurred , (2) perform location data fusion (original data) processing by comparing the current location of the offender' ; s portable tracking device against the location of the associated portable tracking device to determine if a dynamic violation has occurred , (3) generate instructional commands to an offender , (4) generate warning information messages to a victim , (5) generate notification messages to a supervising agency , law enforcement agency and a central data base system , (6) determine when the location and status message of the offender' ; s portable tracking device is required to be sent , (7) determine when the location and status message of the associated portable tracking device is past due and (8) provide assured delivery of messages to offenders , victims , supervising agencies , law enforcement agencies , and central data base system . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node (wireless communication, digital wireless) ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (Global Positioning) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning (data processing unit) System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node (wireless communication, digital wireless) : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node (wireless communication, digital wireless) . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 CLAIM 17 . A wireless node (wireless communication, digital wireless) for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface (wireless communication, digital wireless) ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 CLAIM 18 . The wireless node (wireless communication, digital wireless) of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (Global Positioning) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5982281A CLAIM 1 . An offender and victim collision avoidance and advanced warning system employing an offender' ; s portable tracking apparatus responsive to a message from a wireless communication (wireless communication, wireless node, wireless interface, wireless channels) system for determining its own spatial coordinates from a Global Positioning (data processing unit) System and communicating with an offender' ; s body worn device and a central data base , the advanced warning system additionally comprising : (a) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a victim' ; s portable tracking apparatus while communicating with the central data base ; (b) means in the offender' ; s portable tracking apparatus to communicate simultaneously with a law enforcement entity and the offender' ; s supervisory authority while communicating with the central data base ; and (c) means in the offender' ; s portable tracking apparatus for confirming delivery of communications among the offender , the victim , the central data base , the law enforcement entity and the offender' ; s supervisory authority . US5982281A CLAIM 2 . The warning system according to claim 1 wherein the means to communicate in (a) and (b) is connectionless oriented analog or digital wireless (wireless communication, wireless node, wireless interface, wireless channels) signal . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6167052A Filed: 1998-04-27 Issued: 2000-12-26 Establishing connectivity in networks (Original Assignee) VPNX com Inc (Current Assignee) INTERNAP Corp Thomas G. McNeill, Joseph J. Ekstrom, Stephen S. Moss |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (computer instructions) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6167052A CLAIM 2 . A computer readable medium comprising one or more computer instructions (first receiving) which are to implement the method of claim 1 as they are executed by the computer system . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (computer instructions) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6167052A CLAIM 2 . A computer readable medium comprising one or more computer instructions (first receiving) which are to implement the method of claim 1 as they are executed by the computer system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6226751B1 Filed: 1998-04-17 Issued: 2001-05-01 Method and apparatus for configuring a virtual private network (Original Assignee) VPNet Technologies Inc (Current Assignee) Avaya Inc ; VPNet Technologies Inc Leslie J. Arrow, Henk J. Bots, Mark R. Hoke, William E. Hunt, Russell C. Jones, Quentin C. Liu |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US6226751B1 CLAIM 6 . The method of claim 1 , wherein the address translation rules facilitate communicating with multiple entities through a single Internet Protocol (communication protocol) (IP) address . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6246687B1 Filed: 1998-03-27 Issued: 2001-06-12 Network switching system supporting guaranteed data rates (Original Assignee) Massachusetts Institute of Technology (Current Assignee) Massachusetts Institute of Technology Kai-Yeung S. Siu |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (round robin) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (FIFO buffer) . |
US6246687B1 CLAIM 3 . A method as claimed in claim 2 wherein buffer space is allocated by : for each incoming cell stored in the FIFO buffer (time interval) , identifying a virtual connection and incrementing a cell count for that virtual connection ; decrementing virtual connection cell counts with outgoing cells independent of the actual virtual connection with which each outgoing cell is associated , individual virtual connection cell counts being decrementable to negative values ; and blocking from storage in the buffer incoming cells associated with a virtual connection having a cell count above a connection threshold . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (round robin) frames received over all the wireless channels allocated to the wireless node . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (round robin) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (round robin) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (round robin) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (transferring data) . |
US6246687B1 CLAIM 9 . The method of claim 8 wherein there is one queue per virtual connection and buffer space is allocated by transferring data (communication protocol) from a queue in order to free buffer space in the queue . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (round robin) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (round robin) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6246687B1 CLAIM 6 . A method as claimed in claim 5 wherein the fairness algorithm decrements virtual connection cell counts on a round robin (incoming data, incoming data frames) basis . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6182226B1 Filed: 1998-03-18 Issued: 2001-01-30 System and method for controlling interactions between networks (Original Assignee) Secure Computing LLC (Current Assignee) McAfee LLC Irving Reid, Spencer Minear |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (transferring data) . |
US6182226B1 CLAIM 28 . In a computer network system having a plurality of regions and a plurality of services , including a first service , wherein each service defines a protocol for transferring data (communication protocol) between two of the plurality of regions , and wherein each region includes one or more networks , a method of limiting transfers between regions , comprising : defining a to-from set , wherein the to-from set lists a source region and a destination region ; associating the to-from set with the first service ; defining a path , wherein the path includes desired options for limiting transfer from the source region to the destination region via the first service ; storing information regarding the to-from set , the first service and the path as an access control rule ; receiving a request to set up said first service between the source region and the destination region ; comparing the request to the access control rule to determine access ; and if access is allowed , establishing the service between the source and destination regions . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6321336B1 Filed: 1998-03-13 Issued: 2001-11-20 System and method for redirecting network traffic to provide secure communication (Original Assignee) Secure Computing LLC (Current Assignee) McAfee LLC John Applegate, Jeff Romatoski |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (external network) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6321336B1 CLAIM 1 . A method of securing communication between an external network (intrusion detection module incoming data frames) and a processor operating on an internal network , the method comprising the steps of : receiving a communication from an internal network host , the communication including a first destination address ; creating a session control block and storing therein the first destination address ; replacing the first destination address with a second destination address identifying a location of a communication security firewall ; routing the communication to the security firewall through a stack after the first destination address is replaced with the second destination address ; performing a security check to determine if the communication is authorized ; accessing the session control block to retrieve the first destination address ; replacing the second destination address with the first destination address if the communication is authorized ; if authorized , routing the communication to the processor operating on the external network ; and associating communication from an external host directed at the security firewall to the internal network host . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6263444B1 Filed: 1998-03-05 Issued: 2001-07-17 Network unauthorized access analysis method, network unauthorized access analysis apparatus utilizing the method, and computer-readable recording medium having network unauthorized access analysis program recorded thereon (Original Assignee) National Aerospace Laboratory of Japan; Japan Science and Technology Corp (Current Assignee) Japan Science and Technology Agency ; Japan Aerospace Exploration Agency Naoyuki Fujita |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (controlling section) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6263444B1 CLAIM 13 . The network unauthorized access analysis apparatus according to claim 9 , wherein the data collecting section includes : a data collection processing section which captures the packet and applies data processing thereon for supplying to the data creating section ; and a data collection controlling section (original data frames) for controlling the data collection processing of the data collection processing section . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (filtering process) . |
US6263444B1 CLAIM 4 . The network unauthorized access analysis method according to claim 2 , wherein the data creating step includes : a filtering process (time interval) ing step for executing a layer-structured filtering and a reassemblage processing step for executing a layer-structured reassemblage . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (controlling section) . |
US6263444B1 CLAIM 13 . The network unauthorized access analysis apparatus according to claim 9 , wherein the data collecting section includes : a data collection processing section which captures the packet and applies data processing thereon for supplying to the data creating section ; and a data collection controlling section (original data frames) for controlling the data collection processing of the data collection processing section . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (controlling section) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6263444B1 CLAIM 13 . The network unauthorized access analysis apparatus according to claim 9 , wherein the data collecting section includes : a data collection processing section which captures the packet and applies data processing thereon for supplying to the data creating section ; and a data collection controlling section (original data frames) for controlling the data collection processing of the data collection processing section . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (controlling section) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6263444B1 CLAIM 13 . The network unauthorized access analysis apparatus according to claim 9 , wherein the data collecting section includes : a data collection processing section which captures the packet and applies data processing thereon for supplying to the data creating section ; and a data collection controlling section (original data frames) for controlling the data collection processing of the data collection processing section . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (readable recording medium) . |
US6263444B1 CLAIM 17 . A computer-readable recording medium (communication protocol) having a program recorded thereon for causing a computer to execute : a data collecting procedure for capturing a packet transmitted on a network so constructed as to perform communication between information communication stations by using a layered protocol ; a data creating procedure for setting parameters of layered modules according to a layered protocol based on information specified by a previously-read configuration file and filtering the packet obtained from the data collecting procedure by using the layered modules to reassemble the fragmented data which is the packet into a layer previously selected from any one of the layers used in the layered protocol in order to create analysis data ; and a data analyzing procedure for judging whether an unauthorized access is generated in the analysis data obtained from the data creating procedure based on the content specified by the previously-read configuration file . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6353614B1 Filed: 1998-03-05 Issued: 2002-03-05 Method and protocol for distributed network address translation (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Development Co LP Michael S. Borella, David Grabelsky, Ikhlaq Sidhu, Brian D. Petry |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (first layer) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6353614B1 CLAIM 20 . A method of distributed network address translation , comprising the following steps : replacing one or more local ports in a layered protocol stack on a first network device on a first network with one or more globally unique ports , wherein the one or more globally unique ports are obtained with a port allocation protocol from a second network device on the first network ; sending data packet requests for a third network device on a second external network from a first layer (original data) in the layered protocol stack on the first network device wherein , the data packet requests include a globally unique port and a common external network address in a combination network address , wherein the common external network address identifies network devices on the first network to the external second network ; receiving responses to the data packet requests in the first layer in the layered protocol stack on the first network device from the third network device on the external second network with the common external network address and the globally unique port . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (first layer) frames . |
US6353614B1 CLAIM 20 . A method of distributed network address translation , comprising the following steps : replacing one or more local ports in a layered protocol stack on a first network device on a first network with one or more globally unique ports , wherein the one or more globally unique ports are obtained with a port allocation protocol from a second network device on the first network ; sending data packet requests for a third network device on a second external network from a first layer (original data) in the layered protocol stack on the first network device wherein , the data packet requests include a globally unique port and a common external network address in a combination network address , wherein the common external network address identifies network devices on the first network to the external second network ; receiving responses to the data packet requests in the first layer in the layered protocol stack on the first network device from the third network device on the external second network with the common external network address and the globally unique port . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (first layer) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6353614B1 CLAIM 20 . A method of distributed network address translation , comprising the following steps : replacing one or more local ports in a layered protocol stack on a first network device on a first network with one or more globally unique ports , wherein the one or more globally unique ports are obtained with a port allocation protocol from a second network device on the first network ; sending data packet requests for a third network device on a second external network from a first layer (original data) in the layered protocol stack on the first network device wherein , the data packet requests include a globally unique port and a common external network address in a combination network address , wherein the common external network address identifies network devices on the first network to the external second network ; receiving responses to the data packet requests in the first layer in the layered protocol stack on the first network device from the third network device on the external second network with the common external network address and the globally unique port . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (first layer) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6353614B1 CLAIM 20 . A method of distributed network address translation , comprising the following steps : replacing one or more local ports in a layered protocol stack on a first network device on a first network with one or more globally unique ports , wherein the one or more globally unique ports are obtained with a port allocation protocol from a second network device on the first network ; sending data packet requests for a third network device on a second external network from a first layer (original data) in the layered protocol stack on the first network device wherein , the data packet requests include a globally unique port and a common external network address in a combination network address , wherein the common external network address identifies network devices on the first network to the external second network ; receiving responses to the data packet requests in the first layer in the layered protocol stack on the first network device from the third network device on the external second network with the common external network address and the globally unique port . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (response message) . |
US6353614B1 CLAIM 1 . A computer readable medium having stored therein a set of routines for implementing a port allocation protocol , said protocol allowing a plurality of first network devices on a first network to use globally unique ports in combination with a common external network address to communicate with a plurality of second network devices on a second external network without network address translation , said set of routines implementing said protocol including a plurality of protocol messages and combination network addresses as data bits , the computer readable medium comprising : a port allocation protocol request message , for requesting allocation of a plurality of globally unique port numbers for a network device ; a port allocation protocol response message (communication protocol) , for receiving the plurality of globally unique port numbers for the network device ; a port allocation protocol invalidate message , for de-allocating the plurality of globally unique port numbers allocated to the network device ; and a plurality of combination network addresses , having a globally unique port allocated by the port allocation protocol request message and a common external network address to identify a first network to a second external network , and allowing a plurality of first network devices on the first network to communicate with the plurality of second network devices on the second external network without network address translation . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6178505B1 Filed: 1998-03-04 Issued: 2001-01-23 Secure delivery of information in a network (Original Assignee) Internet Dynamics Inc (Current Assignee) Dropbox Inc David S. Schneider, Laurence R. Lipstone, Daniel Jensen, Michael B. Ribet |
---|---|
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (more link) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6178505B1 CLAIM 9 . The apparatus set forth in claim 8 wherein : the path is made up of one or more link (air interface) s ; the access control information further includes a link trust level associated with each link ; and the path trust level is the link trust level of the link with the least sufficient trust level . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (more link) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6178505B1 CLAIM 9 . The apparatus set forth in claim 8 wherein : the path is made up of one or more link (air interface) s ; the access control information further includes a link trust level associated with each link ; and the path trust level is the link trust level of the link with the least sufficient trust level . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6252883B1 Filed: 1998-02-27 Issued: 2001-06-26 Home and personal data services overlay communications system (Original Assignee) ALOHA Networks Inc (Current Assignee) SUMMIT WIRELESS LLC ; ALOHA Networks Inc Russell L. Schweickart, Norman Abramson |
---|---|
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (communication link) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6252883B1 CLAIM 1 . A two-way home and personal data services overlay telecommunication system comprising : a data communication service having at least one data device for transmitting and receiving data packets using a wide band connectionless data protocol and identical spreading codes , a network hub having an antenna for receiving multiplexed data packet transmissions from the at least one data device , the network hub further having a demodulator/modulator for converting the multiplexed data packets into addressed data packets , a data packet system for directing the addressed data packets to a main user or placing the addressed packets on Internet , a communication link (air interface) between the network hub and the data packet system , and a plurality of communication links between the data packet system and main users , wherein the at least one data device has an address which is added to transmitted data packets and which is recognized by the data device when included in data packets broadcast from the network hub , and whereby recognition of the address prompts the data device to demodulate the broadcast data packets to digital information . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (packet transmission) . |
US6252883B1 CLAIM 1 . A two-way home and personal data services overlay telecommunication system comprising : a data communication service having at least one data device for transmitting and receiving data packets using a wide band connectionless data protocol and identical spreading codes , a network hub having an antenna for receiving multiplexed data packet transmission (communication protocol) s from the at least one data device , the network hub further having a demodulator/modulator for converting the multiplexed data packets into addressed data packets , a data packet system for directing the addressed data packets to a main user or placing the addressed packets on Internet , a communication link between the network hub and the data packet system , and a plurality of communication links between the data packet system and main users , wherein the at least one data device has an address which is added to transmitted data packets and which is recognized by the data device when included in data packets broadcast from the network hub , and whereby recognition of the address prompts the data device to demodulate the broadcast data packets to digital information . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (transmitted data) . |
US6252883B1 CLAIM 1 . A two-way home and personal data services overlay telecommunication system comprising : a data communication service having at least one data device for transmitting and receiving data packets using a wide band connectionless data protocol and identical spreading codes , a network hub having an antenna for receiving multiplexed data packet transmissions from the at least one data device , the network hub further having a demodulator/modulator for converting the multiplexed data packets into addressed data packets , a data packet system for directing the addressed data packets to a main user or placing the addressed packets on Internet , a communication link between the network hub and the data packet system , and a plurality of communication links between the data packet system and main users , wherein the at least one data device has an address which is added to transmitted data (wireless network technology) packets and which is recognized by the data device when included in data packets broadcast from the network hub , and whereby recognition of the address prompts the data device to demodulate the broadcast data packets to digital information . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (communication link) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6252883B1 CLAIM 1 . A two-way home and personal data services overlay telecommunication system comprising : a data communication service having at least one data device for transmitting and receiving data packets using a wide band connectionless data protocol and identical spreading codes , a network hub having an antenna for receiving multiplexed data packet transmissions from the at least one data device , the network hub further having a demodulator/modulator for converting the multiplexed data packets into addressed data packets , a data packet system for directing the addressed data packets to a main user or placing the addressed packets on Internet , a communication link (air interface) between the network hub and the data packet system , and a plurality of communication links between the data packet system and main users , wherein the at least one data device has an address which is added to transmitted data packets and which is recognized by the data device when included in data packets broadcast from the network hub , and whereby recognition of the address prompts the data device to demodulate the broadcast data packets to digital information . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (transmitted data) . |
US6252883B1 CLAIM 1 . A two-way home and personal data services overlay telecommunication system comprising : a data communication service having at least one data device for transmitting and receiving data packets using a wide band connectionless data protocol and identical spreading codes , a network hub having an antenna for receiving multiplexed data packet transmissions from the at least one data device , the network hub further having a demodulator/modulator for converting the multiplexed data packets into addressed data packets , a data packet system for directing the addressed data packets to a main user or placing the addressed packets on Internet , a communication link between the network hub and the data packet system , and a plurality of communication links between the data packet system and main users , wherein the at least one data device has an address which is added to transmitted data (wireless network technology) packets and which is recognized by the data device when included in data packets broadcast from the network hub , and whereby recognition of the address prompts the data device to demodulate the broadcast data packets to digital information . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6205551B1 Filed: 1998-01-29 Issued: 2001-03-20 Computer security using virus probing (Original Assignee) Nokia of America Corp (Current Assignee) Nokia of America Corp ; Provenance Asset Group LLC ; Nokia USA Inc Eric Grosse |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (one packet) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6205551B1 CLAIM 15 . A method for use in a firewall which provides security between a private network and a public network , the method comprising the steps of : monitoring a communications traffic stream transmitted between the private network and the public network , the communications traffic stream including a plurality of packets ; inserting a probe into at least one packet (transmission channels) of the plurality of packets ; determining whether the probe is executed in the private network ; and in response to the execution of the probe , identifying a location within the private network where the execution of the probe occurred . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (one packet) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6205551B1 CLAIM 15 . A method for use in a firewall which provides security between a private network and a public network , the method comprising the steps of : monitoring a communications traffic stream transmitted between the private network and the public network , the communications traffic stream including a plurality of packets ; inserting a probe into at least one packet (transmission channels) of the plurality of packets ; determining whether the probe is executed in the private network ; and in response to the execution of the probe , identifying a location within the private network where the execution of the probe occurred . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | WO9833340A2 Filed: 1998-01-07 Issued: 1998-07-30 Detection of fraudulently registered mobile phones (Original Assignee) At & T Wireless Services, Inc. Umesh J. Amin, Lorin B. Rowe, Russell John Waughman |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (time period) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (time period) . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (time period) comprises frames that allow statistical comparisons . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (time period) transmitted over a time interval . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (time period) . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (time period) received over all the wireless channels allocated to the wireless node . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (time period) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (time period) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (time period) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
WO9833340A2 CLAIM 2 . The method according to claim 1 , further comprising the steps of : identifying a switch in the wireless network (wireless network) where the mobile station is registered ; determining the constant registration period associated with the switch , the constant registration period defining the expected time period between successive registrations by the mobile station to the switch ; and comparing the actual elapsed time period between successive registrations associated with the unique identifier of the mobile station to the constant registration period associated with the switch to determine whether the actual elapsed time period is substantially non-periodic . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (wireless network) comprising : means for transmitting outgoing data frames (time period) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . WO9833340A2 CLAIM 2 . The method according to claim 1 , further comprising the steps of : identifying a switch in the wireless network (wireless network) where the mobile station is registered ; determining the constant registration period associated with the switch , the constant registration period defining the expected time period between successive registrations by the mobile station to the switch ; and comparing the actual elapsed time period between successive registrations associated with the unique identifier of the mobile station to the constant registration period associated with the switch to determine whether the actual elapsed time period is substantially non-periodic . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (time period) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
WO9833340A2 CLAIM 1 . A method of detecting fraudulent use of a mobile station in a wireless telecommunications network , the mobile station having a unique identifier associated therewith , the method comprising the steps of : determining the actual elapsed time period (data frames) between successive registrations associated with the unique identifier of the mobile station ; and detecting a suspected fraudulent event when the actual elapsed time period between successive registrations is substantially non-periodic . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (wireless network) operates according to any wireless network technology . |
WO9833340A2 CLAIM 2 . The method according to claim 1 , further comprising the steps of : identifying a switch in the wireless network (wireless network) where the mobile station is registered ; determining the constant registration period associated with the switch , the constant registration period defining the expected time period between successive registrations by the mobile station to the switch ; and comparing the actual elapsed time period between successive registrations associated with the unique identifier of the mobile station to the constant registration period associated with the switch to determine whether the actual elapsed time period is substantially non-periodic . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6230002B1 Filed: 1997-11-19 Issued: 2001-05-08 Method, and associated apparatus, for selectively permitting access by a mobile terminal to a packet data network (Original Assignee) Telefonaktiebolaget LM Ericsson AB (Current Assignee) Telefonaktiebolaget LM Ericsson AB Anders Flodén, John Darroch, Lena Johansson, Berndt Ove Johannsen |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (coupled thereto) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6230002B1 CLAIM 1 . In a communication system having a wireless network and a packet data network coupled thereto (original data) , the packet data network including a host site and permitting selective access thereto , the wireless network permitting radio communications with a mobile terminal , an improvement of an assembly for selectively permitting access by the mobile terminal to the packet data network , thereby to permit communications between the mobile terminal and the host site , said assembly comprising : a processing device releasably coupled to , and carried by , the mobile terminal , said processing device having a password-generation algorithm executable thereon , said processing device for generating a password when the password-generation algorithm is executed ; and an authentication server coupled to the packet data network and forming a portion thereof , said authentication server for receiving the password generated responsive to execution of the password-generation algorithm , said authentication server for authenticating the mobile terminal responsive to values of the password generated by said processing device and received at said authentication server , the mobile terminal permitted to communicate with the host site when the password is authenticated by said authentication server . US6230002B1 CLAIM 21 . A method for selectively permitting access by a wireless communication (wireless communication) station that includes a wireless host and a mobile terminal to a host site of a packet data network , the packet data network coupled to a wireless network , the wireless network permitting radio communications with the wireless communication station via the mobile terminal , said method comprising the steps of : generating electronically a password at a processing device releasably coupled to the mobile terminal ; providing the password from the processing device to the mobile terminal ; providing the password from the mobile terminal to the wireless host ; requesting the password from the wireless communications station by an authentication server via a first wireline link ; forwarding the password from the wireless host to the authentication server via the first wireline link or a second wireline link ; authenticating the wireless communication station responsive to at least one value of the password forwarded to the authentication server ; and permitting the wireless communication station to communicate with the host site if the password is authenticated during said step of authenticating . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (coupled thereto) frames . |
US6230002B1 CLAIM 1 . In a communication system having a wireless network and a packet data network coupled thereto (original data) , the packet data network including a host site and permitting selective access thereto , the wireless network permitting radio communications with a mobile terminal , an improvement of an assembly for selectively permitting access by the mobile terminal to the packet data network , thereby to permit communications between the mobile terminal and the host site , said assembly comprising : a processing device releasably coupled to , and carried by , the mobile terminal , said processing device having a password-generation algorithm executable thereon , said processing device for generating a password when the password-generation algorithm is executed ; and an authentication server coupled to the packet data network and forming a portion thereof , said authentication server for receiving the password generated responsive to execution of the password-generation algorithm , said authentication server for authenticating the mobile terminal responsive to values of the password generated by said processing device and received at said authentication server , the mobile terminal permitted to communicate with the host site when the password is authenticated by said authentication server . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (coupled thereto) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6230002B1 CLAIM 1 . In a communication system having a wireless network and a packet data network coupled thereto (original data) , the packet data network including a host site and permitting selective access thereto , the wireless network permitting radio communications with a mobile terminal , an improvement of an assembly for selectively permitting access by the mobile terminal to the packet data network , thereby to permit communications between the mobile terminal and the host site , said assembly comprising : a processing device releasably coupled to , and carried by , the mobile terminal , said processing device having a password-generation algorithm executable thereon , said processing device for generating a password when the password-generation algorithm is executed ; and an authentication server coupled to the packet data network and forming a portion thereof , said authentication server for receiving the password generated responsive to execution of the password-generation algorithm , said authentication server for authenticating the mobile terminal responsive to values of the password generated by said processing device and received at said authentication server , the mobile terminal permitted to communicate with the host site when the password is authenticated by said authentication server . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data (coupled thereto) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6230002B1 CLAIM 1 . In a communication system having a wireless network and a packet data network coupled thereto (original data) , the packet data network including a host site and permitting selective access thereto , the wireless network permitting radio communications with a mobile terminal , an improvement of an assembly for selectively permitting access by the mobile terminal to the packet data network , thereby to permit communications between the mobile terminal and the host site , said assembly comprising : a processing device releasably coupled to , and carried by , the mobile terminal , said processing device having a password-generation algorithm executable thereon , said processing device for generating a password when the password-generation algorithm is executed ; and an authentication server coupled to the packet data network and forming a portion thereof , said authentication server for receiving the password generated responsive to execution of the password-generation algorithm , said authentication server for authenticating the mobile terminal responsive to values of the password generated by said processing device and received at said authentication server , the mobile terminal permitted to communicate with the host site when the password is authenticated by said authentication server . US6230002B1 CLAIM 21 . A method for selectively permitting access by a wireless communication (wireless communication) station that includes a wireless host and a mobile terminal to a host site of a packet data network , the packet data network coupled to a wireless network , the wireless network permitting radio communications with the wireless communication station via the mobile terminal , said method comprising the steps of : generating electronically a password at a processing device releasably coupled to the mobile terminal ; providing the password from the processing device to the mobile terminal ; providing the password from the mobile terminal to the wireless host ; requesting the password from the wireless communications station by an authentication server via a first wireline link ; forwarding the password from the wireless host to the authentication server via the first wireline link or a second wireline link ; authenticating the wireless communication station responsive to at least one value of the password forwarded to the authentication server ; and permitting the wireless communication station to communicate with the host site if the password is authenticated during said step of authenticating . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6078269A Filed: 1997-11-10 Issued: 2000-06-20 Battery-powered, RF-interconnected detector sensor system (Original Assignee) Safenight Tech Inc (Current Assignee) Google LLC Scott Markwell, David L. Hanning, Alan Fox, Bill Evans, Jack Ellis, Richard Goldblatt, Bob Matson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (signal transmission) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (motion sensor) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6078269A CLAIM 7 . The system according to claim 3 , wherein for each said detector in said alarm mode , said receiver is continuously activated and periodically sampled after an initial transmission in said mode , to receive signal transmission (wireless communication network) s from said other detectors . US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (motion sensor) . |
US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (time interval) . |
US6078269A CLAIM 1 . A wireless , battery-operated detection system of a plurality of RF-interconnected detectors operable over a CSMA-type network and intended to detect the occurrence of a local phenomena and transmit at least one signal to at least one other detector to remotely sound an alarm , each said detector operable in a plurality of modes including standby , alarm , test , reset , auxiliary and wait , each said detector comprising a sensor for sensing said local phenomena , a transmitter for transmitting amplitude modulated RF messages indicative of said phenomena , a receiver for receiving said RF messages , alarm means for sounding said audible alarm indicative of said phenomena and mode , and a controller operable to control the mode of operation of each said detector , each said controller operable to control all said detectors in said system in response to a stimulus and for controlling multiple and conflicting signals transmitted among said detectors , said controller including prioritization means for determining the relative priority of said received RF signals and stimuli indicative of a particular condition to enable the appropriate mode of operation ; timer means responsive to said detector operating mode for enabling said transmitter to transmit RF messages immediately after said receiver is sensed and no longer detects incoming message activity , wherein said receiver is sensed at a randomized time interval (time interval) to reduce the probability of multiple simultaneous transmissions . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (signal transmission) , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (motion sensor) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6078269A CLAIM 7 . The system according to claim 3 , wherein for each said detector in said alarm mode , said receiver is continuously activated and periodically sampled after an initial transmission in said mode , to receive signal transmission (wireless communication network) s from said other detectors . US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (motion sensor) comprises : a first receiving (data check) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6078269A CLAIM 10 . The system according to claim 2 , wherein each said transmitter includes coding means responsive to said controller for coding said transmitted RF signals to include a message type , system identification and fixed pattern indicative of said current mode of said transmitting detector ; wherein each said receiver includes decoding means responsive to said controller and transmitter and operable to receive said RF signals over a decode said RF signals and data check (first receiving) ing means responsive to said decoding means for determining the validity of said received RF signals , wherein said message type selected from the list comprising RESET , ALARM , AUX2 , AUX3 , TEST message types . US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (motion sensor) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (motion sensor) resides away from the wireless node : a transmitting unit (receiving means, emitting diode) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . US6078269A CLAIM 15 . The system according to claim 11 , each said sensing device further including an at least one light emitting diode (transmitting unit) (LED) responsive to said controller means for emitting a light pattern indicative of said phenomena detected . US6078269A CLAIM 18 . The system according to claim 11 , wherein each said transmitter means of each sensing device in said system is inactive until said corresponding receiving means (transmitting unit) fails to detect RF message activity during a predetermined interval , and wherein said duration of each said RF transmission is substantially twenty-four seconds . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (motion sensor) is integrated within the wireless node . |
US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network operates according to any wireless network technology (transmitted data) . |
US6078269A CLAIM 20 . The system according to claim 19 , wherein said receiving means is operable to decode said RF transmitted data (wireless network technology) only during the latter half of said temporal interval in which said receiver means is enabled . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (motion sensor) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (motion sensor) comprises : a first receiving (data check) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6078269A CLAIM 10 . The system according to claim 2 , wherein each said transmitter includes coding means responsive to said controller for coding said transmitted RF signals to include a message type , system identification and fixed pattern indicative of said current mode of said transmitting detector ; wherein each said receiver includes decoding means responsive to said controller and transmitter and operable to receive said RF signals over a decode said RF signals and data check (first receiving) ing means responsive to said decoding means for determining the validity of said received RF signals , wherein said message type selected from the list comprising RESET , ALARM , AUX2 , AUX3 , TEST message types . US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (motion sensor) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US6078269A CLAIM 13 . The system according to claim 11 , wherein said plurality of sensing devices comprise first type smoke sensors having sensor means for detecting smoke , second type carbon-monoxide sensors having sensor means for detecting gas , and third type motion sensor (intrusion detection module) s having sensor means for detecting movement , wherein each said type of sensing device has corresponding sensor means uniquely associated with one of said emergency priority conditions , wherein said transmitter means is operable to transmit said RF encoded signal indicative of said emergency priority condition associated with said sensor means type in response to said sensor means detecting said local phenomena . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network operates according to any wireless network technology (transmitted data) . |
US6078269A CLAIM 20 . The system according to claim 19 , wherein said receiving means is operable to decode said RF transmitted data (wireless network technology) only during the latter half of said temporal interval in which said receiver means is enabled . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6115376A Filed: 1997-10-29 Issued: 2000-09-05 Medium access control address authentication (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP W. Paul Sherer, Danny M. Nessett |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (non-volatile memory) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (other port) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6115376A CLAIM 15 . The method of claim 14 , wherein the step of storing includes storing the authentication key in a non-volatile memory (wireless communication network) on the network adapter . US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (other port) frames received over all the wireless channels allocated to the wireless node . |
US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (other port) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (non-volatile memory) , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (other port) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6115376A CLAIM 15 . The method of claim 14 , wherein the step of storing includes storing the authentication key in a non-volatile memory (wireless communication network) on the network adapter . US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (other port) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (other port) . |
US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (other port) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (other port) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6115376A CLAIM 28 . The network device of claim 20 , including resources to repeat the packet on at least one other port (incoming data, incoming data frames, communication protocol) in the plurality of ports if the packet is accepted . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6298250B1 Filed: 1997-10-21 Issued: 2001-10-02 Wireless prepaid telephone system with extended capability (Original Assignee) BETTINA JEAN THOMPSON; KUYPER REENA (ONE-EIGHTH INTEREST) (Current Assignee) Dot 23 Technologies LLC Byard G. Nilsson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6298250B1 CLAIM 1 . A wireless telephone instrument for prepaid use with an approving central station to communicate with remote stations through a public switched telephone network , consisting of : a housing defining an interior space ; an earphone fixed to said housing for providing voice sounds from audio signals ; a microphone fixed to said housing for providing audio signals representative of voice sounds ; a signal device for commanding attention to said instrument ; a transceiver fixed to said housing and connected to , said earphone , said microphone and said signal device for wireless communication (wireless communication) with said approving central station and selected ones of said remote stations ; and a control unit fixed to said housing including a switch and a memory for storing instrument data on said wireless telephone instrument , said control unit operating to control data flow from said memory for transmission by said transceiver on activation of said switch for an outgoing call to initiate vocal communication with said central station , said control unit further activating said signal device on the occurrence of an incoming call . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6298250B1 CLAIM 1 . A wireless telephone instrument for prepaid use with an approving central station to communicate with remote stations through a public switched telephone network , consisting of : a housing defining an interior space ; an earphone fixed to said housing for providing voice sounds from audio signals ; a microphone fixed to said housing for providing audio signals representative of voice sounds ; a signal device for commanding attention to said instrument ; a transceiver fixed to said housing and connected to , said earphone , said microphone and said signal device for wireless communication (wireless communication) with said approving central station and selected ones of said remote stations ; and a control unit fixed to said housing including a switch and a memory for storing instrument data on said wireless telephone instrument , said control unit operating to control data flow from said memory for transmission by said transceiver on activation of said switch for an outgoing call to initiate vocal communication with said central station , said control unit further activating said signal device on the occurrence of an incoming call . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6154775A Filed: 1997-09-12 Issued: 2000-11-28 Methods and apparatus for a computer network firewall with dynamic rule processing with the ability to dynamically alter the operations of rules (Original Assignee) Nokia of America Corp (Current Assignee) Palo Alto Networks Inc Michael John Coss, David L. Majette, Ronald L. Sharp |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6154775A CLAIM 10 . The method of claim 1 wherein the dynamic rule comprises information (second receiving unit) which relates to a connection from a remote proxy to a destination . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (comprises information) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6154775A CLAIM 10 . The method of claim 1 wherein the dynamic rule comprises information (second receiving unit) which relates to a connection from a remote proxy to a destination . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6222856B1 Filed: 1997-08-28 Issued: 2001-04-24 Adaptive bandwidth throttling for individual virtual services supported on a network server (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Murali R. Krishnan, Bilal Alam |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (predetermined bandwidth, receiving requests) (predetermined bandwidth, receiving requests) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (predetermined bandwidth, receiving requests) . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (predetermined bandwidth, receiving requests) comprises frames that allow statistical comparisons . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (predetermined bandwidth, receiving requests) transmitted over a time interval . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (predetermined bandwidth, receiving requests) (predetermined bandwidth, receiving requests) . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (predetermined bandwidth, receiving requests) received over all the wireless channels allocated to the wireless node . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (predetermined bandwidth, receiving requests) (predetermined bandwidth, receiving requests) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (predetermined bandwidth, receiving requests) (predetermined bandwidth, receiving requests) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (apply one) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 12 . A bandwidth throttling module as recited in claim 10 , wherein the bandwidth throttling object specifies a bandwidth threshold indicating a level of I/O activity for the particular virtual service , further comprising : computer-executable instructions that , when executed , direct a computing device to : determine whether a current level of I/O activity for the particular virtual service exceeds the bandwidth threshold maintained in the bandwidth throttling object ; and selectively apply one (air interface) set of throttling actions when the I/O activity does not exceed the bandwidth threshold and another set of throttling actions when the I/O activity exceeds the bandwidth threshold . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (predetermined bandwidth, receiving requests) from the incoming traffic ; and a data processing unit (fixed time) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (predetermined bandwidth, receiving requests) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (apply one) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 12 . A bandwidth throttling module as recited in claim 10 , wherein the bandwidth throttling object specifies a bandwidth threshold indicating a level of I/O activity for the particular virtual service , further comprising : computer-executable instructions that , when executed , direct a computing device to : determine whether a current level of I/O activity for the particular virtual service exceeds the bandwidth threshold maintained in the bandwidth throttling object ; and selectively apply one (air interface) set of throttling actions when the I/O activity does not exceed the bandwidth threshold and another set of throttling actions when the I/O activity exceeds the bandwidth threshold . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (predetermined bandwidth, receiving requests) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (fixed time) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6222856B1 CLAIM 1 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth (original data frames, data frames) , the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services , the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services , the bandwidth throttling objects specifying bandwidth thresholds for the corresponding virtual services , each bandwidth threshold indicating a level of I/O activity for an associated virtual service that is effective to trigger throttling actions on requests to the associated virtual service ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services . US6222856B1 CLAIM 2 . A bandwidth throttling system for use in a computer network system having at least one network server connected to serve one or more clients over a network , the network server supporting a service that presents multiple virtual services that can be individually requested by the clients via a data transmission network connection of a predetermined bandwidth the bandwidth throttling system comprising : a measuring subsystem to measure a presently used bandwidth for individual ones of the virtual services supported by the network server ; multiple bandwidth throttling objects created for corresponding ones of the virtual services the bandwidth throttling objects tracking the bandwidth presently used by the corresponding virtual services ; and a control subsystem to provide a throttling strategy that selectively throttles requests for the virtual services independently on a per virtual service basis according to the presently used bandwidths measured for the virtual services , the control subsystem maintaining a born list of the bandwidth throttling objects that have been created for the corresponding virtual services and an active list , the control subsystem adding a particular bandwidth throttling object to the active list when the particular bandwidth throttling object is presently receiving requests (original data frames, data frames) and removing the particular bandwidth throttling object when the particular bandwidth throttling object ceases to receive requests . US6222856B1 CLAIM 23 . A bandwidth throttling object as recited in claim 20 , further comprising a histogram data field to hold data indicative of the I/O activity for the is particular virtual service measured at fixed time (incoming data frames, data processing unit) intervals . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5958053A Filed: 1997-08-22 Issued: 1999-09-28 Communications protocol with improved security (Original Assignee) AT&T Corp (Current Assignee) AT&T Corp John Stewart Denker |
---|---|
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data (established connection) frames . |
US5958053A CLAIM 20 . The method of claim 19 wherein said step of determining whether the second device may be under attack comprises the steps of : keeping track of the number of connection requests to the second device ; keeping track of the number of connection requests to the second device that resulted in an established connection (outgoing data) ; and determining that the second device may be under attack only if the ratio of the number of connection requests that resulted in an established connection to the number of connection requests is less than a threshold value . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data (established connection) frames comprises frames that allow statistical comparisons . |
US5958053A CLAIM 20 . The method of claim 19 wherein said step of determining whether the second device may be under attack comprises the steps of : keeping track of the number of connection requests to the second device ; keeping track of the number of connection requests to the second device that resulted in an established connection (outgoing data) ; and determining that the second device may be under attack only if the ratio of the number of connection requests that resulted in an established connection to the number of connection requests is less than a threshold value . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data (established connection) frames transmitted over a time interval . |
US5958053A CLAIM 20 . The method of claim 19 wherein said step of determining whether the second device may be under attack comprises the steps of : keeping track of the number of connection requests to the second device ; keeping track of the number of connection requests to the second device that resulted in an established connection (outgoing data) ; and determining that the second device may be under attack only if the ratio of the number of connection requests that resulted in an established connection to the number of connection requests is less than a threshold value . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data (established connection) frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5958053A CLAIM 20 . The method of claim 19 wherein said step of determining whether the second device may be under attack comprises the steps of : keeping track of the number of connection requests to the second device ; keeping track of the number of connection requests to the second device that resulted in an established connection (outgoing data) ; and determining that the second device may be under attack only if the ratio of the number of connection requests that resulted in an established connection to the number of connection requests is less than a threshold value . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data (established connection) frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5958053A CLAIM 20 . The method of claim 19 wherein said step of determining whether the second device may be under attack comprises the steps of : keeping track of the number of connection requests to the second device ; keeping track of the number of connection requests to the second device that resulted in an established connection (outgoing data) ; and determining that the second device may be under attack only if the ratio of the number of connection requests that resulted in an established connection to the number of connection requests is less than a threshold value . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5852351A Filed: 1997-08-20 Issued: 1998-12-22 Machine monitor (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc Ronald G. Canada, Eugene F. Pardue, James C. Robinson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (store information) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5852351A CLAIM 12 . A modular unit that attaches proximate to a motor to detect and store information (original data) corresponding to speeds at which the motor has been operated , said unit comprising : a structural enclosure ; an engagement surface formed on said enclosure ; a fastener for attaching said engagement surface proximate the motor ; one or more sensors for sensing one or more parameters of the motor and producing sensor signals corresponding to the sensed parameters , said at least one or more parameters corresponding to at least motor speed ; a signal processor disposed in said enclosure for receiving and processing the sensor signals to produce motor speed data ; a storage device for receiving and storing motor speed data over time to produce an operation history of the motor ; an output device for outputting at least the stored operation history of the motor ; and a power supply for supplying electrical power to the unit . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (store information) frames . |
US5852351A CLAIM 12 . A modular unit that attaches proximate to a motor to detect and store information (original data) corresponding to speeds at which the motor has been operated , said unit comprising : a structural enclosure ; an engagement surface formed on said enclosure ; a fastener for attaching said engagement surface proximate the motor ; one or more sensors for sensing one or more parameters of the motor and producing sensor signals corresponding to the sensed parameters , said at least one or more parameters corresponding to at least motor speed ; a signal processor disposed in said enclosure for receiving and processing the sensor signals to produce motor speed data ; a storage device for receiving and storing motor speed data over time to produce an operation history of the motor ; an output device for outputting at least the stored operation history of the motor ; and a power supply for supplying electrical power to the unit . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (store information) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5852351A CLAIM 12 . A modular unit that attaches proximate to a motor to detect and store information (original data) corresponding to speeds at which the motor has been operated , said unit comprising : a structural enclosure ; an engagement surface formed on said enclosure ; a fastener for attaching said engagement surface proximate the motor ; one or more sensors for sensing one or more parameters of the motor and producing sensor signals corresponding to the sensed parameters , said at least one or more parameters corresponding to at least motor speed ; a signal processor disposed in said enclosure for receiving and processing the sensor signals to produce motor speed data ; a storage device for receiving and storing motor speed data over time to produce an operation history of the motor ; an output device for outputting at least the stored operation history of the motor ; and a power supply for supplying electrical power to the unit . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (store information) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5852351A CLAIM 12 . A modular unit that attaches proximate to a motor to detect and store information (original data) corresponding to speeds at which the motor has been operated , said unit comprising : a structural enclosure ; an engagement surface formed on said enclosure ; a fastener for attaching said engagement surface proximate the motor ; one or more sensors for sensing one or more parameters of the motor and producing sensor signals corresponding to the sensed parameters , said at least one or more parameters corresponding to at least motor speed ; a signal processor disposed in said enclosure for receiving and processing the sensor signals to produce motor speed data ; a storage device for receiving and storing motor speed data over time to produce an operation history of the motor ; an output device for outputting at least the stored operation history of the motor ; and a power supply for supplying electrical power to the unit . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (clock signals) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5852351A CLAIM 20 . A recorder that attaches proximate to a motor to detect and store information corresponding to motor operation , said recorder comprising : a structural enclosure ; an engagement surface formed on said enclosure ; a fastener for attaching said engagement surface proximate the motor ; at least one sensor for sensing one or more parameters of the motor and producing sensor signals corresponding to the sensed parameters , said at least one or more parameters corresponding to motor load ; a clock for producing a clock signal ; a signal processor disposed in said enclosure for receiving and processing the sensor and clock signals (transmission channels) to produce motor load data and to produce data corresponding to cumulative time of motor operation at a plurality of motor load categories ; a storage device for receiving and storing motor load data and cumulative time of motor operation at each motor load category to produce an operation history of the motor ; an output device for outputting at least the stored operation history of the motor ; and a power supply for supplying electrical power to the recorder . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (clock signals) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5852351A CLAIM 20 . A recorder that attaches proximate to a motor to detect and store information corresponding to motor operation , said recorder comprising : a structural enclosure ; an engagement surface formed on said enclosure ; a fastener for attaching said engagement surface proximate the motor ; at least one sensor for sensing one or more parameters of the motor and producing sensor signals corresponding to the sensed parameters , said at least one or more parameters corresponding to motor load ; a clock for producing a clock signal ; a signal processor disposed in said enclosure for receiving and processing the sensor and clock signals (transmission channels) to produce motor load data and to produce data corresponding to cumulative time of motor operation at a plurality of motor load categories ; a storage device for receiving and storing motor load data and cumulative time of motor operation at each motor load category to produce an operation history of the motor ; an output device for outputting at least the stored operation history of the motor ; and a power supply for supplying electrical power to the recorder . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5919257A Filed: 1997-08-08 Issued: 1999-07-06 Networked workstation intrusion detection system (Original Assignee) Micro Focus Software Inc (Current Assignee) RPX Corp Jonathan Trostle |
---|---|
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (station identifier) . |
US5919257A CLAIM 16 . The method of claim 15 , further comprising the steps of selecting a user object at the server based upon the workstation user , selecting a workstation object based upon the workstation identifier (outgoing data frames, outgoing data frames comprises frames) , and choosing said selected executable programs based upon said user object and said workstation object . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (station identifier) comprises frames that allow statistical comparisons . |
US5919257A CLAIM 16 . The method of claim 15 , further comprising the steps of selecting a user object at the server based upon the workstation user , selecting a workstation object based upon the workstation identifier (outgoing data frames, outgoing data frames comprises frames) , and choosing said selected executable programs based upon said user object and said workstation object . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (station identifier) transmitted over a time interval . |
US5919257A CLAIM 16 . The method of claim 15 , further comprising the steps of selecting a user object at the server based upon the workstation user , selecting a workstation object based upon the workstation identifier (outgoing data frames, outgoing data frames comprises frames) , and choosing said selected executable programs based upon said user object and said workstation object . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (algorithm t) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5919257A CLAIM 3 . The method of claim 1 , wherein said step of hashing includes using a SHA-1 hashing algorithm t (first receiving, first receiving unit) o hash the selected executable programs . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (station identifier) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5919257A CLAIM 16 . The method of claim 15 , further comprising the steps of selecting a user object at the server based upon the workstation user , selecting a workstation object based upon the workstation identifier (outgoing data frames, outgoing data frames comprises frames) , and choosing said selected executable programs based upon said user object and said workstation object . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (algorithm t) unit for receiving the copy of the outgoing data frames (station identifier) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5919257A CLAIM 3 . The method of claim 1 , wherein said step of hashing includes using a SHA-1 hashing algorithm t (first receiving, first receiving unit) o hash the selected executable programs . US5919257A CLAIM 16 . The method of claim 15 , further comprising the steps of selecting a user object at the server based upon the workstation user , selecting a workstation object based upon the workstation identifier (outgoing data frames, outgoing data frames comprises frames) , and choosing said selected executable programs based upon said user object and said workstation object . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6016318A Filed: 1997-07-14 Issued: 2000-01-18 Virtual private network system over public mobile data network and virtual LAN (Original Assignee) NEC Corp (Current Assignee) NEC Corp Hiroyuki Tomoike |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (information signal) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6016318A CLAIM 8 . A method for registering a location of a data terminal in a public mobile data network , comprising : a) writing an IP address of the data terminal into a random access memory (RAM) of a mobile station that is communicatively connected to the data terminal ; b) recognizing , by the data terminal associated with the mobile station , an information signal (incoming data, incoming traffic) from a mobile base station that services a portion of the public mobile data network ; c) generating , by the mobile station , a location registration request signal including the IP address stored in the RAM and a public mobile data network address of the mobile station that is stored in a read-only memory (ROM) of the mobile station ; d) transmitting the location registration request signal from the mobile station to a mobile data subscriber processing unit that constitutes an interface to the public mobile data network ; e) generating , by a call control section of the mobile data subscriber processing unit , an approval request signal including the public mobile data network address of the mobile station , and transmitting the approval request signal to a location register that is communicatively connected to the public mobile data network ; f) searching , by the location register , for a first approval key in accordance with the approval request signal ; g) if the searching is successful , generating and transmitting , by the location register to the call control section , an approval response signal including the first approval key ; h) generating , by the call control section , a pseudo-random number and transmitting the approval request signal along with the pseudo-random number ; i) carrying out , by the mobile data subscriber processing unit , a calculation based upon the pseudo-random number and the first approval key to obtain a first result , and simultaneously , in the mobile station , carrying out a calculation based on the pseudo-random number and a second approval key stored in the ROM of the mobile station to obtain a second result ; j) generating , by the mobile station , an approval response signal including the second result ; k) comparing , by the mobile data subscriber unit , the first and second results ; l) when there is a match as a result of the comparing performed in step k) , generating and transmitting , to the location register , a location registration request signal that includes a location of the mobile data subscriber unit and the public mobile data network address of the mobile station ; and m) when there is no match as a result of the comparing performed in step k) , stopping any further call processing . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (information signal) frames received over all the wireless channels allocated to the wireless node . |
US6016318A CLAIM 8 . A method for registering a location of a data terminal in a public mobile data network , comprising : a) writing an IP address of the data terminal into a random access memory (RAM) of a mobile station that is communicatively connected to the data terminal ; b) recognizing , by the data terminal associated with the mobile station , an information signal (incoming data, incoming traffic) from a mobile base station that services a portion of the public mobile data network ; c) generating , by the mobile station , a location registration request signal including the IP address stored in the RAM and a public mobile data network address of the mobile station that is stored in a read-only memory (ROM) of the mobile station ; d) transmitting the location registration request signal from the mobile station to a mobile data subscriber processing unit that constitutes an interface to the public mobile data network ; e) generating , by a call control section of the mobile data subscriber processing unit , an approval request signal including the public mobile data network address of the mobile station , and transmitting the approval request signal to a location register that is communicatively connected to the public mobile data network ; f) searching , by the location register , for a first approval key in accordance with the approval request signal ; g) if the searching is successful , generating and transmitting , by the location register to the call control section , an approval response signal including the first approval key ; h) generating , by the call control section , a pseudo-random number and transmitting the approval request signal along with the pseudo-random number ; i) carrying out , by the mobile data subscriber processing unit , a calculation based upon the pseudo-random number and the first approval key to obtain a first result , and simultaneously , in the mobile station , carrying out a calculation based on the pseudo-random number and a second approval key stored in the ROM of the mobile station to obtain a second result ; j) generating , by the mobile station , an approval response signal including the second result ; k) comparing , by the mobile data subscriber unit , the first and second results ; l) when there is a match as a result of the comparing performed in step k) , generating and transmitting , to the location register , a location registration request signal that includes a location of the mobile data subscriber unit and the public mobile data network address of the mobile station ; and m) when there is no match as a result of the comparing performed in step k) , stopping any further call processing . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (information signal) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6016318A CLAIM 8 . A method for registering a location of a data terminal in a public mobile data network , comprising : a) writing an IP address of the data terminal into a random access memory (RAM) of a mobile station that is communicatively connected to the data terminal ; b) recognizing , by the data terminal associated with the mobile station , an information signal (incoming data, incoming traffic) from a mobile base station that services a portion of the public mobile data network ; c) generating , by the mobile station , a location registration request signal including the IP address stored in the RAM and a public mobile data network address of the mobile station that is stored in a read-only memory (ROM) of the mobile station ; d) transmitting the location registration request signal from the mobile station to a mobile data subscriber processing unit that constitutes an interface to the public mobile data network ; e) generating , by a call control section of the mobile data subscriber processing unit , an approval request signal including the public mobile data network address of the mobile station , and transmitting the approval request signal to a location register that is communicatively connected to the public mobile data network ; f) searching , by the location register , for a first approval key in accordance with the approval request signal ; g) if the searching is successful , generating and transmitting , by the location register to the call control section , an approval response signal including the first approval key ; h) generating , by the call control section , a pseudo-random number and transmitting the approval request signal along with the pseudo-random number ; i) carrying out , by the mobile data subscriber processing unit , a calculation based upon the pseudo-random number and the first approval key to obtain a first result , and simultaneously , in the mobile station , carrying out a calculation based on the pseudo-random number and a second approval key stored in the ROM of the mobile station to obtain a second result ; j) generating , by the mobile station , an approval response signal including the second result ; k) comparing , by the mobile data subscriber unit , the first and second results ; l) when there is a match as a result of the comparing performed in step k) , generating and transmitting , to the location register , a location registration request signal that includes a location of the mobile data subscriber unit and the public mobile data network address of the mobile station ; and m) when there is no match as a result of the comparing performed in step k) , stopping any further call processing . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (information signal) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6016318A CLAIM 8 . A method for registering a location of a data terminal in a public mobile data network , comprising : a) writing an IP address of the data terminal into a random access memory (RAM) of a mobile station that is communicatively connected to the data terminal ; b) recognizing , by the data terminal associated with the mobile station , an information signal (incoming data, incoming traffic) from a mobile base station that services a portion of the public mobile data network ; c) generating , by the mobile station , a location registration request signal including the IP address stored in the RAM and a public mobile data network address of the mobile station that is stored in a read-only memory (ROM) of the mobile station ; d) transmitting the location registration request signal from the mobile station to a mobile data subscriber processing unit that constitutes an interface to the public mobile data network ; e) generating , by a call control section of the mobile data subscriber processing unit , an approval request signal including the public mobile data network address of the mobile station , and transmitting the approval request signal to a location register that is communicatively connected to the public mobile data network ; f) searching , by the location register , for a first approval key in accordance with the approval request signal ; g) if the searching is successful , generating and transmitting , by the location register to the call control section , an approval response signal including the first approval key ; h) generating , by the call control section , a pseudo-random number and transmitting the approval request signal along with the pseudo-random number ; i) carrying out , by the mobile data subscriber processing unit , a calculation based upon the pseudo-random number and the first approval key to obtain a first result , and simultaneously , in the mobile station , carrying out a calculation based on the pseudo-random number and a second approval key stored in the ROM of the mobile station to obtain a second result ; j) generating , by the mobile station , an approval response signal including the second result ; k) comparing , by the mobile data subscriber unit , the first and second results ; l) when there is a match as a result of the comparing performed in step k) , generating and transmitting , to the location register , a location registration request signal that includes a location of the mobile data subscriber unit and the public mobile data network address of the mobile station ; and m) when there is no match as a result of the comparing performed in step k) , stopping any further call processing . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (information signal) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (information signal) frames from the incoming traffic ; and a data processing unit (processing units) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6016318A CLAIM 1 . A virtual private network system accessed by an internet , comprising : a virtual local area network (LAN) connected to a LAN emulation server and LAN emulation clients ; a router connected between said internet and said virtual LAN ; a public mobile data network connected to a location register and mobile data subscriber processing units (data processing unit) ; a data gateway connected between said internet and said public mobile data network ; a virtual private network gateway connected between said virtual LAN and said public mobile data network ; and a mobile data terminal having one internet protocol (IP) address and one network address of said public mobile data network and capable of being connected to either one of said LAN emulation clients or one of said mobile data subscriber processing units , wherein said location register storing a correspondence between said network address and one of said mobile data subscriber processing units , wherein said virtual private network gateway comprises : a memory for storing a correspondence between said IP address and said network address of said mobile data terminal ; a communication control section communicatively connected to said public mobile data network ; a call control section having a LAN emulation capability ; and a transmission control protocol/internet protocol (TCP/IP) interface communicatively connected to said virtual LAN . US6016318A CLAIM 8 . A method for registering a location of a data terminal in a public mobile data network , comprising : a) writing an IP address of the data terminal into a random access memory (RAM) of a mobile station that is communicatively connected to the data terminal ; b) recognizing , by the data terminal associated with the mobile station , an information signal (incoming data, incoming traffic) from a mobile base station that services a portion of the public mobile data network ; c) generating , by the mobile station , a location registration request signal including the IP address stored in the RAM and a public mobile data network address of the mobile station that is stored in a read-only memory (ROM) of the mobile station ; d) transmitting the location registration request signal from the mobile station to a mobile data subscriber processing unit that constitutes an interface to the public mobile data network ; e) generating , by a call control section of the mobile data subscriber processing unit , an approval request signal including the public mobile data network address of the mobile station , and transmitting the approval request signal to a location register that is communicatively connected to the public mobile data network ; f) searching , by the location register , for a first approval key in accordance with the approval request signal ; g) if the searching is successful , generating and transmitting , by the location register to the call control section , an approval response signal including the first approval key ; h) generating , by the call control section , a pseudo-random number and transmitting the approval request signal along with the pseudo-random number ; i) carrying out , by the mobile data subscriber processing unit , a calculation based upon the pseudo-random number and the first approval key to obtain a first result , and simultaneously , in the mobile station , carrying out a calculation based on the pseudo-random number and a second approval key stored in the ROM of the mobile station to obtain a second result ; j) generating , by the mobile station , an approval response signal including the second result ; k) comparing , by the mobile data subscriber unit , the first and second results ; l) when there is a match as a result of the comparing performed in step k) , generating and transmitting , to the location register , a location registration request signal that includes a location of the mobile data subscriber unit and the public mobile data network address of the mobile station ; and m) when there is no match as a result of the comparing performed in step k) , stopping any further call processing . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (information signal) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6016318A CLAIM 8 . A method for registering a location of a data terminal in a public mobile data network , comprising : a) writing an IP address of the data terminal into a random access memory (RAM) of a mobile station that is communicatively connected to the data terminal ; b) recognizing , by the data terminal associated with the mobile station , an information signal (incoming data, incoming traffic) from a mobile base station that services a portion of the public mobile data network ; c) generating , by the mobile station , a location registration request signal including the IP address stored in the RAM and a public mobile data network address of the mobile station that is stored in a read-only memory (ROM) of the mobile station ; d) transmitting the location registration request signal from the mobile station to a mobile data subscriber processing unit that constitutes an interface to the public mobile data network ; e) generating , by a call control section of the mobile data subscriber processing unit , an approval request signal including the public mobile data network address of the mobile station , and transmitting the approval request signal to a location register that is communicatively connected to the public mobile data network ; f) searching , by the location register , for a first approval key in accordance with the approval request signal ; g) if the searching is successful , generating and transmitting , by the location register to the call control section , an approval response signal including the first approval key ; h) generating , by the call control section , a pseudo-random number and transmitting the approval request signal along with the pseudo-random number ; i) carrying out , by the mobile data subscriber processing unit , a calculation based upon the pseudo-random number and the first approval key to obtain a first result , and simultaneously , in the mobile station , carrying out a calculation based on the pseudo-random number and a second approval key stored in the ROM of the mobile station to obtain a second result ; j) generating , by the mobile station , an approval response signal including the second result ; k) comparing , by the mobile data subscriber unit , the first and second results ; l) when there is a match as a result of the comparing performed in step k) , generating and transmitting , to the location register , a location registration request signal that includes a location of the mobile data subscriber unit and the public mobile data network address of the mobile station ; and m) when there is no match as a result of the comparing performed in step k) , stopping any further call processing . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (information signal) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (information signal) frames from the incoming traffic ; and a data processing unit (processing units) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6016318A CLAIM 1 . A virtual private network system accessed by an internet , comprising : a virtual local area network (LAN) connected to a LAN emulation server and LAN emulation clients ; a router connected between said internet and said virtual LAN ; a public mobile data network connected to a location register and mobile data subscriber processing units (data processing unit) ; a data gateway connected between said internet and said public mobile data network ; a virtual private network gateway connected between said virtual LAN and said public mobile data network ; and a mobile data terminal having one internet protocol (IP) address and one network address of said public mobile data network and capable of being connected to either one of said LAN emulation clients or one of said mobile data subscriber processing units , wherein said location register storing a correspondence between said network address and one of said mobile data subscriber processing units , wherein said virtual private network gateway comprises : a memory for storing a correspondence between said IP address and said network address of said mobile data terminal ; a communication control section communicatively connected to said public mobile data network ; a call control section having a LAN emulation capability ; and a transmission control protocol/internet protocol (TCP/IP) interface communicatively connected to said virtual LAN . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JPH1117806A Filed: 1997-06-25 Issued: 1999-01-22 Information reception processing method and computer / telephony integration system (Original Assignee) Hitachi Ltd; 株式会社日立製作所 Susumu Matsui, Yasuhiko Nagai, 進 松井, 康彦 永井 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (記憶手段と) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (sender side) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JPH1117806A CLAIM 5 【請求項5】 請求項4に記載のコンピュータ・テレフ ォニイインテグレーションシステムにおいて、 上記受信環境情報登録手段は、受信環境情報を記憶する ための記憶手段と (original data frames) 、システム外部からの受信環境情報の 設定操作を受け付けるための手段とを有することを特徴 とするコンピュータ・テレフォニイインテグレーション システム。 5 . The computer / telephony integration system according to claim 4 , wherein said reception environment information registration means stores storage environment information for receiving environment information , and sets reception environment information from outside the system . Computer telephony integration system having means for receiving . JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data (registration process) frames . |
JPH1117806A CLAIM 22 【請求項22】 請求項21に記載のプログラムを記録 した記録媒体において、 上記受信環境情報登録処理は、受信環境情報を記憶する ための処理と、システム外部からの受信環境情報の設定 操作を受け付けるための処理とを含むことを特徴とする コンピュータ・テレフォニイインテグレーションシステ ム。 22 . A recording medium on which the program according to claim 21 is recorded , wherein the reception environment information registration process (outgoing data) receives a process for storing the reception environment information and a setting operation of the reception environment information from outside the system . Computer-telephony integration system , comprising : |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data (registration process) frames comprises frames that allow statistical comparisons . |
JPH1117806A CLAIM 22 【請求項22】 請求項21に記載のプログラムを記録 した記録媒体において、 上記受信環境情報登録処理は、受信環境情報を記憶する ための処理と、システム外部からの受信環境情報の設定 操作を受け付けるための処理とを含むことを特徴とする コンピュータ・テレフォニイインテグレーションシステ ム。 22 . A recording medium on which the program according to claim 21 is recorded , wherein the reception environment information registration process (outgoing data) receives a process for storing the reception environment information and a setting operation of the reception environment information from outside the system . Computer-telephony integration system , comprising : |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data (registration process) frames transmitted over a time interval . |
JPH1117806A CLAIM 22 【請求項22】 請求項21に記載のプログラムを記録 した記録媒体において、 上記受信環境情報登録処理は、受信環境情報を記憶する ための処理と、システム外部からの受信環境情報の設定 操作を受け付けるための処理とを含むことを特徴とする コンピュータ・テレフォニイインテグレーションシステ ム。 22 . A recording medium on which the program according to claim 21 is recorded , wherein the reception environment information registration process (outgoing data) receives a process for storing the reception environment information and a setting operation of the reception environment information from outside the system . Computer-telephony integration system , comprising : |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (記憶手段と) . |
JPH1117806A CLAIM 5 【請求項5】 請求項4に記載のコンピュータ・テレフ ォニイインテグレーションシステムにおいて、 上記受信環境情報登録手段は、受信環境情報を記憶する ための記憶手段と (original data frames) 、システム外部からの受信環境情報の 設定操作を受け付けるための手段とを有することを特徴 とするコンピュータ・テレフォニイインテグレーション システム。 5 . The computer / telephony integration system according to claim 4 , wherein said reception environment information registration means stores storage environment information for receiving environment information , and sets reception environment information from outside the system . Computer telephony integration system having means for receiving . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (sender side) frames received over all the wireless channels allocated to the wireless node . |
JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (記憶手段と) with the incoming data (sender side) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JPH1117806A CLAIM 5 【請求項5】 請求項4に記載のコンピュータ・テレフ ォニイインテグレーションシステムにおいて、 上記受信環境情報登録手段は、受信環境情報を記憶する ための記憶手段と (original data frames) 、システム外部からの受信環境情報の 設定操作を受け付けるための手段とを有することを特徴 とするコンピュータ・テレフォニイインテグレーション システム。 5 . The computer / telephony integration system according to claim 4 , wherein said reception environment information registration means stores storage environment information for receiving environment information , and sets reception environment information from outside the system . Computer telephony integration system having means for receiving . JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . |
US7409715B2 CLAIM 10 . An impersonation detection system (apparatus) for a wireless node of a wireless communication network , the node for transmitting original data frames (記憶手段と) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (sender side) frames received over the air interface (said contact) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JPH1117806A CLAIM 5 【請求項5】 請求項4に記載のコンピュータ・テレフ ォニイインテグレーションシステムにおいて、 上記受信環境情報登録手段は、受信環境情報を記憶する ための記憶手段と (original data frames) 、システム外部からの受信環境情報の 設定操作を受け付けるための手段とを有することを特徴 とするコンピュータ・テレフォニイインテグレーション システム。 5 . The computer / telephony integration system according to claim 4 , wherein said reception environment information registration means stores storage environment information for receiving environment information , and sets reception environment information from outside the system . Computer telephony integration system having means for receiving . JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . JPH1117806A CLAIM 15 【請求項15】 請求項12および13のいずれか一項 に記載のコンピュータ・テレフォニイインテグレーショ ンシステムにおいて、 上記コンタクト調整処理手段は、送信環境条件情報が設 定されているとき、該送信環境条件が上記受信環境条件 と適合するか否か判定し、適合する場合には、送信環境 条件および受信環境条件の両者の論理和した条件に基づ いてコンタクト調整を行い、送信環境条件が受信環境条 件と適合しない場合には、上記受信側環境条件に従って コンタクト調整を行うことを特徴とするコンピュータ・ テレフォニイインテグレーションシステム。 15 . The computer / telephony integration system according to claim 12 , wherein said contact (air interface) adjustment processing means sets said transmission environment condition when said transmission environment condition information is set . It is determined whether or not the reception environment condition is satisfied . If so , the contact adjustment is performed based on a logical sum of the transmission environment condition and the reception environment condition , and the transmission environment condition does not match the reception environment condition . In this case , the computer is characterized in that the contact adjustment is performed in accordance with the receiving side environmental conditions . Telephony integration system . |
US7409715B2 CLAIM 11 . The impersonation detection system (apparatus) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (sender side) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (sender side) frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . |
US7409715B2 CLAIM 12 . The impersonation detection system (apparatus) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 CLAIM 13 . The impersonation detection system (apparatus) of claim 12 wherein the secure link operates according to a communication protocol . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 CLAIM 14 . The impersonation detection system (apparatus) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 CLAIM 15 . The impersonation detection system (apparatus) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 CLAIM 16 . The impersonation detection system (apparatus) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data (registration process) frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (sender side) frames received from the air interface (said contact) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . JPH1117806A CLAIM 15 【請求項15】 請求項12および13のいずれか一項 に記載のコンピュータ・テレフォニイインテグレーショ ンシステムにおいて、 上記コンタクト調整処理手段は、送信環境条件情報が設 定されているとき、該送信環境条件が上記受信環境条件 と適合するか否か判定し、適合する場合には、送信環境 条件および受信環境条件の両者の論理和した条件に基づ いてコンタクト調整を行い、送信環境条件が受信環境条 件と適合しない場合には、上記受信側環境条件に従って コンタクト調整を行うことを特徴とするコンピュータ・ テレフォニイインテグレーションシステム。 15 . The computer / telephony integration system according to claim 12 , wherein said contact (air interface) adjustment processing means sets said transmission environment condition when said transmission environment condition information is set . It is determined whether or not the reception environment condition is satisfied . If so , the contact adjustment is performed based on a logical sum of the transmission environment condition and the reception environment condition , and the transmission environment condition does not match the reception environment condition . In this case , the computer is characterized in that the contact adjustment is performed in accordance with the receiving side environmental conditions . Telephony integration system . JPH1117806A CLAIM 22 【請求項22】 請求項21に記載のプログラムを記録 した記録媒体において、 上記受信環境情報登録処理は、受信環境情報を記憶する ための処理と、システム外部からの受信環境情報の設定 操作を受け付けるための処理とを含むことを特徴とする コンピュータ・テレフォニイインテグレーションシステ ム。 22 . A recording medium on which the program according to claim 21 is recorded , wherein the reception environment information registration process (outgoing data) receives a process for storing the reception environment information and a setting operation of the reception environment information from outside the system . Computer-telephony integration system , comprising : |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data (registration process) frames ; an antenna for capturing the incoming traffic (sender side) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (sender side) frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . JPH1117806A CLAIM 13 【請求項13】 請求項12に記載のコンピュータ・テ レフォニイインテグレーションシステムにおいて、 上記送信環境情報の設定操作を受け付けるための手段 は、上記受信環境情報登録手段によって登録されている 受信環境情報の範囲内から情報発信者側のコンタクト条 件を選択設定する機能を有することを特徴とするコンピ ュータ・テレフォニイインテグレーションシステム。 13 . The computer / telephony integration system according to claim 12 , wherein the means for receiving the setting operation of the transmission environment information is within a range of the reception environment information registered by the reception environment information registration unit . A function of selecting and setting a contact condition on the information sender side (incoming data, incoming traffic) from a computer . JPH1117806A CLAIM 22 【請求項22】 請求項21に記載のプログラムを記録 した記録媒体において、 上記受信環境情報登録処理は、受信環境情報を記憶する ための処理と、システム外部からの受信環境情報の設定 操作を受け付けるための処理とを含むことを特徴とする コンピュータ・テレフォニイインテグレーションシステ ム。 22 . A recording medium on which the program according to claim 21 is recorded , wherein the reception environment information registration process (outgoing data) receives a process for storing the reception environment information and a setting operation of the reception environment information from outside the system . Computer-telephony integration system , comprising : |
US7409715B2 CLAIM 19 . The an impersonation detection system (apparatus) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 CLAIM 20 . The impersonation detection system (apparatus) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
JPH1117806A CLAIM 10 【請求項10】 請求項6、7、8および9のいずれか 一項に記載のコンピュータ・テレフォニイインテグレー ションシステムにおいて、 システム外部の情報処理装置とデータの通信を行うため の処理を行う手段をさらに有し、上記受信環境情報の設 定操作を受け付けるための手段は、システム外部から受 信環境情報設定要求を受け付けると、当該要求元に対し て、上記受信環境情報設定用画面を表示する機能と、上 記画面対応になされる入力を受け付ける機能とを実現す るためのプログラムおよびデータを、上記通信処理を行 う手段を介して送信する機能と、上記通信処理を行う手 段を介して上記要求元から送信された受信環境設定デー タを受信し、上記記憶手段に記憶させる機能に渡す機能 とを有することを特徴とするコンピュータ・テレフォニ イインテグレーションシステム。 10 . The computer / telephony integration system according to claim 6 , further comprising : means for performing processing for performing data communication with an information processing apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) outside the system . Means for receiving the setting operation of the reception environment information , when receiving a reception environment information setting request from outside the system , a function of displaying the reception environment information setting screen to the request source ; A function of transmitting a program and data for realizing a function of accepting an input made corresponding to a screen via the means for performing the communication processing , and a function of transmitting the program and data from the request source via the means for performing the communication processing A function of receiving the reception environment setting data and passing it to a function to be stored in the storage means . Sulfonyl Lee integration system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | WO9826548A1 Filed: 1997-06-18 Issued: 1998-06-18 Automatic configuration for internet access device (Original Assignee) Whistle Communications Corporation Jim Y. Li, Archie L. Cobbs, Paul D. Ozzello |
---|---|
US7409715B2 CLAIM 16 . The impersonation detection system of claim 10 , wherein the wireless network (Internet service provider) operates according to any wireless network technology . |
WO9826548A1 CLAIM 2 . A method as recited in claim 1 wherein said configuration server is located within a point of presence of an Internet service provider (wireless network) . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network (Internet service provider) comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
WO9826548A1 CLAIM 2 . A method as recited in claim 1 wherein said configuration server is located within a point of presence of an Internet service provider (wireless network) . |
US7409715B2 CLAIM 20 . The impersonation detection system of claim 18 , wherein the wireless network (Internet service provider) operates according to any wireless network technology . |
WO9826548A1 CLAIM 2 . A method as recited in claim 1 wherein said configuration server is located within a point of presence of an Internet service provider (wireless network) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6028537A Filed: 1997-06-13 Issued: 2000-02-22 Vehicle communication and remote control system (Original Assignee) Prince Corp USA (Current Assignee) Visteon Global Technologies Inc Michael J. Suman, Thomas L. Welling, Mark L. Zeinstra, Ruskin T. Lhamon, Matthew T. Nichelson |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (phone calls) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6028537A CLAIM 13 . The system as defined in claim 1 and further including a handset coupling port for coupling a telephone handset to said transceiver for making and receiving telephone calls (second receiving, second receiving unit) through said transceiver . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (phone calls) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6028537A CLAIM 13 . The system as defined in claim 1 and further including a handset coupling port for coupling a telephone handset to said transceiver for making and receiving telephone calls (second receiving, second receiving unit) through said transceiver . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6173399B1 Filed: 1997-06-12 Issued: 2001-01-09 Apparatus for implementing virtual private networks (Original Assignee) VPNet Technologies Inc (Current Assignee) Avaya Inc ; VPNet Technologies Inc Sidney A. Gilbrech |
---|---|
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US6173399B1 CLAIM 4 . The apparatus of claim 3 wherein said key management protocol comprises the Simple Key Management for Internet Protocol (communication protocol) (SKIP) . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6021495A Filed: 1997-05-30 Issued: 2000-02-01 Method and apparatus for authentication process of a star or hub network connection ports by detecting interruption in link beat (Original Assignee) 3Com Corp (Current Assignee) HP Inc ; Hewlett Packard Enterprise Development LP Vipin Kumar Jain, Danny M. Nessett, William Paul Sherer |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node (network nodes) of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (other port) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node (network nodes) and the intrusion detection module . |
US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node (network nodes) and extracting the incoming data (other port) frames received over all the wireless channels allocated to the wireless node . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (other port) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node (network nodes) of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (other port) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node (network nodes) ; a second receiving unit for detecting the incoming data (other port) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (other port) . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node (network nodes) : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node (network nodes) . |
US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 17 . A wireless node (network nodes) for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (other port) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 CLAIM 18 . The wireless node (network nodes) of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (other port) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6021495A CLAIM 7 . The method according to claim 1 further comprising limiting data transmission with an unauthenticated port to a subset of other port (incoming data, incoming data frames, communication protocol) s that are designated unprotected ports . US6021495A CLAIM 12 . A system having software and hardware means for ensuring network security comprising : network intermediate system means capable of detecting the presence of a link beat on any of the network nodes (wireless node) and capable of performing a verification routine when linkbeat is interrupted on any of the network nodes ; network intermediate system control means capable of limiting transmission and reception of network data on a network port that is unauthenticated when link beat is interrupted on said port ; and end system means capable of responding to authentication requests from said intermediate network system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | EP0814393A1 Filed: 1997-05-27 Issued: 1997-12-29 Control and supervision of electrical components (Original Assignee) Telia AB (Current Assignee) Telia AB Anders Eriksson, Amalendu Parasnis |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network (managing unit) , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
EP0814393A1 CLAIM 3 System according to any of the patent claims 1 or 2 , characterized in that said system includes a user terminal connected to said public information network , preferably Internet/WWW , a network resource connected to said information network , an information managing unit (wireless communication network) STB connected to said information network , at which said STB is connected to an ELAN , which ELAN is connected to just any specific IS which controls and/or supervises a specific electrical component/device . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network (managing unit) , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
EP0814393A1 CLAIM 3 System according to any of the patent claims 1 or 2 , characterized in that said system includes a user terminal connected to said public information network , preferably Internet/WWW , a network resource connected to said information network , an information managing unit (wireless communication network) STB connected to said information network , at which said STB is connected to an ELAN , which ELAN is connected to just any specific IS which controls and/or supervises a specific electrical component/device . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (measurement result) . |
EP0814393A1 CLAIM 5 System according to patent claim 4 , characterized in that said IS is an entity which communicates with said STB over said ELAN , at which said IS attends to control and/or measurement on the connected component/device and informs about the control- and/or measurement result (impersonation detection signal) to said STB/network resource . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5907491A Filed: 1997-04-04 Issued: 1999-05-25 Wireless machine monitoring and communication system (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc Ronald G. Canada, James C. Robinson, Zbigniew Czyzewski, James W. Pearce |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (receiving wireless signals) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . US5907491A CLAIM 25 . The system of claim 1 , further comprising a computer network connected to said command station for transferring data and controlling wireless communication (wireless communication) within the system . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (predetermined time period) . |
US5907491A CLAIM 58 . The method of claim 56 wherein said executing step includes : continuing to periodically poll machine monitors in accordance with the time-division schedule during a first predetermined time period (time interval) ; if communication with the particular machine monitor is not re-established within the first predetermined time period , selecting one or more repeaters to relay a command requesting the particular machine monitor to perform a transmission strength scan at a first designated time ; listening during a second predetermined time period for signals transmitted by the particular machine monitor during the commanded transmission strength scan ; processing transmission strength scan signals received by the selected repeaters to determine a most favorable repeater and transmission strength scan ; commanding the particular machine monitor to perform a transmission scan at the most favorable transmission strength at a second designated time that is later than the first designated time ; acknowledging proper receipt of the particular machine monitor' ; s transmission scan by assigning the particular machine monitor a temporary time slice within the time-division schedule ; and reconfiguring the time-division schedule to assign the particular machine monitor a permanent time slice once synchronization with the most favorable repeater is established . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (receiving wireless signals) frames received over all the wireless channels allocated to the wireless node . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (receiving wireless signals) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (receiving wireless signals) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . US5907491A CLAIM 25 . The system of claim 1 , further comprising a computer network connected to said command station for transferring data and controlling wireless communication (wireless communication) within the system . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (receiving wireless signals) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (designated time) based on the impersonation detected signal . |
US5907491A CLAIM 58 . The method of claim 56 wherein said executing step includes : continuing to periodically poll machine monitors in accordance with the time-division schedule during a first predetermined time period ; if communication with the particular machine monitor is not re-established within the first predetermined time period , selecting one or more repeaters to relay a command requesting the particular machine monitor to perform a transmission strength scan at a first designated time (intrusion attack) ; listening during a second predetermined time period for signals transmitted by the particular machine monitor during the commanded transmission strength scan ; processing transmission strength scan signals received by the selected repeaters to determine a most favorable repeater and transmission strength scan ; commanding the particular machine monitor to perform a transmission scan at the most favorable transmission strength at a second designated time that is later than the first designated time ; acknowledging proper receipt of the particular machine monitor' ; s transmission scan by assigning the particular machine monitor a temporary time slice within the time-division schedule ; and reconfiguring the time-division schedule to assign the particular machine monitor a permanent time slice once synchronization with the most favorable repeater is established . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (transferring data) . |
US5907491A CLAIM 25 . The system of claim 1 , further comprising a computer network connected to said command station for transferring data (communication protocol) and controlling wireless communication within the system . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (receiving wireless signals) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (receiving wireless signals) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5907491A CLAIM 1 . A communication system for monitoring the status of a machine and communicating the machine' ; s status through wireless signals , the system comprising : a plurality of machine monitors positioned to monitor operational characteristics of a machine , each machine monitor including : a receiver for receiving wireless signals (incoming data) , including command signals ; at least one sensor for sensing a characteristic of the machine and generating a sensor signal corresponding to the machine characteristic that was sensed ; a data processor for receiving and processing the sensor signals to produce status data and for storing status data ; a transmitter for transmitting wireless status signals corresponding to the status of the machine as represented by status data ; a protocol stored in said data processor ; said data processor for communicating with and controlling said receiver , transmitter , and sensor and for selectively producing power-on and power-off signals for selectively powering said receiver , transmitter , and sensor signal in accordance with said protocol ; an electrical power source and control circuitry responsive to said power-on and power-off signals to selectively power said receiver , transmitter and sensor ; and a command station including a transceiver for transmitting wireless command signals and receiving said wireless status signals . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (designated time) based on the impersonation detected signal . |
US5907491A CLAIM 58 . The method of claim 56 wherein said executing step includes : continuing to periodically poll machine monitors in accordance with the time-division schedule during a first predetermined time period ; if communication with the particular machine monitor is not re-established within the first predetermined time period , selecting one or more repeaters to relay a command requesting the particular machine monitor to perform a transmission strength scan at a first designated time (intrusion attack) ; listening during a second predetermined time period for signals transmitted by the particular machine monitor during the commanded transmission strength scan ; processing transmission strength scan signals received by the selected repeaters to determine a most favorable repeater and transmission strength scan ; commanding the particular machine monitor to perform a transmission scan at the most favorable transmission strength at a second designated time that is later than the first designated time ; acknowledging proper receipt of the particular machine monitor' ; s transmission scan by assigning the particular machine monitor a temporary time slice within the time-division schedule ; and reconfiguring the time-division schedule to assign the particular machine monitor a permanent time slice once synchronization with the most favorable repeater is established . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | EP0793170A1 Filed: 1997-02-21 Issued: 1997-09-03 System and method for automatic configuration of home network computers (Original Assignee) Sun Microsystems Inc (Current Assignee) Sun Microsystems Inc Graham Hamilton |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (receiving requests) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (receiving requests) . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (receiving requests) comprises frames that allow statistical comparisons . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (receiving requests) transmitted over a time interval . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (receiving requests) . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (receiving requests) received over all the wireless channels allocated to the wireless node . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (receiving requests) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (receiving requests) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (receiving requests) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (receiving requests) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (receiving requests) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
EP0793170A1 CLAIM 1 A method for automatic configuration of home network client computers comprising the steps of : a) receiving requests (data frames) from said home network client computers for autoconfiguration , said requests each providing client computer identifying information ; b) using said client computer identifying information in said request to determine i) local service provider information , selected from information in a predefined directory of local service providers ; ii) client computer specific data corresponding to said client computer identifying information , selected from a database of client computer information ; c) providing instructions for downloading said local service provider information , and said client computer specific data to a respective home network client computer . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5931946A Filed: 1997-02-06 Issued: 1999-08-03 Network system having external/internal audit system for computer security (Original Assignee) Hitachi Ltd (Current Assignee) Hitachi Ltd Masato Terada, Kenichi Yoshida, Makoto Kayashima |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (predetermined time period) . |
US5931946A CLAIM 4 . A network system according to claim 3 , wherein said repeating unit further includes means for stopping , when said management unit does not send a report indicating that measures have been taken for the vulnerability of said computer within a predetermined time period (time interval) after having sent the information to said management unit , repeating of communication to said computer which is transmitted in said network . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (repeating units) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5931946A CLAIM 19 . A network system having a network , comprising : a plurality of repeating units (second receiving unit) connected to said network for carrying out repeating of communication on said network ; a plurality of computers connected to said network , each of said computers being connected to said network through only a corresponding one of said plurality of repeating units ; and a management unit connected to said network , wherein said management unit includes distribution means for distributing at least one of an external audit program and an internal audit program , by which said repeating installation audits vulnerability of at least one of said plurality of computers , from said management unit to said repeating units through said network , and said repeating units include audit control means for carrying out at least one of the external audit processing and the internal audit processing with respect to the vulnerability of said at least one of said plurality of computers in accordance with at least one of the external audit program and the internal audit program which have been distributed from said management unit to determine whether or not said at least one computer has the vulnerability , and separating means for logically separating said computer having been determined to have the vulnerability from said network . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (repeating units) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5931946A CLAIM 19 . A network system having a network , comprising : a plurality of repeating units (second receiving unit) connected to said network for carrying out repeating of communication on said network ; a plurality of computers connected to said network , each of said computers being connected to said network through only a corresponding one of said plurality of repeating units ; and a management unit connected to said network , wherein said management unit includes distribution means for distributing at least one of an external audit program and an internal audit program , by which said repeating installation audits vulnerability of at least one of said plurality of computers , from said management unit to said repeating units through said network , and said repeating units include audit control means for carrying out at least one of the external audit processing and the internal audit processing with respect to the vulnerability of said at least one of said plurality of computers in accordance with at least one of the external audit program and the internal audit program which have been distributed from said management unit to determine whether or not said at least one computer has the vulnerability , and separating means for logically separating said computer having been determined to have the vulnerability from said network . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5913041A Filed: 1996-12-09 Issued: 1999-06-15 System for determining data transfer rates in accordance with log information relates to history of data transfer activities that independently stored in content servers (Original Assignee) HP Inc (Current Assignee) Viavi Solutions Inc Srinivas Ramanathan, Tai Jin, Manjari Asawa |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (receiving requests) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (receiving requests) . |
US5913041A CLAIM 13 . The method of claim 10 wherein said step of correlating data transfer rates includes filtering out transfers having a transfer size less than a predetermined threshold size , and includes selecting among correlating based upon location of said remote sites , upon communication channels (outgoing data, outgoing data frames) in use , upon source of transferred data , and upon direction of data transfer . US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (receiving requests) comprises frames that allow statistical comparisons . |
US5913041A CLAIM 13 . The method of claim 10 wherein said step of correlating data transfer rates includes filtering out transfers having a transfer size less than a predetermined threshold size , and includes selecting among correlating based upon location of said remote sites , upon communication channels (outgoing data, outgoing data frames) in use , upon source of transferred data , and upon direction of data transfer . US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (receiving requests) transmitted over a time interval . |
US5913041A CLAIM 13 . The method of claim 10 wherein said step of correlating data transfer rates includes filtering out transfers having a transfer size less than a predetermined threshold size , and includes selecting among correlating based upon location of said remote sites , upon communication channels (outgoing data, outgoing data frames) in use , upon source of transferred data , and upon direction of data transfer . US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (receiving requests) . |
US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (receiving requests) received over all the wireless channels allocated to the wireless node . |
US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (receiving requests) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (receiving requests) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (receiving requests) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol, transferring data) . |
US5913041A CLAIM 1 . A method of managing a data access system for transferring data (communication protocol) between a server system and a plurality of remote sites upon request from said remote sites comprising steps of : forming log information for transfers of said data from a plurality of content servers associated with said server system , including determining transfer sizes and transfer times such that said determinations are non-intrusive with respect to said transfers , formation of said log information further including recording one of said remote sites as a receiving site for each of said transfers , said log information being formed independently for each of said content servers ; storing said log information at respective said content servers from which said data is transferred ; accessing said log information stored at each of said content servers ; and enabling evaluation of performing said transfers from a combination of said content servers to a selected subset of said plurality of remote sites , including determining data throughput of said transfers to said subset based upon said log information , said determination of data throughput being indicative of rate of data transfer to said subset . US5913041A CLAIM 19 . The system of claim 16 , wherein said router further comprises a switching device compatible with Transmission Control Protocol/Internet Protocol (communication protocol) (TCP/IP) transmissions . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (receiving requests) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5913041A CLAIM 13 . The method of claim 10 wherein said step of correlating data transfer rates includes filtering out transfers having a transfer size less than a predetermined threshold size , and includes selecting among correlating based upon location of said remote sites , upon communication channels (outgoing data, outgoing data frames) in use , upon source of transferred data , and upon direction of data transfer . US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (receiving requests) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5913041A CLAIM 13 . The method of claim 10 wherein said step of correlating data transfer rates includes filtering out transfers having a transfer size less than a predetermined threshold size , and includes selecting among correlating based upon location of said remote sites , upon communication channels (outgoing data, outgoing data frames) in use , upon source of transferred data , and upon direction of data transfer . US5913041A CLAIM 16 . A data access system for providing access of data to a plurality of remote sites via communications lines comprising : means for receiving requests (data frames) for data from said remote sites ; means for non-intrusively routing requested data from a plurality of content servers to said remote sites from which said requests are received by said means for receiving ; means for accessing Log information stored by said content servers relating to transfer times and transfer sizes of said requested data routed by said means for routing ; and rate determination means , connected to said means for accessing , for utilizing said log information in determining data transfer rates to particular remote sites . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5796942A Filed: 1996-11-21 Issued: 1998-08-18 Method and apparatus for automated network-wide surveillance and security breach intervention (Original Assignee) CA Inc (Current Assignee) CA Inc Daniel Esbensen |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (reading data) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5796942A CLAIM 1 . A network surveillance system for conducting surveillance on a network independent of a network server comprises : a network driver for capturing data on a network , said data not necessarily addressed to said surveillance system ; a handler process for receiving data from said network driver and storing said data in real time ; a plurality of record files for receiving network data and storing said data before further examination ; a scanner process for designating one of said plurality of record files as a receive file while reading data (original data) from another of said plurality of record files and for using said data to construct a plurality of session data streams , said session data streams providing a sequential reconstruction of network data traffic organized by session ; a session window scanner for reading a window of data in one of said plurality of session data streams ; a set of surveillance rules defining data patterns which , when met , will trigger a surveillance alert ; and an alerts handler for responding to fired rules and taking defined actions . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (reading data) frames . |
US5796942A CLAIM 1 . A network surveillance system for conducting surveillance on a network independent of a network server comprises : a network driver for capturing data on a network , said data not necessarily addressed to said surveillance system ; a handler process for receiving data from said network driver and storing said data in real time ; a plurality of record files for receiving network data and storing said data before further examination ; a scanner process for designating one of said plurality of record files as a receive file while reading data (original data) from another of said plurality of record files and for using said data to construct a plurality of session data streams , said session data streams providing a sequential reconstruction of network data traffic organized by session ; a session window scanner for reading a window of data in one of said plurality of session data streams ; a set of surveillance rules defining data patterns which , when met , will trigger a surveillance alert ; and an alerts handler for responding to fired rules and taking defined actions . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (reading data) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5796942A CLAIM 1 . A network surveillance system for conducting surveillance on a network independent of a network server comprises : a network driver for capturing data on a network , said data not necessarily addressed to said surveillance system ; a handler process for receiving data from said network driver and storing said data in real time ; a plurality of record files for receiving network data and storing said data before further examination ; a scanner process for designating one of said plurality of record files as a receive file while reading data (original data) from another of said plurality of record files and for using said data to construct a plurality of session data streams , said session data streams providing a sequential reconstruction of network data traffic organized by session ; a session window scanner for reading a window of data in one of said plurality of session data streams ; a set of surveillance rules defining data patterns which , when met , will trigger a surveillance alert ; and an alerts handler for responding to fired rules and taking defined actions . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (reading data) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5796942A CLAIM 1 . A network surveillance system for conducting surveillance on a network independent of a network server comprises : a network driver for capturing data on a network , said data not necessarily addressed to said surveillance system ; a handler process for receiving data from said network driver and storing said data in real time ; a plurality of record files for receiving network data and storing said data before further examination ; a scanner process for designating one of said plurality of record files as a receive file while reading data (original data) from another of said plurality of record files and for using said data to construct a plurality of session data streams , said session data streams providing a sequential reconstruction of network data traffic organized by session ; a session window scanner for reading a window of data in one of said plurality of session data streams ; a set of surveillance rules defining data patterns which , when met , will trigger a surveillance alert ; and an alerts handler for responding to fired rules and taking defined actions . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5796942A CLAIM 13 . The method according to claim 11 further comprising filtering certain network data packet (incoming traffic) s before storing . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5796942A CLAIM 13 . The method according to claim 11 further comprising filtering certain network data packet (incoming traffic) s before storing . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5898830A Filed: 1996-10-17 Issued: 1999-04-27 Firewall providing enhanced network security and user transparency (Original Assignee) Network Engr Software (Current Assignee) GraphOn Corp Ralph E. Wesinger, Jr., Christopher D. Coley |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (computer instructions) unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5898830A CLAIM 19 . A method of providing communications between a communications process running on a first computer and a communications process running on a second remote computer along a route from the first computer to the second computer through an intervening firewall having a first interface to a first computer network and a second interface to a second computer network , without requiring a user to know of the intervening firewall , the communications process running on both the first computer and the second computer being based on a connection-less datagram protocol , the method comprising the steps of : configuring the firewall as a plurality of virtual hosts , each responsive to a network address used on one of the first and second computer networks ; mapping from a name of the second computer to a network address of one of the virtual hosts of the firewall ; issuing a request from the first computer to the second computer by specifying the name of the second computer ; routing the request within a first data packet (incoming traffic) to said one of the virtual hosts in accordance with said mapping ; performing rules checking on said first data packet to be sent from the first computer to the second computer , including checking a destination port number of the first data packet ; if the result of said rules checking is to allow said first packet to be sent , establishing a time-out limit associated with communications between the first computer and the second computer via said protocol , and sending said first packet from said one of the virtual hosts to the second computer on behalf of the first computer ; for so long as said time-out limit has not expired , performing rules checking on and sending subsequent packets , if allowable , between the first computer and the second computer ; and when said time-out limit expires , freeing said one of the virtual hosts for mapping to a different network address . US5898830A CLAIM 21 . A computer-readable medium containing computer instructions (first receiving) executable by a computer , the instructions comprising : instructions for configuring a first intermediate system connected to a first interface of a first computer network and a second interface on a second computer network as a plurality of virtual hosts , each responsive to a network address used on one of the first and second computer networks ; instructions for mapping from a name of a second computer on the second computer network to a network address of one of the virtual hosts of the first intermediate system , said one of the virtual hosts being associated with the first interface ; instructions for issuing a request for a connection from a first computer on the first computer network the second computer by specifying the name of the second computer ; instructions for receiving the request at the first interface and routing the request to said one of the virtual hosts in accordance with said mapping ; instructions for establishing a first bi-directional connection from the first computer to said one of the virtual hosts ; instructions for establishing a second bi-direcitonal connection from said one of the virtual host , to the second computer on behalf of the first computer ; and instructions for passing data between the first computer and the second computer using the first and second bi-directional connections . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (first firewall) based on the impersonation detected signal . |
US5898830A CLAIM 15 . A virtual private network allowing for confidential communications between a first computer network and a second computer network via a third computer network , comprising a first firewall (intrusion attack) intervening between the first computer network and the third computer network and a second firewall intervening between the second computer network and the third computer network , wherein each of the first firewall and the second firewall comprises : a physical computer connected to a first computer network through a first network interface and a second computer network through a second network interface , the physical computer being configured as at least a first virtual host , responsive to a network address used on the first computer network , and at least a second virtual host responsive to a network address used on the second computer network ; configuration information for each of said virtual hosts , specifying which connections each of said virtual hosts will allow ; and means for mapping from a name of a destination computer to one of said virtual hosts ; and connection processing means for , if a requested connection from a source computer to said destination computer is allowed according to a configuration file of said one of said virtual hosts , establishing such a connection on behalf of the source computer ; else , if the requested connection is not allowed , refusing the connection . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (first packet) . |
US5898830A CLAIM 19 . A method of providing communications between a communications process running on a first computer and a communications process running on a second remote computer along a route from the first computer to the second computer through an intervening firewall having a first interface to a first computer network and a second interface to a second computer network , without requiring a user to know of the intervening firewall , the communications process running on both the first computer and the second computer being based on a connection-less datagram protocol , the method comprising the steps of : configuring the firewall as a plurality of virtual hosts , each responsive to a network address used on one of the first and second computer networks ; mapping from a name of the second computer to a network address of one of the virtual hosts of the firewall ; issuing a request from the first computer to the second computer by specifying the name of the second computer ; routing the request within a first data packet to said one of the virtual hosts in accordance with said mapping ; performing rules checking on said first data packet to be sent from the first computer to the second computer , including checking a destination port number of the first data packet ; if the result of said rules checking is to allow said first packet (communication protocol) to be sent , establishing a time-out limit associated with communications between the first computer and the second computer via said protocol , and sending said first packet from said one of the virtual hosts to the second computer on behalf of the first computer ; for so long as said time-out limit has not expired , performing rules checking on and sending subsequent packets , if allowable , between the first computer and the second computer ; and when said time-out limit expires , freeing said one of the virtual hosts for mapping to a different network address . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (computer instructions) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5898830A CLAIM 19 . A method of providing communications between a communications process running on a first computer and a communications process running on a second remote computer along a route from the first computer to the second computer through an intervening firewall having a first interface to a first computer network and a second interface to a second computer network , without requiring a user to know of the intervening firewall , the communications process running on both the first computer and the second computer being based on a connection-less datagram protocol , the method comprising the steps of : configuring the firewall as a plurality of virtual hosts , each responsive to a network address used on one of the first and second computer networks ; mapping from a name of the second computer to a network address of one of the virtual hosts of the firewall ; issuing a request from the first computer to the second computer by specifying the name of the second computer ; routing the request within a first data packet (incoming traffic) to said one of the virtual hosts in accordance with said mapping ; performing rules checking on said first data packet to be sent from the first computer to the second computer , including checking a destination port number of the first data packet ; if the result of said rules checking is to allow said first packet to be sent , establishing a time-out limit associated with communications between the first computer and the second computer via said protocol , and sending said first packet from said one of the virtual hosts to the second computer on behalf of the first computer ; for so long as said time-out limit has not expired , performing rules checking on and sending subsequent packets , if allowable , between the first computer and the second computer ; and when said time-out limit expires , freeing said one of the virtual hosts for mapping to a different network address . US5898830A CLAIM 21 . A computer-readable medium containing computer instructions (first receiving) executable by a computer , the instructions comprising : instructions for configuring a first intermediate system connected to a first interface of a first computer network and a second interface on a second computer network as a plurality of virtual hosts , each responsive to a network address used on one of the first and second computer networks ; instructions for mapping from a name of a second computer on the second computer network to a network address of one of the virtual hosts of the first intermediate system , said one of the virtual hosts being associated with the first interface ; instructions for issuing a request for a connection from a first computer on the first computer network the second computer by specifying the name of the second computer ; instructions for receiving the request at the first interface and routing the request to said one of the virtual hosts in accordance with said mapping ; instructions for establishing a first bi-directional connection from the first computer to said one of the virtual hosts ; instructions for establishing a second bi-direcitonal connection from said one of the virtual host , to the second computer on behalf of the first computer ; and instructions for passing data between the first computer and the second computer using the first and second bi-directional connections . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (first firewall) based on the impersonation detected signal . |
US5898830A CLAIM 15 . A virtual private network allowing for confidential communications between a first computer network and a second computer network via a third computer network , comprising a first firewall (intrusion attack) intervening between the first computer network and the third computer network and a second firewall intervening between the second computer network and the third computer network , wherein each of the first firewall and the second firewall comprises : a physical computer connected to a first computer network through a first network interface and a second computer network through a second network interface , the physical computer being configured as at least a first virtual host , responsive to a network address used on the first computer network , and at least a second virtual host responsive to a network address used on the second computer network ; configuration information for each of said virtual hosts , specifying which connections each of said virtual hosts will allow ; and means for mapping from a name of a destination computer to one of said virtual hosts ; and connection processing means for , if a requested connection from a source computer to said destination computer is allowed according to a configuration file of said one of said virtual hosts , establishing such a connection on behalf of the source computer ; else , if the requested connection is not allowed , refusing the connection . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5892903A Filed: 1996-09-12 Issued: 1999-04-06 Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system (Original Assignee) Internet Security Systems Inc (Current Assignee) International Business Machines Corp Christopher W. Klaus |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (coupled thereto) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5892903A CLAIM 33 . The method of claim 32 , further comprising the step of : storing a service indicator to provide a reference that said port has a service coupled thereto (original data) which may be accessed from another computer . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (coupled thereto) frames . |
US5892903A CLAIM 33 . The method of claim 32 , further comprising the step of : storing a service indicator to provide a reference that said port has a service coupled thereto (original data) which may be accessed from another computer . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (coupled thereto) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5892903A CLAIM 33 . The method of claim 32 , further comprising the step of : storing a service indicator to provide a reference that said port has a service coupled thereto (original data) which may be accessed from another computer . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (coupled thereto) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5892903A CLAIM 33 . The method of claim 32 , further comprising the step of : storing a service indicator to provide a reference that said port has a service coupled thereto (original data) which may be accessed from another computer . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (predetermined value, source addresses) unit (predetermined value, source addresses) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5892903A CLAIM 20 . The system of claim 16 , wherein said communication message generator includes a source porting verifier for generating service command messages with a source port address having a predetermined value (second receiving unit, second receiving) ; and said response message evaluator evaluating response messages received from said ports on computers of said open network in response to said service command messages having said predetermined source port address values sent from said source porting verifier external to said open network to detect said router passing messages having said predetermined source port address values to ports coupled to services on said open network . US5892903A CLAIM 31 . The method of claim 27 , further comprising the steps of : generating source addresses (second receiving unit, second receiving) and destination addresses for said IP spoofing attack ; and attempting said IP spoofing attack against each said generated destination address by emulating communication from each of said source addresses . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (network communications) based on the impersonation detected signal . |
US5892903A CLAIM 1 . A system for detecting a security vulnerability in open network communications (intrusion attack) comprising : an internet protocol (IP) spoofing attack generator for generating an IP spoofing attack on a target computer coupled to an open network to determine whether said target computer is vulnerable to an IP spoofing attack which emulates communication from another computer on said open network ; a service command message generator for generating a service command to be executed by a service coupled to a port on said target computer ; and said IP spoofing attack generator transmitting said service command to said target computer to generate a response in said target computer that provides a compromise indication without altering system operational parameters of said target computer . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (Internet Protocol) . |
US5892903A CLAIM 27 . A method for detecting a security vulnerability in an open network comprised of the steps of : attempting an Internet Protocol (communication protocol) (IP) spoofing attack against a target computer and open network ; generating a service command message ; and sending said service command message to said target computer following said IP spoofing attack to determine whether said target computer has been compromised , said service command message generating an indicator of the success of the IP spoofing attack without altering the operational parameters of the target computer . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (predetermined value, source addresses) unit (predetermined value, source addresses) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5892903A CLAIM 20 . The system of claim 16 , wherein said communication message generator includes a source porting verifier for generating service command messages with a source port address having a predetermined value (second receiving unit, second receiving) ; and said response message evaluator evaluating response messages received from said ports on computers of said open network in response to said service command messages having said predetermined source port address values sent from said source porting verifier external to said open network to detect said router passing messages having said predetermined source port address values to ports coupled to services on said open network . US5892903A CLAIM 31 . The method of claim 27 , further comprising the steps of : generating source addresses (second receiving unit, second receiving) and destination addresses for said IP spoofing attack ; and attempting said IP spoofing attack against each said generated destination address by emulating communication from each of said source addresses . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (network communications) based on the impersonation detected signal . |
US5892903A CLAIM 1 . A system for detecting a security vulnerability in open network communications (intrusion attack) comprising : an internet protocol (IP) spoofing attack generator for generating an IP spoofing attack on a target computer coupled to an open network to determine whether said target computer is vulnerable to an IP spoofing attack which emulates communication from another computer on said open network ; a service command message generator for generating a service command to be executed by a service coupled to a port on said target computer ; and said IP spoofing attack generator transmitting said service command to said target computer to generate a response in said target computer that provides a compromise indication without altering system operational parameters of said target computer . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5854994A Filed: 1996-08-23 Issued: 1998-12-29 Vibration monitor and transmission system (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc Ronald G. Canada, James W. Pearce, James C. Robinson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (time period) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (receiving wireless signals, power consumption, data packet) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (time period) . |
US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (time period) comprises frames that allow statistical comparisons . |
US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (time period) transmitted over a time interval . |
US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (time period) . |
US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (receiving wireless signals, power consumption, data packet) frames received over all the wireless channels allocated to the wireless node . |
US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (time period) with the incoming data (receiving wireless signals, power consumption, data packet) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (time period) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (receiving wireless signals, power consumption, data packet) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (receiving wireless signals, power consumption, data packet) received on all transmission channels (frequency domain, clock signals) allocated to the wireless node ; a second receiving unit for detecting the incoming data (receiving wireless signals, power consumption, data packet) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5854994A CLAIM 2 . The system of claim 1 wherein at least one of said machine monitors further comprises a microcomputer for receiving and analyzing the sensor signals , producing frequency domain (transmission channels) data corresponding to the sensor signals , comparing the frequency domain data to predetermined criteria and determining an alarm condition based on the comparing of the frequency domain data to the predetermined criteria . US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 24 . The system of claim 1 further comprising : a clock in at least one machine monitor for producing clock signals (transmission channels) corresponding to time ; said data processor in at least one machine monitor being responsive to said clock signals for producing start-up signals at selected times in response in part to said clock signals , and for producing shut-down signals , said sensor and transmitter means of said at least one machine monitor being responsive to said start-up signals to power on , sense the machine characteristic , generate the sensor signals corresponding to the machine characteristic , and transmit the sensor signals at the selected times , and being responsive to said shut-down signals to power off at other times to reduce power consumption by said sensor and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (communication protocol, transferring data) . |
US5854994A CLAIM 17 . The system of claim 1 wherein said transmitter means further comprise spread spectrum transmitter means and said receiver means further comprise spread spectrum receiver means , each using a spread spectrum communication protocol (communication protocol) to avoid interference from other radio frequency emitters . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data (communication protocol) corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (time period) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (receiving wireless signals, power consumption, data packet) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (time period) ; an antenna for capturing the incoming traffic (receiving wireless signals, power consumption, data packet) carried on all transmission channels (frequency domain, clock signals) allocated to the wireless node ; a second receiving unit for detecting the incoming data (receiving wireless signals, power consumption, data packet) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5854994A CLAIM 2 . The system of claim 1 wherein at least one of said machine monitors further comprises a microcomputer for receiving and analyzing the sensor signals , producing frequency domain (transmission channels) data corresponding to the sensor signals , comparing the frequency domain data to predetermined criteria and determining an alarm condition based on the comparing of the frequency domain data to the predetermined criteria . US5854994A CLAIM 22 . The system of claim 1 further comprising a timer system for powering on said sensor , data processor , and transmitter means at the selected times , and powering off said sensor , data processor , and transmitter means at other times to reduce power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) by said sensor , data processor , and transmitter means . US5854994A CLAIM 24 . The system of claim 1 further comprising : a clock in at least one machine monitor for producing clock signals (transmission channels) corresponding to time ; said data processor in at least one machine monitor being responsive to said clock signals for producing start-up signals at selected times in response in part to said clock signals , and for producing shut-down signals , said sensor and transmitter means of said at least one machine monitor being responsive to said start-up signals to power on , sense the machine characteristic , generate the sensor signals corresponding to the machine characteristic , and transmit the sensor signals at the selected times , and being responsive to said shut-down signals to power off at other times to reduce power consumption by said sensor and transmitter means . US5854994A CLAIM 27 . The system of claim 1 wherein each of said machine monitors further comprises : a relatively small housing for being mounted on a machine ; attachment means for attaching the housing to said machine ; a battery of sufficiently small size to be disposed within said housing , and having sufficient capacity to power said sensor , data processor , and transmitter means for a time period (data frames) of about a year ; and mounting means for mounting each element of the machine monitor within said housing . US5854994A CLAIM 36 . A monitoring system for monitoring a machine , comprising : a monitor including the following elements : at least one sensor for sensing a physical characteristic of said machine at a machine measuring point and generating at least one analog sensor signal corresponding to the physical characteristic that was sensed ; an analog to digital converter for producing digital sensor signals corresponding to said analog sensor signals ; a monitor computer for receiving the digital sensor signals , analyzing the digital sensor signals and producing analyzed sensor signals , storing and producing data corresponding to the analyzed sensor signals , and producing messages ; monitor wireless transmitter means responsive to the messages for producing monitor wireless transmission signals corresponding to the analyzed sensor signals ; monitor receiver means for receiving wireless signals (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing received signals for being transferred to said monitor computer ; a power supply ; and a housing for mounting on the machine and housing at least some of the monitor elements ; and a command station including the following elements : command station receiver means for receiving and transferring said monitor wireless transmission signals and transferring data corresponding to the received signals to a command station computer ; a command station computer for receiving and storing data corresponding to the received signals producing data , and producing commands ; and command station transmitter means for transmitting command wireless transmission signals corresponding to data and commands received from said command station computer . US5854994A CLAIM 42 . The system of claim 41 further comprising : said command station computer being operable to generate identification codes as part of a data packet (incoming data, incoming traffic, intrusion detection module incoming data frames) and producing data packet signals for transfer to said command station transmitter means ; said command station transmitter means being operable to transmit data packet wireless signals corresponding to the data packet ; said monitor receiver means being operable to receive the data packet wireless signals and transfer data packets to said monitor computers ; each of said monitor computers , having a unique internal identification code , for comparing and determining whether the data packet identification code is the same as the internal identification code , responding in a first manner when said internal code and packet code are the same , and responding in a second manner when said internal code and packet code are not the same . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5726911A Filed: 1996-08-22 Issued: 1998-03-10 Electric motor monitor (Original Assignee) CSI Technology Inc (Current Assignee) Computational Systems Inc Ronald G. Canada, Eugene F. Pardue, James C. Robinson |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (predetermined time period) . |
US5726911A CLAIM 17 . A monitor according to claim 1 , wherein said means for storing data comprises means for cyclically storing data generated during a predetermined time period (time interval) of recency . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels (temperature ranges) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5726911A CLAIM 14 . A monitor according to claim 13 , wherein said signal processor further comprises means for producing operating parameters corresponding to motor run time in each of a plurality of motor frame temperature ranges (transmission channels) based on said motor frame temperature signal . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels (temperature ranges) allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5726911A CLAIM 14 . A monitor according to claim 13 , wherein said signal processor further comprises means for producing operating parameters corresponding to motor run time in each of a plurality of motor frame temperature ranges (transmission channels) based on said motor frame temperature signal . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5870610A Filed: 1996-06-28 Issued: 1999-02-09 Autoconfigurable method and system having automated downloading (Original Assignee) Siemens Business Communication Systems Inc (Current Assignee) Enterprise Systems Technologies SARL William J. Beyda |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node (transmission lines) of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node (transmission lines) and the intrusion detection module . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node (transmission lines) and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node (transmission lines) of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node (transmission lines) ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US5870610A CLAIM 7 . The method of claim 6 further comprising a step of autoconfiguring system resources following said step of downloading said driver software , said autoconfiguring being based upon resource requirements of said devices (intrusion attack) supported by said system . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node (transmission lines) : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node (transmission lines) . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 17 . A wireless node (transmission lines) for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 18 . The wireless node (transmission lines) of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5870610A CLAIM 1 . A method of upgrading a system for supporting a plurality of devices comprising steps of : locating a first device that is to be supported by said system ; as an automated response to locating said first device , determining location information relating to a remote site at which driver software specific to said first device is stored , said remote site being unsupported by said system ; as an automated response to determining said location information , accessing said remote site via transmission lines (wireless node) ; and downloading said driver software to said system from said remote site . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack (said devices) based on the impersonation detected signal . |
US5870610A CLAIM 7 . The method of claim 6 further comprising a step of autoconfiguring system resources following said step of downloading said driver software , said autoconfiguring being based upon resource requirements of said devices (intrusion attack) supported by said system . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US6009363A Filed: 1996-06-24 Issued: 1999-12-28 Vehicle computer system with high speed data buffer and serial interconnect (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Richard D. Beckert, Mark M. Moeller, Ron Randall, William Wong |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (master clock) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (processing units) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US6009363A CLAIM 23 . In a vehicle computer system to be mounted in a vehicle , the vehicle computer system supporting at least one peripheral device having a fixed clock frequency , a master clock (incoming traffic) generating unit comprising : an oscillator to provide a fundamental clock frequency ; and clock frequency adjustment circuitry coupled to the oscillator to produce one or more master clock frequencies based upon the fundamental clock frequency , the clock frequency adjustment circuitry being adjustable to synchronize to the fixed clock frequency of the peripheral component . US6009363A CLAIM 27 . A vehicle computer system as recited in claim 26 , wherein each of the first and second processing units (data processing unit) has its own internal multi-bit bus . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (master clock) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (processing units) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US6009363A CLAIM 23 . In a vehicle computer system to be mounted in a vehicle , the vehicle computer system supporting at least one peripheral device having a fixed clock frequency , a master clock (incoming traffic) generating unit comprising : an oscillator to provide a fundamental clock frequency ; and clock frequency adjustment circuitry coupled to the oscillator to produce one or more master clock frequencies based upon the fundamental clock frequency , the clock frequency adjustment circuitry being adjustable to synchronize to the fixed clock frequency of the peripheral component . US6009363A CLAIM 27 . A vehicle computer system as recited in claim 26 , wherein each of the first and second processing units (data processing unit) has its own internal multi-bit bus . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | WO9631077A1 Filed: 1996-03-07 Issued: 1996-10-03 Method and arrangement in a radio communication system (Original Assignee) Telefonaktiebolaget Lm Ericsson (Publ) Dalibor Turina, Lars BILLSTRÖM |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (time slots) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (time slots) frames received over all the wireless channels allocated to the wireless node . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (time slots) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (time slots) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (time slots) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (time slots) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (time slots) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (time slots) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (time slots) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
WO9631077A1 CLAIM 1 . Process for a radio communication system which is arranged for packet data transmission via at least one time-divided channel (Chl) between a base station (BS) and mobile stations (MSI - MS3) , according to a message-synchronized ALOHA protocol with reservation , the mobile stations (MSI - MS3) being arranged to send access requests to the base station (BS) , which is arranged to receive and comply with access requests from at least a first mobile station (MSI) by sending thereto a channel reservation message (2) comprising a channel reservation (3) , whereby time slots (incoming data, incoming traffic, incoming data frames) are reserved for packet data transmission between the first mobile station (MSI) and the base station (BS) , and to receive access requests from a first group of mobile stations (MS2 , MS3) for which channel reservation momentarily cannot be carried out , characterized in that the reception of access requests from the first group of mobile stations (MS2 , MS3) is confirmed in the form of an access confirmation (4 , 5) from the base station (BS) to each of the mobile stations (MS2 , MS3) included in the first group ; - these access confirmations (4 , 5) are included in the channel reservation message (2) with the channel reservation (3) to the first mobile station (MSI) ; the first group in the radio communication system associated with the access confirmations are arranged in a queue , a queue position being allocated to each of the mobile stations in this group ; and - channel reservation is carried out for the mobile stations according to their queue positions . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5793476A Filed: 1995-12-04 Issued: 1998-08-11 Laser transponder and method for disabling laser speed monitors (Original Assignee) Lidatek LLC (Current Assignee) CHL REVOCABLE TRUST Peter Laakmann, Yong Fang Zhang |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (predetermined time period, selected time period) . |
US5793476A CLAIM 1 . A laser transponder for detecting the use of a laser-based speed monitor , the speed monitor being of a type that transmits a monitor laser beam at a moving object , receives a reflected laser beam from the moving object , and determines the speed of the moving object based on the time elapsed between transmitting the monitor laser beam and receiving the reflected laser beam , the laser transponder comprising : a laser detector positioned on the moving object to detect the monitor laser beam transmitted by the speed monitor and transmit a detection signal in response to detecting the monitor laser beam ; a warning device coupled to the laser detector , the warning device providing a warning to a user in response to receipt of the detection signal from the laser detector , the warning indicating that the speed monitor has been detected by the laser detector ; a timer coupled to the laser detector , wherein in response to receiving the detection signal from the laser detector , the timer transmits a laser-connect signal for a predetermined time period (time interval) sufficient to enable the user to decrease the speed of the moving object ; and a laser transmitter coupled to the timer , the laser transmitter being configured to transmit a jamming laser beam to the speed monitor in response to receiving the laser-connect signal from the laser detector , the jamming laser beam including a plurality of pulses separated from each other by a time period that is less than an amount of time needed for the monitor laser beam to travel from the speed monitor to the moving object and back to the speed monitor . US5793476A CLAIM 5 . The laser transponder of claim 1 , further including : a power supply coupled to the laser transmitter , the power supply providing power to the laser transmitter ; and a fault detector coupled between the power supply and the laser switch , the fault detector detecting when the laser transmitter is transmitting the jamming laser beam for a longer than a preselected time period (time interval) and disconnecting the power supply from the laser transmitter . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (transmitting step) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (carrier frequency) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5793476A CLAIM 2 . The laser transponder of claim 1 wherein the monitor laser beam transmitted by the speed monitor has an input carrier frequency (second receiving) and the laser transmitter includes : a laser designed to transmit the jamming laser beam at an output carrier frequency equal to the input carrier frequency ; and a pulse generator coupled to the laser , the pulse generator activating the laser in a manner that causes the laser to transmit the plurality of pulses in the jamming laser beam . US5793476A CLAIM 19 . The method of claim 16 wherein the transmitting step (first receiving) includes transmitting the jamming laser beam for a predetermined time period sufficient to enable the user to decrease the speed of the moving object and the method further includes stopping the transmission of the jamming laser beam after the predetermined time period has elapsed . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (transmitting step) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (carrier frequency) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5793476A CLAIM 2 . The laser transponder of claim 1 wherein the monitor laser beam transmitted by the speed monitor has an input carrier frequency (second receiving) and the laser transmitter includes : a laser designed to transmit the jamming laser beam at an output carrier frequency equal to the input carrier frequency ; and a pulse generator coupled to the laser , the pulse generator activating the laser in a manner that causes the laser to transmit the plurality of pulses in the jamming laser beam . US5793476A CLAIM 19 . The method of claim 16 wherein the transmitting step (first receiving) includes transmitting the jamming laser beam for a predetermined time period sufficient to enable the user to decrease the speed of the moving object and the method further includes stopping the transmission of the jamming laser beam after the predetermined time period has elapsed . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5794164A Filed: 1995-11-29 Issued: 1998-08-11 Vehicle computer system (Original Assignee) Microsoft Corp (Current Assignee) Microsoft Technology Licensing LLC Richard D. Beckert, Mark M. Moeller, William Wong |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5794164A CLAIM 28 . A vehicle computer system as recited in claim 15 wherein the faceplate module is physically detachable from the housing , the faceplate module being disconnected from the first interfacing slot when the faceplate module is physically detached form the housing , the faceplate module having a communications transceiver and being operable as a portable wireless communication (wireless communication) s device . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5794164A CLAIM 28 . A vehicle computer system as recited in claim 15 wherein the faceplate module is physically detachable from the housing , the faceplate module being disconnected from the first interfacing slot when the faceplate module is physically detached form the housing , the faceplate module having a communications transceiver and being operable as a portable wireless communication (wireless communication) s device . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (processing units) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5794164A CLAIM 10 . A vehicle computer system comprising : a housing of a size suitable to be mounted in a vehicle dashboard , the housing having first and second support structures that can be physically connected to , or separated from , one another ; a first processing unit mounted to the first support structure of the housing to provide first processing and control capabilities ; a second processing unit mounted to the second support structure of the housing to provide second processing and control capabilities ; a busing subsystem to electrically interconnect the first and second processing units (data processing unit) when the first and second support structures are physically connected to one another ; and the first processing unit , the second processing unit , and the busing subsystem being arranged within the housing so that the vehicle computer system conforms to a form factor for mounting in the vehicle dashboard . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving device) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5794164A CLAIM 26 . A vehicle computer system as recited in claim 15 wherein the faceplate module is physically detachable from the housing , the faceplate module being disconnected from the first interfacing slot when the faceplate module is physically detached form the housing , the faceplate module having an RF receiver and being operable as a portable RF receiving device (transmitting unit, transmitting outgoing data frames) to receive RF signals when the faceplate module is detached from the housing . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (receiving device) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5794164A CLAIM 26 . A vehicle computer system as recited in claim 15 wherein the faceplate module is physically detachable from the housing , the faceplate module being disconnected from the first interfacing slot when the faceplate module is physically detached form the housing , the faceplate module having an RF receiver and being operable as a portable RF receiving device (transmitting unit, transmitting outgoing data frames) to receive RF signals when the faceplate module is detached from the housing . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (processing units) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5794164A CLAIM 10 . A vehicle computer system comprising : a housing of a size suitable to be mounted in a vehicle dashboard , the housing having first and second support structures that can be physically connected to , or separated from , one another ; a first processing unit mounted to the first support structure of the housing to provide first processing and control capabilities ; a second processing unit mounted to the second support structure of the housing to provide second processing and control capabilities ; a busing subsystem to electrically interconnect the first and second processing units (data processing unit) when the first and second support structures are physically connected to one another ; and the first processing unit , the second processing unit , and the busing subsystem being arranged within the housing so that the vehicle computer system conforms to a form factor for mounting in the vehicle dashboard . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US20010040885A1 Filed: 1995-10-13 Issued: 2001-11-15 Method and apparatus for transmitting and routing voice telephone calls over a packet switched computer network (Original Assignee) International Discount Telecommunications Corp; Net2phone Inc (Current Assignee) International Discount Telecommunications Corp ; Net2phone Inc Howard Jonas, Eric Raab, Harold J. Goldberg |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (packet format) . |
US20010040885A1 CLAIM 7 . A method for establishing and transmitting a voice conversation between an audio ready computer coupled to a packet switched computer network and a telephone set coupled to a circuit switched telephone network , said method utilizing a phone switch coupled to said circuit switched telephone network and said packet switched computer network , said method comprising the steps of : (a) transmitting a call connection request packet containing a telephone number identifying the telephone set from said audio ready computer to said phone switch ; (b) establishing a voice connection between said phone switch and said telephone set through said circuit switched telephone network ; (c) transmitting , in a digital packet protocol format , voice input received by said audio ready computer during said voice conversation to said phone switch via said packet switched computer network ; (d) transmitting , in a telephone voice and control information protocol format , voice input received by said telephone set during said voice conversation to said phone switch via said circuit switched telephone network ; (e) converting the digital packet format (time interval, data processing unit) ted voice input received at said phone switch to a telephone voice and control information protocol ; (f) transmitting said converted information from step (e) to said telephone set via said circuit switched telephone network ; (g) converting the telephone voice and control information formatted voice input received at said phone switch to a digital packet protocol ; (h) transmitting said converted information from step (g) to said audio ready computer via said packet switched computer network ; and (i) reconstructing the digital packet in formation received by said audio ready computer into an analog signal , whereby said phone switch is used to bridge the voice conversation between the circuit switched telephone network protocol and the packet switched computer network protocol . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (data packet) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (packet format) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US20010040885A1 CLAIM 1 . A system for routing and transmitting voice conversations , said system comprising : a circuit switched telephone network supporting at least one voice protocol for routing and transmitting voice conversations ; a plurality of telephone sets coupled to said circuit switched telephone network , each of said plurality of telephone sets having a unique telephone number for access through said circuit switched telephone network ; a packet switched computer network supporting a digital data packet (incoming traffic) protocol ; an audio ready computer coupled to said packet switched computer network , said audio ready computer for converting analog voice signals into said digital data packet protocol and for converting digital data received from said packet switched computer network into analog signals , said audio ready computer generating and forwarding upon user command , via said packet switched computer network , a packetized call connection request comprising a called telephone number ; and at least one phone switch having a network address on said packet switched network and coupled to said circuit switched telephone network , said phone switch for establishing a voice connection to a telephone set identified through its unique telephone number through said circuit switched telephone network and for converting voice information and control information between said digital data packet protocol and said at least one voice protocol , whereby the audio ready computer establishes a voice connection by forwarding a call request containing a unique telephone number to the phone switch which establishes a voice connection to the called telephone set and converts the protocols between the circuit switched telephone network and the packet switched computer network . US20010040885A1 CLAIM 7 . A method for establishing and transmitting a voice conversation between an audio ready computer coupled to a packet switched computer network and a telephone set coupled to a circuit switched telephone network , said method utilizing a phone switch coupled to said circuit switched telephone network and said packet switched computer network , said method comprising the steps of : (a) transmitting a call connection request packet containing a telephone number identifying the telephone set from said audio ready computer to said phone switch ; (b) establishing a voice connection between said phone switch and said telephone set through said circuit switched telephone network ; (c) transmitting , in a digital packet protocol format , voice input received by said audio ready computer during said voice conversation to said phone switch via said packet switched computer network ; (d) transmitting , in a telephone voice and control information protocol format , voice input received by said telephone set during said voice conversation to said phone switch via said circuit switched telephone network ; (e) converting the digital packet format (time interval, data processing unit) ted voice input received at said phone switch to a telephone voice and control information protocol ; (f) transmitting said converted information from step (e) to said telephone set via said circuit switched telephone network ; (g) converting the telephone voice and control information formatted voice input received at said phone switch to a digital packet protocol ; (h) transmitting said converted information from step (g) to said audio ready computer via said packet switched computer network ; and (i) reconstructing the digital packet in formation received by said audio ready computer into an analog signal , whereby said phone switch is used to bridge the voice conversation between the circuit switched telephone network protocol and the packet switched computer network protocol . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (data packet) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (packet format) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US20010040885A1 CLAIM 1 . A system for routing and transmitting voice conversations , said system comprising : a circuit switched telephone network supporting at least one voice protocol for routing and transmitting voice conversations ; a plurality of telephone sets coupled to said circuit switched telephone network , each of said plurality of telephone sets having a unique telephone number for access through said circuit switched telephone network ; a packet switched computer network supporting a digital data packet (incoming traffic) protocol ; an audio ready computer coupled to said packet switched computer network , said audio ready computer for converting analog voice signals into said digital data packet protocol and for converting digital data received from said packet switched computer network into analog signals , said audio ready computer generating and forwarding upon user command , via said packet switched computer network , a packetized call connection request comprising a called telephone number ; and at least one phone switch having a network address on said packet switched network and coupled to said circuit switched telephone network , said phone switch for establishing a voice connection to a telephone set identified through its unique telephone number through said circuit switched telephone network and for converting voice information and control information between said digital data packet protocol and said at least one voice protocol , whereby the audio ready computer establishes a voice connection by forwarding a call request containing a unique telephone number to the phone switch which establishes a voice connection to the called telephone set and converts the protocols between the circuit switched telephone network and the packet switched computer network . US20010040885A1 CLAIM 7 . A method for establishing and transmitting a voice conversation between an audio ready computer coupled to a packet switched computer network and a telephone set coupled to a circuit switched telephone network , said method utilizing a phone switch coupled to said circuit switched telephone network and said packet switched computer network , said method comprising the steps of : (a) transmitting a call connection request packet containing a telephone number identifying the telephone set from said audio ready computer to said phone switch ; (b) establishing a voice connection between said phone switch and said telephone set through said circuit switched telephone network ; (c) transmitting , in a digital packet protocol format , voice input received by said audio ready computer during said voice conversation to said phone switch via said packet switched computer network ; (d) transmitting , in a telephone voice and control information protocol format , voice input received by said telephone set during said voice conversation to said phone switch via said circuit switched telephone network ; (e) converting the digital packet format (time interval, data processing unit) ted voice input received at said phone switch to a telephone voice and control information protocol ; (f) transmitting said converted information from step (e) to said telephone set via said circuit switched telephone network ; (g) converting the telephone voice and control information formatted voice input received at said phone switch to a digital packet protocol ; (h) transmitting said converted information from step (g) to said audio ready computer via said packet switched computer network ; and (i) reconstructing the digital packet in formation received by said audio ready computer into an analog signal , whereby said phone switch is used to bridge the voice conversation between the circuit switched telephone network protocol and the packet switched computer network protocol . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5659195A Filed: 1995-06-08 Issued: 1997-08-19 CMOS integrated microsensor with a precision measurement circuit (Original Assignee) University of California (Current Assignee) University of California William J. Kaiser, Kristofer S. J. Pister, Oscar M. Stafsudd, Phyllis R. Nelson, Amit Burstein |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (first semiconductor) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5659195A CLAIM 1 . A CMOS integrated microsensor comprising : a first semiconductor (original data, data processing unit) substrate having surface machined therein an etch pit ; a CMOS circuit fabricated within said first substrate ; and a semiconductor , wafer-bonded second substrate disposed on said first substrate over said etch pit , said wafer bonded second substrate being bulk micromachined from said first substrate to define bulk-micromachined structures therein , including at least a portion of a sensor element within said second substrate disposed opposite said etch pit in said first semiconductor substrate , said CMOS circuit being fabricated within said first substrate separately from said bulk-micromachined structures in said second substrate , said second substrate being bonded to said first substrate at temperatures below that which would affect said CMOS circuit fabricated in said first substrate , whereby said microsensor is fabricated with said CMOS circuit and combined with microelectromechanical structures as fabricated by bulk machined processes . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (first semiconductor) frames . |
US5659195A CLAIM 1 . A CMOS integrated microsensor comprising : a first semiconductor (original data, data processing unit) substrate having surface machined therein an etch pit ; a CMOS circuit fabricated within said first substrate ; and a semiconductor , wafer-bonded second substrate disposed on said first substrate over said etch pit , said wafer bonded second substrate being bulk micromachined from said first substrate to define bulk-micromachined structures therein , including at least a portion of a sensor element within said second substrate disposed opposite said etch pit in said first semiconductor substrate , said CMOS circuit being fabricated within said first substrate separately from said bulk-micromachined structures in said second substrate , said second substrate being bonded to said first substrate at temperatures below that which would affect said CMOS circuit fabricated in said first substrate , whereby said microsensor is fabricated with said CMOS circuit and combined with microelectromechanical structures as fabricated by bulk machined processes . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (first semiconductor) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5659195A CLAIM 1 . A CMOS integrated microsensor comprising : a first semiconductor (original data, data processing unit) substrate having surface machined therein an etch pit ; a CMOS circuit fabricated within said first substrate ; and a semiconductor , wafer-bonded second substrate disposed on said first substrate over said etch pit , said wafer bonded second substrate being bulk micromachined from said first substrate to define bulk-micromachined structures therein , including at least a portion of a sensor element within said second substrate disposed opposite said etch pit in said first semiconductor substrate , said CMOS circuit being fabricated within said first substrate separately from said bulk-micromachined structures in said second substrate , said second substrate being bonded to said first substrate at temperatures below that which would affect said CMOS circuit fabricated in said first substrate , whereby said microsensor is fabricated with said CMOS circuit and combined with microelectromechanical structures as fabricated by bulk machined processes . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (first semiconductor) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (top layer) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5659195A CLAIM 1 . A CMOS integrated microsensor comprising : a first semiconductor (original data, data processing unit) substrate having surface machined therein an etch pit ; a CMOS circuit fabricated within said first substrate ; and a semiconductor , wafer-bonded second substrate disposed on said first substrate over said etch pit , said wafer bonded second substrate being bulk micromachined from said first substrate to define bulk-micromachined structures therein , including at least a portion of a sensor element within said second substrate disposed opposite said etch pit in said first semiconductor substrate , said CMOS circuit being fabricated within said first substrate separately from said bulk-micromachined structures in said second substrate , said second substrate being bonded to said first substrate at temperatures below that which would affect said CMOS circuit fabricated in said first substrate , whereby said microsensor is fabricated with said CMOS circuit and combined with microelectromechanical structures as fabricated by bulk machined processes . US5659195A CLAIM 10 . The microsensor of claim 5 wherein said thin film comprises a thin layer disposed on an epitaxial semiconductor etch stop layer (air interface) . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (first semiconductor) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5659195A CLAIM 1 . A CMOS integrated microsensor comprising : a first semiconductor (original data, data processing unit) substrate having surface machined therein an etch pit ; a CMOS circuit fabricated within said first substrate ; and a semiconductor , wafer-bonded second substrate disposed on said first substrate over said etch pit , said wafer bonded second substrate being bulk micromachined from said first substrate to define bulk-micromachined structures therein , including at least a portion of a sensor element within said second substrate disposed opposite said etch pit in said first semiconductor substrate , said CMOS circuit being fabricated within said first substrate separately from said bulk-micromachined structures in said second substrate , said second substrate being bonded to said first substrate at temperatures below that which would affect said CMOS circuit fabricated in said first substrate , whereby said microsensor is fabricated with said CMOS circuit and combined with microelectromechanical structures as fabricated by bulk machined processes . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (top layer) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5659195A CLAIM 10 . The microsensor of claim 5 wherein said thin film comprises a thin layer disposed on an epitaxial semiconductor etch stop layer (air interface) . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (first semiconductor) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5659195A CLAIM 1 . A CMOS integrated microsensor comprising : a first semiconductor (original data, data processing unit) substrate having surface machined therein an etch pit ; a CMOS circuit fabricated within said first substrate ; and a semiconductor , wafer-bonded second substrate disposed on said first substrate over said etch pit , said wafer bonded second substrate being bulk micromachined from said first substrate to define bulk-micromachined structures therein , including at least a portion of a sensor element within said second substrate disposed opposite said etch pit in said first semiconductor substrate , said CMOS circuit being fabricated within said first substrate separately from said bulk-micromachined structures in said second substrate , said second substrate being bonded to said first substrate at temperatures below that which would affect said CMOS circuit fabricated in said first substrate , whereby said microsensor is fabricated with said CMOS circuit and combined with microelectromechanical structures as fabricated by bulk machined processes . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JPH08186569A Filed: 1994-12-27 Issued: 1996-07-16 Address management device and address management method (Original Assignee) Toshiba Corp; 株式会社東芝 Junko Ami, Toshio Okamoto, 利夫 岡本, 淳子 網 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node (ノード間) of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (記憶手段と) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (apparatus, detecting) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JPH08186569A CLAIM 1 【請求項1】ネットワークに接続された各ノードからの 該ノードに固有のデータリンク層アドレスに基づくアド レス割り当て要求に応答して該ノードがパケット通信に 用いるネットワーク層アドレスを割り当てるアドレス管 理装置において、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にして記憶するアドレスリ スト記憶手段と (original data frames) 、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信する受信手段と、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出する 抽出手段と、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリスト手段に記憶され た組の中に存在するか否かを判定する判定手段とを備え たことを特徴とするアドレス管理装置。 1 . An address management device which allocates a network layer address used by the node for packet communication in response to an address allocation request based on a data link layer address unique to the node from each node connected to the network , Address list storage means for storing the assigned network layer address and the corresponding data link layer address as a set , receiving means for receiving a packet transmitted on the network regardless of its destination , and receiving packet Extracting means for extracting at least one of a set of a network layer address and a data link layer address of a source node or a set of a network layer address and a data link layer address of a destination node of the packet , and the extracted network layer address and data An address management device comprising : a determination unit that determines whether or not a set of link layer addresses exists in the set stored in the address list unit . JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node (ノード間) and the intrusion detection module . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting a packet transmitted on the network , wherein the address management apparatus registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (記憶手段と) . |
JPH08186569A CLAIM 1 【請求項1】ネットワークに接続された各ノードからの 該ノードに固有のデータリンク層アドレスに基づくアド レス割り当て要求に応答して該ノードがパケット通信に 用いるネットワーク層アドレスを割り当てるアドレス管 理装置において、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にして記憶するアドレスリ スト記憶手段と (original data frames) 、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信する受信手段と、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出する 抽出手段と、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリスト手段に記憶され た組の中に存在するか否かを判定する判定手段とを備え たことを特徴とするアドレス管理装置。 1 . An address management device which allocates a network layer address used by the node for packet communication in response to an address allocation request based on a data link layer address unique to the node from each node connected to the network , Address list storage means for storing the assigned network layer address and the corresponding data link layer address as a set , receiving means for receiving a packet transmitted on the network regardless of its destination , and receiving packet Extracting means for extracting at least one of a set of a network layer address and a data link layer address of a source node or a set of a network layer address and a data link layer address of a destination node of the packet , and the extracted network layer address and data An address management device comprising : a determination unit that determines whether or not a set of link layer addresses exists in the set stored in the address list unit . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node (ノード間) and extracting the incoming data frames received over all the wireless channels allocated to the wireless node . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting a packet transmitted on the network , wherein the address management apparatus registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (記憶手段と) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JPH08186569A CLAIM 1 【請求項1】ネットワークに接続された各ノードからの 該ノードに固有のデータリンク層アドレスに基づくアド レス割り当て要求に応答して該ノードがパケット通信に 用いるネットワーク層アドレスを割り当てるアドレス管 理装置において、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にして記憶するアドレスリ スト記憶手段と (original data frames) 、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信する受信手段と、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出する 抽出手段と、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリスト手段に記憶され た組の中に存在するか否かを判定する判定手段とを備え たことを特徴とするアドレス管理装置。 1 . An address management device which allocates a network layer address used by the node for packet communication in response to an address allocation request based on a data link layer address unique to the node from each node connected to the network , Address list storage means for storing the assigned network layer address and the corresponding data link layer address as a set , receiving means for receiving a packet transmitted on the network regardless of its destination , and receiving packet Extracting means for extracting at least one of a set of a network layer address and a data link layer address of a source node or a set of a network layer address and a data link layer address of a destination node of the packet , and the extracted network layer address and data An address management device comprising : a determination unit that determines whether or not a set of link layer addresses exists in the set stored in the address list unit . |
US7409715B2 CLAIM 10 . An impersonation detection system (apparatus, detecting) for a wireless node (ノード間) of a wireless communication network , the node for transmitting original data frames (記憶手段と) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JPH08186569A CLAIM 1 【請求項1】ネットワークに接続された各ノードからの 該ノードに固有のデータリンク層アドレスに基づくアド レス割り当て要求に応答して該ノードがパケット通信に 用いるネットワーク層アドレスを割り当てるアドレス管 理装置において、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にして記憶するアドレスリ スト記憶手段と (original data frames) 、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信する受信手段と、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出する 抽出手段と、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリスト手段に記憶され た組の中に存在するか否かを判定する判定手段とを備え たことを特徴とするアドレス管理装置。 1 . An address management device which allocates a network layer address used by the node for packet communication in response to an address allocation request based on a data link layer address unique to the node from each node connected to the network , Address list storage means for storing the assigned network layer address and the corresponding data link layer address as a set , receiving means for receiving a packet transmitted on the network regardless of its destination , and receiving packet Extracting means for extracting at least one of a set of a network layer address and a data link layer address of a source node or a set of a network layer address and a data link layer address of a destination node of the packet , and the extracted network layer address and data An address management device comprising : a determination unit that determines whether or not a set of link layer addresses exists in the set stored in the address list unit . JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 11 . The impersonation detection system (apparatus, detecting) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node (ノード間) ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus, detecting) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 12 . The impersonation detection system (apparatus, detecting) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 13 . The impersonation detection system (apparatus, detecting) of claim 12 wherein the secure link operates according to a communication protocol . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 14 . The impersonation detection system (apparatus, detecting) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node (ノード間) : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JPH08186569A CLAIM 1 【請求項1】ネットワークに接続された各ノードからの 該ノードに固有のデータリンク層アドレスに基づくアド レス割り当て要求に応答して該ノードがパケット通信に 用いるネットワーク層アドレスを割り当てるアドレス管 理装置において、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にして記憶するアドレスリ スト記憶手段と、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信する受信手段と、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出する 抽出手段と、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリスト手段に記憶され た組の中に存在するか否かを判定する判定手段とを備え たことを特徴とするアドレス管理装置。 1 . An address management device which allocates a network layer address used by the node for packet communication in response to an address allocation request based on a data link layer address unique to the node from each node connected to the network , Address list storage means for storing the assigned network layer address and the corresponding data link layer address as a set , receiving means (transmitting unit) for receiving a packet transmitted on the network regardless of its destination , and receiving packet Extracting means for extracting at least one of a set of a network layer address and a data link layer address of a source node or a set of a network layer address and a data link layer address of a destination node of the packet , and the extracted network layer address and data An address management device comprising : a determination unit that determines whether or not a set of link layer addresses exists in the set stored in the address list unit . JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 15 . The impersonation detection system (apparatus, detecting) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node (ノード間) . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 16 . The impersonation detection system (apparatus, detecting) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 17 . A wireless node (ノード間) for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting a packet transmitted on the network , wherein the address management apparatus registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 18 . The wireless node (ノード間) of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus, detecting) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間 (wireless node) で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 19 . The an impersonation detection system (apparatus, detecting) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 CLAIM 20 . The impersonation detection system (apparatus, detecting) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
JPH08186569A CLAIM 4 【請求項4】ネットワークに接続された各ノード間で、 アドレス管理装置により該ノード固有のデータリンク層 アドレスに対して割り当てられたネットワーク層アドレ スを用いて行うパケット通信を監視して、アドレス管理 装置により割り当てられたものではないネットワーク層 アドレスを用いる不正なノードを検出するアドレス管理 方法であって、 前記アドレス管理装置は、 既に割り当られたネットワーク層アドレスと、対応する データリンク層アドレスを組にしてアドレスリストに登 録し、 ネットワーク上を伝送されるパケットをその宛先にかか わらず受信し、 受信したパケットから、該パケットの発信元ノードのネ ットワーク層アドレスおよびデータリンク層アドレスの 組または宛先ノードのネットワーク層アドレスおよびデ ータリンク層アドレスの組の少なくとも一方を抽出し、 抽出されたネットワーク層アドレスおよびデータリンク 層アドレスの組が、前記アドレスリストに登録された組 の中に存在するか否かを判定することを特徴とするアド レス管理方法。 4 . Between each node connected to the network , An unauthorized node that monitors a packet communication performed using a network layer address assigned to a data link layer address unique to the node by the address management device and uses a network layer address not assigned by the address management device An address management method for detecting (impersonation detection system, data processing unit, intrusion detection module incoming data frames) a packet transmitted on the network , wherein the address management apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) registers a packet transmitted on the network by pairing the already assigned network layer address and the corresponding data link layer address in the address list . Regardless of its destination , it extracts from the received packet at least one of the set of the network layer address and the data link layer address of the source node of the packet or the set of the network layer address and the data link layer address of the destination node of the packet . , Extract Address management method network layer address and data link layer addresses set which is characterized by determining whether present in the set registered in the address list . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5745759A Filed: 1994-10-14 Issued: 1998-04-28 Window kernel (Original Assignee) QNX Software Systems Ltd (Current Assignee) 2236008 Ontario Inc ; 8758271 Canada Inc Patrick M. Hayden, Robin A. Burgener |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (device signal) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (second planar, first area) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5745759A CLAIM 1 . A system for managing an interaction of a plurality of programs , comprising : means for storing a plurality of sets of characteristics , a set of characteristics for each program to be managed , each set of characteristics including an input signal type characteristic and a signal modification characteristic , said input signal type characteristic indicative of input signal types to which a corresponding program is responsive , said signal modification characteristic indicative of input signal types that can be modified by said program ; means , responsive to an input signal received from a first program of said plurality of programs , said input signal having a set properties , for interrogating each set of characteristics in a predetermined sequence , determining whether each program corresponding to each set of characteristics is responsive to said input signal , determining whether said set of properties are to be modified by each program that is responsive to said input signal , modifying said set of properties responsive to said determining whether said set of properties are to be modified , and communicating one or more output signals , each output signal being each program determined to be responsive to said input signal , said output signal corresponding to said input signal ; and means defining an event space , said event space having at least three dimensions and representing an operating environment of said plurality of programs , said event space having a root plane at a first end of said event space , and wherein , each set of characteristics includes a dimensions characteristic and a position characteristic , said dimensions characteristic indicative of a set of dimensions of a planar area within said event space , said position characteristic indicative of a position of said planar area within said event space and relative to at least a second planar (second receiving, second receiving unit) area within said event space . US5745759A CLAIM 6 . A computer implemented method of communicating information between programs , comprising : constructing an event space , said event space having at least three dimensions and defining a coordinate system for use by said programs ; generating a first event signal in response to a sender program , said first event signal having an event type and an area property , said area (first receiving unit) property defining an event area within said event space ; testing a first program to determine whether said event area intersects a fast program area , said first program area being defined within said event space and corresponding to said first program , if so , then performing the following steps , testing said first program to determine whether said first program is sensitive to said first event signal by testing said event type , if so , transmitting an output signal to said first program , said output signal including information corresponding to said first event signal , and testing said first program to determine whether said first program is to modify said first event signal by testing said event type , if so , modifying said area property by clipping said first program area from said event area . US5745759A CLAIM 17 . The method of claim 6 where said first program is a graphics driver program , said sender program is an input manager program , said first event signal corresponds to an input device draw event , said first event signal being in response to said input manager program receiving an input device signal (first receiving) , and where , responsive to receiving said output signal , said first program causes a cursor to be drawn . US5745759A CLAIM 18 . The method of claim 17 where said event space includes a first area (second receiving, second receiving unit) defined to be closest to a user , where said fi program area is closer to said first area than an area corresponding to said sender program , and where said input signal event includes a direction property , and where said direction property is towards said first area . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (device signal) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (second planar, first area) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5745759A CLAIM 1 . A system for managing an interaction of a plurality of programs , comprising : means for storing a plurality of sets of characteristics , a set of characteristics for each program to be managed , each set of characteristics including an input signal type characteristic and a signal modification characteristic , said input signal type characteristic indicative of input signal types to which a corresponding program is responsive , said signal modification characteristic indicative of input signal types that can be modified by said program ; means , responsive to an input signal received from a first program of said plurality of programs , said input signal having a set properties , for interrogating each set of characteristics in a predetermined sequence , determining whether each program corresponding to each set of characteristics is responsive to said input signal , determining whether said set of properties are to be modified by each program that is responsive to said input signal , modifying said set of properties responsive to said determining whether said set of properties are to be modified , and communicating one or more output signals , each output signal being each program determined to be responsive to said input signal , said output signal corresponding to said input signal ; and means defining an event space , said event space having at least three dimensions and representing an operating environment of said plurality of programs , said event space having a root plane at a first end of said event space , and wherein , each set of characteristics includes a dimensions characteristic and a position characteristic , said dimensions characteristic indicative of a set of dimensions of a planar area within said event space , said position characteristic indicative of a position of said planar area within said event space and relative to at least a second planar (second receiving, second receiving unit) area within said event space . US5745759A CLAIM 6 . A computer implemented method of communicating information between programs , comprising : constructing an event space , said event space having at least three dimensions and defining a coordinate system for use by said programs ; generating a first event signal in response to a sender program , said first event signal having an event type and an area property , said area (first receiving unit) property defining an event area within said event space ; testing a first program to determine whether said event area intersects a fast program area , said first program area being defined within said event space and corresponding to said first program , if so , then performing the following steps , testing said first program to determine whether said first program is sensitive to said first event signal by testing said event type , if so , transmitting an output signal to said first program , said output signal including information corresponding to said first event signal , and testing said first program to determine whether said first program is to modify said first event signal by testing said event type , if so , modifying said area property by clipping said first program area from said event area . US5745759A CLAIM 17 . The method of claim 6 where said first program is a graphics driver program , said sender program is an input manager program , said first event signal corresponds to an input device draw event , said first event signal being in response to said input manager program receiving an input device signal (first receiving) , and where , responsive to receiving said output signal , said first program causes a cursor to be drawn . US5745759A CLAIM 18 . The method of claim 17 where said event space includes a first area (second receiving, second receiving unit) defined to be closest to a user , where said fi program area is closer to said first area than an area corresponding to said sender program , and where said input signal event includes a direction property , and where said direction property is towards said first area . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5553076A Filed: 1994-05-02 Issued: 1996-09-03 Method and apparatus for a wireless local area network (Original Assignee) TCSI Corp (Current Assignee) Atmel Corp Saman Behtash, Christopher Flores, Adel Ghanem |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5553076A CLAIM 1 . A method for wireless communication (wireless communication) between a plurality of wireless terminals and a base station , said method comprising : transmitting periodically by said base station , at the start of a first period of time , a synchronization signal and a status signal , transmitted over an initial period of time measured from the commencement of said first period of time , wherein said synchronization signal is a clocking signal and wherein said status signal represents command signal controlling communication to or from said base station ; transmitting a request signal by one of said plurality of wireless terminals , in a second period of time after a predetermined period measured from the commencement of said second period of time , said request signal indicating the identity of the one of said plurality of wireless terminals requesting subsequent transmission , the identity of one or more wireless terminals to whom the subsequent transmission is intended , the number of periods of time required for the subsequent transmission , and the frequency of the subsequent transmission ; receiving by said base station said request signal and responding thereto by transmitting at the start of a third period of time , different from said first period of time , a synchronization signal , a busy status signal , and an authorization signal , indicating the identity of the one wireless terminal authorized to transmit , the identity of one or more wireless terminals authorized to receive , a starting period of time , and the number of periods of time ; transmitting by said base station at the start of said starting period of time , a synchronization signal and a first reserve status signal ; and transmitting a data signal by the one wireless terminal immediately after the transmission of said first reserve status signal by said base station . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5553076A CLAIM 1 . A method for wireless communication (wireless communication) between a plurality of wireless terminals and a base station , said method comprising : transmitting periodically by said base station , at the start of a first period of time , a synchronization signal and a status signal , transmitted over an initial period of time measured from the commencement of said first period of time , wherein said synchronization signal is a clocking signal and wherein said status signal represents command signal controlling communication to or from said base station ; transmitting a request signal by one of said plurality of wireless terminals , in a second period of time after a predetermined period measured from the commencement of said second period of time , said request signal indicating the identity of the one of said plurality of wireless terminals requesting subsequent transmission , the identity of one or more wireless terminals to whom the subsequent transmission is intended , the number of periods of time required for the subsequent transmission , and the frequency of the subsequent transmission ; receiving by said base station said request signal and responding thereto by transmitting at the start of a third period of time , different from said first period of time , a synchronization signal , a busy status signal , and an authorization signal , indicating the identity of the one wireless terminal authorized to transmit , the identity of one or more wireless terminals authorized to receive , a starting period of time , and the number of periods of time ; transmitting by said base station at the start of said starting period of time , a synchronization signal and a first reserve status signal ; and transmitting a data signal by the one wireless terminal immediately after the transmission of said first reserve status signal by said base station . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving (transmitting step) unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5553076A CLAIM 43 . The method of claim 42 further wherein said retransmitting step (first receiving) retransmits said data signal as a wired relay signal to a second base station for wireless retransmission by said second base station . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5553076A CLAIM 29 . The base station of claim 28 wherein said receiving means (transmitting unit) receives said request signal , in said first period of time after said initial period of time measured from the commencement of said first period of time . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving (transmitting step) unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5553076A CLAIM 43 . The method of claim 42 further wherein said retransmitting step (first receiving) retransmits said data signal as a wired relay signal to a second base station for wireless retransmission by said second base station . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5557742A Filed: 1994-03-07 Issued: 1996-09-17 Method and system for detecting intrusion into and misuse of a data processing system (Original Assignee) Haystack Labs Inc (Current Assignee) McAfee LLC Stephen E. Smaha, Steven R. Snapp |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (object information) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5557742A CLAIM 3 . The system of claim 1 , wherein said misuse engine further comprises a conversion mechanism for converting each of said plurality of process inputs into an event having a predetermined event data structure , said predetermined event data structure comprising an authentication information module , a subject information module , and an object information (original data) module . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (object information) frames . |
US5557742A CLAIM 3 . The system of claim 1 , wherein said misuse engine further comprises a conversion mechanism for converting each of said plurality of process inputs into an event having a predetermined event data structure , said predetermined event data structure comprising an authentication information module , a subject information module , and an object information (original data) module . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (object information) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5557742A CLAIM 3 . The system of claim 1 , wherein said misuse engine further comprises a conversion mechanism for converting each of said plurality of process inputs into an event having a predetermined event data structure , said predetermined event data structure comprising an authentication information module , a subject information module , and an object information (original data) module . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (object information) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5557742A CLAIM 3 . The system of claim 1 , wherein said misuse engine further comprises a conversion mechanism for converting each of said plurality of process inputs into an event having a predetermined event data structure , said predetermined event data structure comprising an authentication information module , a subject information module , and an object information (original data) module . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | WO9417606A1 Filed: 1994-01-27 Issued: 1994-08-04 Medium access control protocol for wireless network (Original Assignee) Digital Ocean, Inc. Michael A. Fischer |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (second frame, one frame) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (second frame, one frame) . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (second frame, one frame) comprises frames that allow statistical comparisons . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (second frame, one frame) transmitted over a time interval . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (second frame, one frame) . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (second frame, one frame) received over all the wireless channels allocated to the wireless node . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (second frame, one frame) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames (second frame, one frame) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (second frame, one frame) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (second frame, one frame) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (second frame, one frame) ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
WO9417606A1 CLAIM 21 . A communicator as defined in claim 1 wherein the predetermined functions further comprise : the hub transmitting two frames containing information to establish the plurality of predeterminable intervals during each communication cycle , the second frame (data frames, incoming data frames) containing the information to established the plurality of predeterminable intervals occurring before the intervals in which the remotes are allowed to transmit frames to the hub . WO9417606A1 CLAIM 27 . A communicator as defined in claim 26 wherein the predetermined functions further comprise : the hub transmitting information to the remotes in a transmission unit which contains at least one frame (data frames, incoming data frames) , the transmission unit including a preamble ; and each remote evaluating the strength of the received radio frequency signals in the preamble before selecting another antenna prior to the end of the preamble . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JPH07154859A Filed: 1993-11-29 Issued: 1995-06-16 Mobile equipment, switching center, and mobile communication system (Original Assignee) Mitsubishi Electric Corp; 三菱電機株式会社 Kenichi Ishida, Masako Kimura, Yoshinori Uchida, 吉則 内田, 正子 木村, 健一 石田 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (シーケンス) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JPH07154859A CLAIM 2 【請求項2】 自営用プロトコル基地局処理部と、公衆 用プロトコル基地局処理部と、これらを選択するシステ ム判別機能部と、 ハンドオーバ・シーケンス (original data, original data frames) 処理と受信レベル問い合わせ 動作を行う無線システム制御部と、 位置登録記憶部と、 他自営システム、公衆システム、衛星公衆システム別に ローミング情報を持ち、対象移動機が自システム外に移 動する場合はその信号を受けて、衛星回線も含めてロー ミング元情報を相手先に転送するローミング処理部を備 えた移動通信システム用の交換局。 2 . A self-employed protocol base station processing unit , a public protocol base station processing unit , a system discriminating function unit for selecting them , and a wireless system control unit for performing handover sequence processing and reception level inquiry operation , It has roaming information for the location registration storage unit and other self-employed systems , public systems , and satellite public systems . When the target mobile station moves out of its own system , the signal is received and the roaming source information including the satellite line is communicated . An exchange station for a mobile communication system that includes a roaming processing unit that transfers first . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (シーケンス) frames . |
JPH07154859A CLAIM 2 【請求項2】 自営用プロトコル基地局処理部と、公衆 用プロトコル基地局処理部と、これらを選択するシステ ム判別機能部と、 ハンドオーバ・シーケンス (original data, original data frames) 処理と受信レベル問い合わせ 動作を行う無線システム制御部と、 位置登録記憶部と、 他自営システム、公衆システム、衛星公衆システム別に ローミング情報を持ち、対象移動機が自システム外に移 動する場合はその信号を受けて、衛星回線も含めてロー ミング元情報を相手先に転送するローミング処理部を備 えた移動通信システム用の交換局。 2 . A self-employed protocol base station processing unit , a public protocol base station processing unit , a system discriminating function unit for selecting them , and a wireless system control unit for performing handover sequence processing and reception level inquiry operation , It has roaming information for the location registration storage unit and other self-employed systems , public systems , and satellite public systems . When the target mobile station moves out of its own system , the signal is received and the roaming source information including the satellite line is communicated . An exchange station for a mobile communication system that includes a roaming processing unit that transfers first . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (シーケンス) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
JPH07154859A CLAIM 2 【請求項2】 自営用プロトコル基地局処理部と、公衆 用プロトコル基地局処理部と、これらを選択するシステ ム判別機能部と、 ハンドオーバ・シーケンス (original data, original data frames) 処理と受信レベル問い合わせ 動作を行う無線システム制御部と、 位置登録記憶部と、 他自営システム、公衆システム、衛星公衆システム別に ローミング情報を持ち、対象移動機が自システム外に移 動する場合はその信号を受けて、衛星回線も含めてロー ミング元情報を相手先に転送するローミング処理部を備 えた移動通信システム用の交換局。 2 . A self-employed protocol base station processing unit , a public protocol base station processing unit , a system discriminating function unit for selecting them , and a wireless system control unit for performing handover sequence processing and reception level inquiry operation , It has roaming information for the location registration storage unit and other self-employed systems , public systems , and satellite public systems . When the target mobile station moves out of its own system , the signal is received and the roaming source information including the satellite line is communicated . An exchange station for a mobile communication system that includes a roaming processing unit that transfers first . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (シーケンス) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JPH07154859A CLAIM 2 【請求項2】 自営用プロトコル基地局処理部と、公衆 用プロトコル基地局処理部と、これらを選択するシステ ム判別機能部と、 ハンドオーバ・シーケンス (original data, original data frames) 処理と受信レベル問い合わせ 動作を行う無線システム制御部と、 位置登録記憶部と、 他自営システム、公衆システム、衛星公衆システム別に ローミング情報を持ち、対象移動機が自システム外に移 動する場合はその信号を受けて、衛星回線も含めてロー ミング元情報を相手先に転送するローミング処理部を備 えた移動通信システム用の交換局。 2 . A self-employed protocol base station processing unit , a public protocol base station processing unit , a system discriminating function unit for selecting them , and a wireless system control unit for performing handover sequence processing and reception level inquiry operation , It has roaming information for the location registration storage unit and other self-employed systems , public systems , and satellite public systems . When the target mobile station moves out of its own system , the signal is received and the roaming source information including the satellite line is communicated . An exchange station for a mobile communication system that includes a roaming processing unit that transfers first . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (reception) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal (上記移動機) . |
JPH07154859A CLAIM 1 【請求項1】 移動通信システム用の送受信部と、 自営用制御チャネル制御部と、地上公衆用制御チャネル 部と、衛星公衆用チャネル制御部と、 自営用プロトコル処理部と、公衆用プロトコル処理部 と、 受信状態から上記各制御チャネル部の内の必要制御チャ ネルを選択し、かつ対応するプロトコル処理部を選択す る経路選択制御部を備えた移動通信システム用の移動 機。 1 . A transmission / reception (second receiving, second receiving unit) unit for a mobile communication system , a private control channel control unit , a terrestrial public control channel unit , a satellite public channel control unit , a private management protocol processing unit , and a public protocol processing unit . And a mobile device for a mobile communication system including a route selection control unit that selects a required control channel from the control channel units from the reception state and selects a corresponding protocol processing unit . JPH07154859A CLAIM 3 【請求項3】 自営システム・公衆システム・衛星公衆 システムに無線接続し、必要システムの受信レベルを測 定し、優先度に従って所定のシステムに接続する移動機 と、 自営システムにあって上記移動機 (impersonation detection signal) との無線通話と、後述 の交換局との有線通話により上記移動機と交換局間の通 話を接続する無線基地局と、 自システム、他自営システム、公衆システム、衛星公衆 システムと通話を行う対応プロトコルを備え、対象移動 機が選択するシステムに対応したプロトコルで通話を行 う交換局とで構成される移動通信システム。 3 . A mobile unit that wirelessly connects to a self-employed system / public system / satellite public system , measures a reception level of a required system , and connects to a predetermined system according to a priority , and the mobile unit in the self-employed system . The wireless base station that connects the mobile station and the switching center by the wired communication with the switching center , which will be described later , and the corresponding protocol that communicates with the own system , other self-employed system , public system , satellite public system And a mobile communication system comprising an exchange that makes a call using a protocol corresponding to the system selected by the target mobile device . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (reception) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JPH07154859A CLAIM 1 【請求項1】 移動通信システム用の送受信部と、 自営用制御チャネル制御部と、地上公衆用制御チャネル 部と、衛星公衆用チャネル制御部と、 自営用プロトコル処理部と、公衆用プロトコル処理部 と、 受信状態から上記各制御チャネル部の内の必要制御チャ ネルを選択し、かつ対応するプロトコル処理部を選択す る経路選択制御部を備えた移動通信システム用の移動 機。 1 . A transmission / reception (second receiving, second receiving unit) unit for a mobile communication system , a private control channel control unit , a terrestrial public control channel unit , a satellite public channel control unit , a private management protocol processing unit , and a public protocol processing unit . And a mobile device for a mobile communication system including a route selection control unit that selects a required control channel from the control channel units from the reception state and selects a corresponding protocol processing unit . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5424808A Filed: 1993-09-27 Issued: 1995-06-13 Control apparatus for copying machine with improved communication function for centralized control unit (Original Assignee) Minolta Co Ltd (Current Assignee) Minolta Co Ltd Kazunobu Maekawa, Sumiaki Hirata |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (paper jam) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5424808A CLAIM 2 . The control apparatus according to claim 1 , wherein said trouble occurrences comprises a paper jam (original data, original data frames, transmitting original data frames) . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (paper jam) frames . |
US5424808A CLAIM 2 . The control apparatus according to claim 1 , wherein said trouble occurrences comprises a paper jam (original data, original data frames, transmitting original data frames) . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (paper jam) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5424808A CLAIM 2 . The control apparatus according to claim 1 , wherein said trouble occurrences comprises a paper jam (original data, original data frames, transmitting original data frames) . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (paper jam) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5424808A CLAIM 2 . The control apparatus according to claim 1 , wherein said trouble occurrences comprises a paper jam (original data, original data frames, transmitting original data frames) . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (predetermined value) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5424808A CLAIM 5 . The control apparatus according to claim 4 , wherein said determining means determines that the trouble occurrence frequency exceeds a predetermined value (second receiving unit) for each portion of said copying machine . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5424808A CLAIM 1 . A control apparatus for collecting data related to a copying machine and communicating with a centralized control unit on the basis of the collected dam , comprising : detecting means for detecting a trouble occurrence on the basis of data from said copying machine ; counting means for counting the number of times the trouble occurrence is detected by said detecting means ; calculating means for calculating a frequency of the trouble occurrence on the basis of the counted number of times of the trouble occurrence while said copying machine performs a predetermined number of copying processes ; receiving means (transmitting unit) for receiving a threshold value from said centralized control unit ; determining means for determining that said calculated trouble occurrence frequency exceeds said threshold value ; and communication means for calling said centralized control unit in response to an output of said determining means . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (predetermined value) for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5424808A CLAIM 5 . The control apparatus according to claim 4 , wherein said determining means determines that the trouble occurrence frequency exceeds a predetermined value (second receiving unit) for each portion of said copying machine . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5428636A Filed: 1993-05-07 Issued: 1995-06-27 Radio frequency local area network (Original Assignee) Norand Corp (Current Assignee) Avago Technologies General IP Singapore Pte Ltd ; Innovatio IP Ventures LLC Robert C. Meier |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (present location) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5428636A CLAIM 4 . The RF multi-hop communication network of claim 3 wherein said plurality of bridging nodes revising locally stored information to reflect the present location (wireless communication) of said mobile communication node moving within the network . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication (present location) network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5428636A CLAIM 4 . The RF multi-hop communication network of claim 3 wherein said plurality of bridging nodes revising locally stored information to reflect the present location (wireless communication) of said mobile communication node moving within the network . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5760530A Filed: 1992-12-22 Issued: 1998-06-02 Piezoelectric tactile sensor (Original Assignee) US Air Force (Current Assignee) US Air Force Edward S. Kolesar |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module (determining presence) and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node and the intrusion detection module (determining presence) . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module (determining presence) for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module (determining presence) comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 12 . The impersonation detection system of claim 11 , wherein the intrusion detection module (determining presence) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module (determining presence) resides away from the wireless node : a transmitting unit (area portion) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5760530A CLAIM 1 . Force magnitude and force pattern responsive tactile sensing apparatus comprising the combination of : a two-dimensional array of electrode elements disposed in electrical and physical isolation across a planar surface area portion (transmitting unit) of a semiconductor substrate member ; a force responsive physically deformable film of piezoelectric effect material disposed over said array of electrode elements and said substrate member surface area portions , in electrical capacitance coupling with said electrode element array ; an electrically conductive common electrode member disposed over a second distal surface portion of said film of piezoelectric effect material and connected with a common return electrical node of said sensing apparatus ; electronic amplifier means , including a plurality of high input impedance electronic amplifier circuits physically disposed adjacent to said array of electrode elements with each said amplifier circuit having respective input nodes connected with one of said electrode elements and with said common return electrical node for amplifying a piezoelectric effect electrical charge signal received on said electrode element during sensed tactile force physical deformations of said film of piezoelectric effect material ; low voltage electrical charge generating means temporarily connected with each said electrode element of said array for pre-conditioning said piezoelectric effect material to a substantially uniform signal generation state prior to each said tactile force physical deformation . US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module (determining presence) is integrated within the wireless node . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module (determining presence) for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module (determining presence) comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 CLAIM 19 . The an impersonation detection system of claim 18 , wherein the intrusion detection module (determining presence) further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US5760530A CLAIM 17 . The sensing apparatus of claim 1 further including detection threshold selecting circuit means responsive to an output signal of at least one of said amplifier circuits for determining presence (intrusion detection module, intrusion detection module incoming data frames) and absence of significant force magnitude at each of said electrode elements . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5287110A Filed: 1992-11-17 Issued: 1994-02-15 Complementary threat sensor data fusion method and apparatus (Original Assignee) Honeywell Inc (Current Assignee) Honeywell Inc My Tran |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving unit (elapsed time) for detecting the incoming data frames from the incoming traffic ; and a data processing unit (solving means) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5287110A CLAIM 1 . Complementary threat sensor data fusion apparatus comprising : (a) a threat sensor data fusion process control means having a logical control processor , a sensor status input , a sensor data control output , and a fusion process control output ; (b) a threat ambiguity detector means having a control input connected to the sensor data control output and a radar warning receiver data input from a radar warning receiver , having an ambiguity data signal output wherein the sensor data control output switches the radar warning receiver data input ; (c) a radar emitter ID conversion process means having a pulsed radar jammer data input from a pulsed radar jammer , and a continuous wave radar data input from a continuous wave radar , controlled by the sensor data control output , having a converted jammer data output wherein the radar emitter ID conversion process means receives radar emitter IDs from a common radar emitter ID data base ; (d) a missile approach detector input from a missile approach detector , controlled by the sensor data control output having a missile approach detector output ; (e) a complementary threat data means having an input connected to the fusion process control output and a complementary threat data output ; (f) a threat ambiguity resolving means (data processing unit) having an ambiguity input connected to the ambiguity data signal output and a threat ambiguity resolution data output ; (g) a functional sensor back-up means having an input connected to the converted jammer data output having a back-up data output ; and (h) an electronic countermeasures/countermeasures analyzer means having an input connected to the missile approach detector output and having a tactical electronic countermeasures/countermeasures command output . US5287110A CLAIM 9 . A method for electronic countermeasures/countermeasures analysis for a radar jammer having at least one jamming strategy , the method comprising the steps of : (a) reading electronic countermeasures jamming data from a jammer threat list having at least one threat ; (b) determining the elapsed time (second receiving unit) since applying a last jamming strategy for the at least one threat ; (c) evaluating the effectiveness of the jamming strategy based on a predetermined criteria ; (d) determining if the jamming strategy was effective and if it was not effective repeating step (a) ; and (e) storing in an evaluation data base the type of threat and the jamming strategy for evaluating the effectiveness of the jamming strategy based on the at least one threat . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving unit (elapsed time) for detecting the incoming data frames from the incoming traffic ; and a data processing unit (solving means) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5287110A CLAIM 1 . Complementary threat sensor data fusion apparatus comprising : (a) a threat sensor data fusion process control means having a logical control processor , a sensor status input , a sensor data control output , and a fusion process control output ; (b) a threat ambiguity detector means having a control input connected to the sensor data control output and a radar warning receiver data input from a radar warning receiver , having an ambiguity data signal output wherein the sensor data control output switches the radar warning receiver data input ; (c) a radar emitter ID conversion process means having a pulsed radar jammer data input from a pulsed radar jammer , and a continuous wave radar data input from a continuous wave radar , controlled by the sensor data control output , having a converted jammer data output wherein the radar emitter ID conversion process means receives radar emitter IDs from a common radar emitter ID data base ; (d) a missile approach detector input from a missile approach detector , controlled by the sensor data control output having a missile approach detector output ; (e) a complementary threat data means having an input connected to the fusion process control output and a complementary threat data output ; (f) a threat ambiguity resolving means (data processing unit) having an ambiguity input connected to the ambiguity data signal output and a threat ambiguity resolution data output ; (g) a functional sensor back-up means having an input connected to the converted jammer data output having a back-up data output ; and (h) an electronic countermeasures/countermeasures analyzer means having an input connected to the missile approach detector output and having a tactical electronic countermeasures/countermeasures command output . US5287110A CLAIM 9 . A method for electronic countermeasures/countermeasures analysis for a radar jammer having at least one jamming strategy , the method comprising the steps of : (a) reading electronic countermeasures jamming data from a jammer threat list having at least one threat ; (b) determining the elapsed time (second receiving unit) since applying a last jamming strategy for the at least one threat ; (c) evaluating the effectiveness of the jamming strategy based on a predetermined criteria ; (d) determining if the jamming strategy was effective and if it was not effective repeating step (a) ; and (e) storing in an evaluation data base the type of threat and the jamming strategy for evaluating the effectiveness of the jamming strategy based on the at least one threat . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | JPH0661903A Filed: 1992-08-12 Issued: 1994-03-04 Intercom (Original Assignee) Matsushita Electric Ind Co Ltd; 松下電器産業株式会社 Kazuhisa Tsubaki, Kazuhiro Umetsu, 和浩 梅津, 和久 椿 |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames (apparatus) received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 10 . An impersonation detection system (apparatus) for a wireless node of a wireless communication network , the node for transmitting original data frames (符復号) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号 (transmitting original data frames, transmitting outgoing data frames) と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 11 . The impersonation detection system (apparatus) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (reception) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception (second receiving, second receiving unit) signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 12 . The impersonation detection system (apparatus) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 13 . The impersonation detection system (apparatus) of claim 12 wherein the secure link operates according to a communication protocol . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 14 . The impersonation detection system (apparatus) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 15 . The impersonation detection system (apparatus) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 16 . The impersonation detection system (apparatus) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (符復号) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号 (transmitting original data frames, transmitting outgoing data frames) と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (reception) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit (apparatus) for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception (second receiving, second receiving unit) signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 19 . The an impersonation detection system (apparatus) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 CLAIM 20 . The impersonation detection system (apparatus) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
JPH0661903A CLAIM 1 【請求項1】 送受信信号の変調・復調を行なう無線部 と、信号のCRC符復号と音声データの分離・多重とを 行なうチャネル・コーデックと、音声データの音声符号 化復号化を行なう音声コーデックとを具備する通話装置 において、 回線状態を判別する回線推定手段と、受信信号に含まれ る制御データに基づいて前記音声符号化復号化方式の切 替を指令するモード切替手段とを設け、前記音声コーデ ックでは、前記指令に対応して、複数の前記音声符号化 復号化方式の1つを選択して実行できるように構成した ことを特徴とする通話装置。 1 . A radio unit for modulating / demodulating a transmission / reception signal , a channel / codec for CRC coding / decoding of a signal and separation / multiplexing of voice data , and a voice codec for performing voice coding / decoding of voice data . In a speech communication apparatus (impersonation detection system, data processing unit, intrusion detection module incoming data frames) comprising : a line estimation unit for determining a line state , and a mode switching unit for instructing switching of the voice encoding / decoding system based on control data included in a received signal . A speech communication apparatus , wherein one of a plurality of speech encoding / decoding methods can be selected and executed in response to the command . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5241542A Filed: 1991-08-23 Issued: 1993-08-31 Battery efficient operation of scheduled access protocol (Original Assignee) International Business Machines Corp (Current Assignee) Lenovo Singapore Pte Ltd Kadathur S. Natarajan, Chia-Chi Huang |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication (wireless communication) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames (second frame, time slots, one frame) transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication (wireless communication) between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 4 . The method of claim 1 , wherein the copy includes a summary of the outgoing data frames (second frame, time slots, one frame) . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 5 . The method of claim 4 , wherein the summary of the outgoing data frames (second frame, time slots, one frame) comprises frames that allow statistical comparisons . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames (second frame, time slots, one frame) transmitted over a time interval . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data frames (second frame, time slots, one frame) . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data frames (second frame, time slots, one frame) received over all the wireless channels allocated to the wireless node . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames (second frame, time slots, one frame) with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 10 . An impersonation detection system (remaining time) for a wireless node of a wireless communication (wireless communication) network , the node for transmitting original data frames (second frame, time slots, one frame) over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication (wireless communication) between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 11 . The impersonation detection system (remaining time) of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (second frame, time slots, one frame) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames (second frame, time slots, one frame) from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 12 . The impersonation detection system (remaining time) of claim 11 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 13 . The impersonation detection system (remaining time) of claim 12 wherein the secure link operates according to a communication protocol . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 14 . The impersonation detection system (remaining time) of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 15 . The impersonation detection system (remaining time) of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 16 . The impersonation detection system (remaining time) of claim 10 , wherein the wireless network operates according to any wireless network technology . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (second frame, time slots, one frame) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames (second frame, time slots, one frame) ; an antenna for capturing the incoming traffic (second frame, time slots, one frame) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5241542A CLAIM 1 . A method of conserving battery power in a wireless link adapter of battery powered computers operable in a multiaccess protocol for wireless communication between n , where n is an integer , of said battery powered computers and a base station , with said protocol including a designation of which ones of said n computers are to communicate with said base station , said method comprising the steps of : partitioning said multiaccess protocol into at least one frame (data frames, incoming data frames, incoming data, incoming traffic) including a header AH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for communication with said base station during said frame when its corresponding one of said n bits is in a first state , and for not being in communication when in a second state , with the remainder of said frame being divided into a plurality of slots in a time duration TA , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to communicate with said base station ; turning ON said battery power of said wireless link adapter for each of said n battery powered computers for the duration of header AH ; turning OFF battery power for said time duration TA for each wireless link adapter of the n battery powered computers that is not scheduled to communicate with said base station ; and turning ON battery power only during the at least one slot time of TA scheduled , for each wireless link adapter of the n battery powered computers scheduled to communicate with said base station , and turning OFF battery power for the remaining slots of TA . US5241542A CLAIM 3 . The method of claim 2 , including the steps of : including a second frame (data frames, incoming data frames, incoming data, incoming traffic) in said multiaccess protocol , including a header BH having n bits , with each of said n bits being assigned to a corresponding one of said n battery powered computers , with a given one of said n computers being scheduled for transmitting information to said base station during said second frame when its corresponding one of said n bits is in a first state , and for not transmitting information when in a second state , with the remainder of said second frame being divided into a plurality of slots in a time duration TB , with there being at least one slot dynamically assigned to only the ones of said n battery powered computers scheduled to transmit to said base station ; turning on said battery power of said wireless link adapter for each of said n battery powered computers for the duration of the header BH ; turning OFF battery power for said time duration TB for each wireless link adapter of the n battery powered computers that is not scheduled to transmit to said base station ; and turning ON battery power only during the at least one slot time of TB scheduled for each wireless link adapter of the n battery powered computers scheduled to transmit to said base station , and turning OFF battery power for the remaining slots of TB . US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time slots (data frames, incoming data frames, incoming data, incoming traffic) of said third frame . |
US7409715B2 CLAIM 19 . The an impersonation detection system (remaining time) of claim 18 , wherein the intrusion detection module further comprises means for qualifying an intrusion attack based on the impersonation detected signal . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 CLAIM 20 . The impersonation detection system (remaining time) of claim 18 , wherein the wireless network operates according to any wireless network technology . |
US5241542A CLAIM 4 . The method of claim 3 , including the steps of : including a third frame in said multiaccess protocol , with said third frame including a header CH which includes a designation of the number of slots available in the remainder of said third frame in time duration TC , with said third frame being allotted to contention mode transmission from said n battery powered computers to said base station ; turning ON said battery power of said wireless link adapter of each of said n battery powered computers for the duration of the header CH ; turning OFF said battery power of the receiver of each wireless link adapter of each of said n battery power computers for the time duration TC ; turning OFF the battery power of the transmitter in said wireless link adapter of any of said battery powered computers that do not wish to transmit to said base station during said third frame ; and turning ON said battery power for a transmitter of said wireless link adapter in a given battery powered computer for at least one slot in said third frame for transmitting from said given battery powered computer to said base station , with said battery power for said transmitter of said wireless adapter link being turned OFF for the remaining time (impersonation detection system) slots of said third frame . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US5247564A Filed: 1990-10-24 Issued: 1993-09-21 Adaptive vehicle alarm detection and reporting system (Original Assignee) GTE Mobile Communications Service Corp (Current Assignee) GTE Wireless Inc Robert G. Zicker |
---|---|
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (phone calls) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US5247564A CLAIM 1 . A cellular radiotelephone system for use in a vehicle having an ignition terminal adapted to carry an ignition signal , said system comprising : a cellular mobile radiotelephone transmit/receive unit (TRU) for engaging in first and second phone calls (second receiving, second receiving unit) ; remote programming control means , coupled to said TRU , for receiving and recording alarm parameters from said TRU during said first phone call ; a vehicle alarm system having an output signal which activates to indicate a security breach condition ; user input means for generating a disarming signal in response to a physical manipulation of said user input means by a user ; timing control means , coupled to said ignition terminal , for determining a disarming duration which begins substantially at activation of said ignition signal and continues for a period of time established by said alarm parameters ; and alarm detection control means , coupled to said vehicle alarm system , to said TRU , to said user input means , and to said timing control means , for instructing said TRU to place said second call to a telephone number when said security breach condition occurs , said telephone number being defined by said alarm parameters , and for instructing said TRU to place said second call to said telephone number when said disarming signal is not generated prior to expiration of said disarming duration . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames (mobile radio) over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US5247564A CLAIM 1 . A cellular radiotelephone system for use in a vehicle having an ignition terminal adapted to carry an ignition signal , said system comprising : a cellular mobile radio (transmitting outgoing data frames) telephone transmit/receive unit (TRU) for engaging in first and second phone calls ; remote programming control means , coupled to said TRU , for receiving and recording alarm parameters from said TRU during said first phone call ; a vehicle alarm system having an output signal which activates to indicate a security breach condition ; user input means for generating a disarming signal in response to a physical manipulation of said user input means by a user ; timing control means , coupled to said ignition terminal , for determining a disarming duration which begins substantially at activation of said ignition signal and continues for a period of time established by said alarm parameters ; and alarm detection control means , coupled to said vehicle alarm system , to said TRU , to said user input means , and to said timing control means , for instructing said TRU to place said second call to a telephone number when said security breach condition occurs , said telephone number being defined by said alarm parameters , and for instructing said TRU to place said second call to said telephone number when said disarming signal is not generated prior to expiration of said disarming duration . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (phone calls) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US5247564A CLAIM 1 . A cellular radiotelephone system for use in a vehicle having an ignition terminal adapted to carry an ignition signal , said system comprising : a cellular mobile radiotelephone transmit/receive unit (TRU) for engaging in first and second phone calls (second receiving, second receiving unit) ; remote programming control means , coupled to said TRU , for receiving and recording alarm parameters from said TRU during said first phone call ; a vehicle alarm system having an output signal which activates to indicate a security breach condition ; user input means for generating a disarming signal in response to a physical manipulation of said user input means by a user ; timing control means , coupled to said ignition terminal , for determining a disarming duration which begins substantially at activation of said ignition signal and continues for a period of time established by said alarm parameters ; and alarm detection control means , coupled to said vehicle alarm system , to said TRU , to said user input means , and to said timing control means , for instructing said TRU to place said second call to a telephone number when said security breach condition occurs , said telephone number being defined by said alarm parameters , and for instructing said TRU to place said second call to said telephone number when said disarming signal is not generated prior to expiration of said disarming duration . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US4855713A Filed: 1988-10-07 Issued: 1989-08-08 Learn mode transmitter (Original Assignee) Interactive Technologies Inc (Current Assignee) Carrier Fire and Security Americas Corp Robert E. Brunius |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (temporarily store) . |
US4855713A CLAIM 1 . A method for programming a local security system controller with the identity of each of a plurality of wireless transmitters to whose transmissions it is to respond , comprising : (a) programming a unique identity code into each of said wireless transmitters which identity code is transmitted with each transmission ; (b) establishing said system controller in a program mode ; (c) inducing a predetermined transmission from one of said wireless transmitters ; (d) temporarily storing each received identity code as it is received by said system' ; controller ; (e) upon detecting said program mode and a predetermined alarm condition , comparing each received identity code at said system controller to a code table ; and (f) writing the temporarily store (time interval) d identity code into said code table , if not located . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US4951029A Filed: 1988-02-16 Issued: 1990-08-21 Micro-programmable security system (Original Assignee) Interactive Technologies Inc (Current Assignee) Carrier Fire and Security Americas Corp Paul K. Severson |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data (coupled thereto) frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US4951029A CLAIM 15 . Apparatus as set forth in claim 14 wherein said system controller includes : (a) a user keypad coupled thereto (original data) ; and (b) means responsive to a predetermined duress code received from said keypad for communicating an alarm to said central station and not annunciating a local system response . |
US7409715B2 CLAIM 7 . The method of claim 4 , wherein the summary comprises the types of the original data (coupled thereto) frames . |
US4951029A CLAIM 15 . Apparatus as set forth in claim 14 wherein said system controller includes : (a) a user keypad coupled thereto (original data) ; and (b) means responsive to a predetermined duress code received from said keypad for communicating an alarm to said central station and not annunciating a local system response . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data (coupled thereto) frames with the incoming data frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US4951029A CLAIM 15 . Apparatus as set forth in claim 14 wherein said system controller includes : (a) a user keypad coupled thereto (original data) ; and (b) means responsive to a predetermined duress code received from said keypad for communicating an alarm to said central station and not annunciating a local system response . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data (coupled thereto) frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data frames received over the air interface (first system controller, communication link) ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US4951029A CLAIM 11 . Apparatus as set forth in claim 9 including microphone means coupled to said processor means and wherein said processor means includes means responsive to central station control signals for coupling said microphone means to a telephone communication link (air interface) between said system controller and said central station whereby said central station may audibly monitor a subscriber site . US4951029A CLAIM 12 . Apparatus as set forth in claim 9 coupled in a network including a second system controller which receives status communications from a plurality of wireless transducers in a second subscriber system and which communicates with said central station and wherein : (a) the first system controller (air interface) includes means responsive to an inability-to-communicate (IC) condition with said central station for broadcasting at radio frequencies an IC alarm ; and (b) said second system controller includes means for receiving said IC alarm and for identifying the condition of the first system controller to the central station . US4951029A CLAIM 15 . Apparatus as set forth in claim 14 wherein said system controller includes : (a) a user keypad coupled thereto (original data) ; and (b) means responsive to a predetermined duress code received from said keypad for communicating an alarm to said central station and not annunciating a local system response . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic received on all transmission channels allocated to the wireless node ; a second receiving (first reporting) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US4951029A CLAIM 10 . Apparatus as set forth in claim 9 including means responsive to a transducer reported alarm for preventing the system controller from reporting the alarm to the central station until at least one other transducer of a group including the first reporting (second receiving) transducer reports a confirming alarm . |
US7409715B2 CLAIM 13 . The impersonation detection system of claim 12 wherein the secure link operates according to a communication protocol (control signals) . |
US4951029A CLAIM 11 . Apparatus as set forth in claim 9 including microphone means coupled to said processor means and wherein said processor means includes means responsive to central station control signals (communication protocol) for coupling said microphone means to a telephone communication link between said system controller and said central station whereby said central station may audibly monitor a subscriber site . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US4951029A CLAIM 17 . Apparatus as set forth in claim 16 wherein said hardwired transducer receiving means (transmitting unit) includes a first portion having a plurality of separately identifiable transducers coupled thereto and wherein each transducer is coupled between first and second conductors extending from said system controller and wherein said first portion includes means responsive to the identification data of each of said transducers for individually communicating the status of each of said transducers to said central station . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data frames received from the air interface (first system controller, communication link) ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US4951029A CLAIM 11 . Apparatus as set forth in claim 9 including microphone means coupled to said processor means and wherein said processor means includes means responsive to central station control signals for coupling said microphone means to a telephone communication link (air interface) between said system controller and said central station whereby said central station may audibly monitor a subscriber site . US4951029A CLAIM 12 . Apparatus as set forth in claim 9 coupled in a network including a second system controller which receives status communications from a plurality of wireless transducers in a second subscriber system and which communicates with said central station and wherein : (a) the first system controller (air interface) includes means responsive to an inability-to-communicate (IC) condition with said central station for broadcasting at radio frequencies an IC alarm ; and (b) said second system controller includes means for receiving said IC alarm and for identifying the condition of the first system controller to the central station . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic carried on all transmission channels allocated to the wireless node ; a second receiving (first reporting) unit for detecting the incoming data frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US4951029A CLAIM 10 . Apparatus as set forth in claim 9 including means responsive to a transducer reported alarm for preventing the system controller from reporting the alarm to the central station until at least one other transducer of a group including the first reporting (second receiving) transducer reports a confirming alarm . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US4876545A Filed: 1987-12-24 Issued: 1989-10-24 Adaptive blanking interface apparatus for self-protection jamming equipment employed in conjunction with radar systems (Original Assignee) ITT Corp (Current Assignee) ITT Inc Christopher M. Carlson, Nicholas Deninno |
---|---|
US7409715B2 CLAIM 6 . The method of claim 4 , wherein the summary comprises the number of the outgoing data frames transmitted over a time interval (real time basis) . |
US4876545A CLAIM 4 . The ECM system according to claim 1 , wherein said interface means includes , a threat response storage means having stored at a plurality of memory locations information indicative of a matrix of data defining a plurality of system response files according to the mode of operation of said receiver means , with inputs means of said threat response matrix coupled to said first data bus for supplying an address code thereto for accessing any one of said stored files , file decoder means coupled to said second data bus and operative to decode said code assignment messages on a real time basis (time interval) for generating at an output decoded data indicative of one of said given stored files , comparator means coupled to said threat response storage means and said file decoder means for comparing said stored data at an address according to said data on said first data bus with said file decoder means output to determine a comparison between said compared data indicative of a given receiver mode and means for generating said optimum blanking parameter information according to said comparison . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node : a transmitting unit (receiving means) on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US4876545A CLAIM 16 . The ECM system according to claim 15 , wherein said jamming apparatus further includes receiving means (transmitting unit) for receiving foreign or threat transmissions and for applying said received signals to said processor means for performing signal analysis of said signals as further implemented by said exchanged information from said receiver means . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US4812820A Filed: 1987-03-18 Issued: 1989-03-14 Electronic surveillance system and transceiver unit therefor (Original Assignee) Chatwin Ian Malcolm Ian M. Chatwin |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node of a wireless communication network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface ; b) detecting at the intrusion detection module incoming data (logic circuitry) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node and extracting the incoming data (logic circuitry) frames received over all the wireless channels allocated to the wireless node . |
US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (logic circuitry) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node of a wireless communication network , the node for transmitting original data frames over a wireless interface comprising : an intrusion detection module for correlating the original data frames with incoming data (logic circuitry) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (other units) received on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (logic circuitry) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US4812820A CLAIM 1 . An electronic surveillance system comprising a plurality of transceiver units at spaced locations within the system , characterized in that each of said transceiver units comprises means for establishing a cycle of operation , for transmitting digital data in turn , to all other units (incoming traffic) of the system at an exclusive time slot in said cycle of operation , said data identifying the particular unit transmitting data and providing status information , means for recognizing , at all times , a said transmission from any other unit of the system and also identifying a transmission from the immediately preceding unit in said cycle , and performing a said transmission next in turn thereafter , the unit last in said cycle including means for transmitting coded information such that the first unit in said cycle can identify the end of a cycle and recommence , and each said unit comprises means for responding to the failure of any one unit of the system to transmit said data in turn , and for responding to receipt of said status information . US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 CLAIM 17 . A wireless node for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface ; an intrusion detection module for correlating the outgoing data frames with incoming data (logic circuitry) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 CLAIM 18 . The wireless node of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (other units) carried on all transmission channels allocated to the wireless node ; a second receiving unit for detecting the incoming data (logic circuitry) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US4812820A CLAIM 1 . An electronic surveillance system comprising a plurality of transceiver units at spaced locations within the system , characterized in that each of said transceiver units comprises means for establishing a cycle of operation , for transmitting digital data in turn , to all other units (incoming traffic) of the system at an exclusive time slot in said cycle of operation , said data identifying the particular unit transmitting data and providing status information , means for recognizing , at all times , a said transmission from any other unit of the system and also identifying a transmission from the immediately preceding unit in said cycle , and performing a said transmission next in turn thereafter , the unit last in said cycle including means for transmitting coded information such that the first unit in said cycle can identify the end of a cycle and recommence , and each said unit comprises means for responding to the failure of any one unit of the system to transmit said data in turn , and for responding to receipt of said status information . US4812820A CLAIM 13 . A transceiver unit as defined in claim 12 , comprising means for setting a baud rate for transmitting and receiving information , means for sequencing digital functions of said transceiver , and means for providing a real time clock for action and response delays , said means comprising a microprocessor 11 to which are connected a program ROM 12 , an interface 17 , a display 14 , digital logic circuitry (incoming data) and a crystal oscillator 15 . |
US7409715B2 Filed: 2003-12-10 Issued: 2008-08-05 Mechanism for detection of attacks based on impersonation in a wireless network (Original Assignee) Alcatel Lucent SAS (Current Assignee) Wsou Investments LLC Frederic Gariador, Vinod Kumar Choyi, Andrew Robison | US4520674A Filed: 1983-11-14 Issued: 1985-06-04 Vibration monitoring device (Original Assignee) Technology for Energy Corp (Current Assignee) TECHNOLOGY FOR ENERGY Corp A CORP ; Technology for Energy Corp ; Fifth Third Bank NA Ronald G. Canada, Kenneth R. Piety, Daniel G. Simpson, E. Forrest Pardue |
---|---|
US7409715B2 CLAIM 1 . A method for detecting impersonation based attacks at a wireless node (including analog) of a wireless communication (including analog) network , comprising the steps of : a) operatively connecting the wireless node with an intrusion detection module and providing the intrusion detection module with a copy of original data frames transmitted by the wireless node over a wireless interface (including analog) ; b) detecting at the intrusion detection module incoming data (power consumption) frames received over the wireless interface ; c) comparing at the intrusion detection module the information in the copy with the information in the incoming data frames ; and d) recognizing an impersonating attack when the intrusion detection module determines that the information in the copy differs from the information in the incoming data frames . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 2 . The method of claim 1 , wherein step a) comprises transmitting the copy over a secure link established between the wireless node (including analog) and the intrusion detection module . |
US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 8 . The method of claim 1 , wherein step b) comprises monitoring all wireless channels allocated to the wireless node (including analog) and extracting the incoming data (power consumption) frames received over all the wireless channels allocated to the wireless node . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 9 . The method of claim 1 , wherein step d) comprises : correlating the original data frames with the incoming data (power consumption) frames for detecting an inconsistency between the frames ; and upon detection of the inconsistency , further processing the incoming data frames for qualifying the impersonating attack . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . |
US7409715B2 CLAIM 10 . An impersonation detection system for a wireless node (including analog) of a wireless communication (including analog) network , the node for transmitting original data frames over a wireless interface (including analog) comprising : an intrusion detection module for correlating the original data frames with incoming data (power consumption) frames received over the air interface ; and connection means between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the original data frames . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 11 . The impersonation detection system of claim 10 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy ; an antenna for capturing the incoming traffic (power consumption) received on all transmission channels (frequency domain) allocated to the wireless node (including analog) ; a second receiving unit for detecting the incoming data (power consumption) frames from the incoming traffic ; and a data processing unit for correlating the copy with the incoming data frames and generating a impersonation detection signal . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . US4520674A CLAIM 11 . The device of claim 10 wherein said means for condensing said vibration signature data integrates the vibration signature in the frequency domain (transmission channels) over preselected frequency bands prior to storing the results of such integrations in said further memory . |
US7409715B2 CLAIM 14 . The impersonation detection system of claim 10 , wherein the connection means comprises , when the intrusion detection module resides away from the wireless node (including analog) : a transmitting unit on the wireless node , for transmitting the copy to the intrusion detection module ; and a secure link for connecting the wireless node with the intrusion detection module . |
US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 15 . The impersonation detection system of claim 14 , wherein the secure link is established as inter-processes communication , when the intrusion detection module is integrated within the wireless node (including analog) . |
US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 17 . A wireless node (including analog) for a wireless network comprising : means for transmitting outgoing data frames over a wireless interface (including analog) ; an intrusion detection module for correlating the outgoing data frames with incoming data (power consumption) frames received from the air interface ; and a secure link between the wireless node and the intrusion detection module for providing the intrusion detection module with a copy of the outgoing data frames . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . |
US7409715B2 CLAIM 18 . The wireless node (including analog) of claim 17 , wherein the intrusion detection module comprises : a first receiving unit for receiving the copy of the outgoing data frames ; an antenna for capturing the incoming traffic (power consumption) carried on all transmission channels (frequency domain) allocated to the wireless node ; a second receiving unit for detecting the incoming data (power consumption) frames from the incoming traffic ; and a data processing unit for correlating the copy of the outgoing data frames with the incoming data frames and generating an impersonation detected signal . |
US4520674A CLAIM 1 . A portable vibration monitoring device for use in connection with a base computer which stores data regarding the nature and parameters of vibration measurements to be made on preselected machines by such device , said device comprising : power supply means ; a vibration sensor which produces an analog signal representative of selected vibration of said machine upon mechanically connecting said sensor with said machine at preselected measurement points thereon ; signal conditioning means for conditioning said analog signal generated by said vibration sensor , said signal conditioning means including anti-aliasing means for filtering preselected frequencies from said signal generated by said sensor to enhance the accuracy of the data collected ; means connected with the output of said signal conditioning means including multiple modules which are selectively energized , one of said modules comprising high speed math processor means ; processing means for selectively energizing said modules for purposes of reducing power consumption (incoming data, incoming traffic, intrusion detection module incoming data frames) , for loading and retrieving information and instructions , and for selectively employing said anti-aliasing means for analysing digital information concerning vibration data stored in said device and for selectively interfacing with an operator by causing information to be displayed , and for controlling the various operational modes of said device ; means operably connected to said processing means for entering and loading instructions and information for controlling the operation of said device ; first memory means for storing operating instructions for use by said processing means ; and further memory means for storing data collected by said device from preselected locations upon said machines . US4520674A CLAIM 6 . The device of claim 1 wherein said means connected with the output of said signal conditioning means including multiple modules which are selectively energized including analog (wireless node, wireless communication, wireless interface) -to-digital converter means for digitizing said conditioned vibration signal , and power supply relay controller means for selectively energizing and de-energizing components of said device for purposes of reducing power consumption when said components are idle . US4520674A CLAIM 11 . The device of claim 10 wherein said means for condensing said vibration signature data integrates the vibration signature in the frequency domain (transmission channels) over preselected frequency bands prior to storing the results of such integrations in said further memory . |