WO2003014932A3 - System and method for providing passive screening of transient messages in a distributed computing environment - Google Patents

System and method for providing passive screening of transient messages in a distributed computing environment Download PDF

Info

Publication number
WO2003014932A3
WO2003014932A3 PCT/US2002/023827 US0223827W WO03014932A3 WO 2003014932 A3 WO2003014932 A3 WO 2003014932A3 US 0223827 W US0223827 W US 0223827W WO 03014932 A3 WO03014932 A3 WO 03014932A3
Authority
WO
WIPO (PCT)
Prior art keywords
computing environment
distributed computing
providing passive
transient
passive screening
Prior art date
Application number
PCT/US2002/023827
Other languages
French (fr)
Other versions
WO2003014932A2 (en
Inventor
Davide Libenzi
Victor Kouznetsov
Original Assignee
Networks Assoc Tech Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/061,415 external-priority patent/US7461403B1/en
Application filed by Networks Assoc Tech Inc filed Critical Networks Assoc Tech Inc
Priority to AU2002322692A priority Critical patent/AU2002322692A1/en
Priority to CA002456118A priority patent/CA2456118C/en
Publication of WO2003014932A2 publication Critical patent/WO2003014932A2/en
Publication of WO2003014932A3 publication Critical patent/WO2003014932A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

A system (20) and method (90) for providing passive screening of transient messages (61) in a distributed computing environment (10) is described. A transient packet stream is passively monitored at a network boundary. Incoming datagrams (61) structured in compliance with a network protocol layer (70) are received. One or more to the incoming datagrams (61) are reassembled into a segment (62) structured in compliance with a transport protocol layer (72). Contents of the reassembled segment (62) are scanned for a presence of at least one of a computer virus and malware to identify infected message contents.
PCT/US2002/023827 2001-08-03 2002-07-26 System and method for providing passive screening of transient messages in a distributed computing environment WO2003014932A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2002322692A AU2002322692A1 (en) 2001-08-03 2002-07-26 System and method for providing passive screening of transient messages in a distributed computing environment
CA002456118A CA2456118C (en) 2001-08-03 2002-07-26 System and method for providing passive screening of transient messages in a distributed computing environment

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US30983501P 2001-08-03 2001-08-03
US30985801P 2001-08-03 2001-08-03
US60/309,858 2001-08-03
US60/309,835 2001-08-03
US10/061,415 US7461403B1 (en) 2001-08-03 2002-02-01 System and method for providing passive screening of transient messages in a distributed computing environment
US10/061,415 2002-02-01

Publications (2)

Publication Number Publication Date
WO2003014932A2 WO2003014932A2 (en) 2003-02-20
WO2003014932A3 true WO2003014932A3 (en) 2003-12-18

Family

ID=27370048

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/023827 WO2003014932A2 (en) 2001-08-03 2002-07-26 System and method for providing passive screening of transient messages in a distributed computing environment

Country Status (3)

Country Link
AU (1) AU2002322692A1 (en)
CA (1) CA2456118C (en)
WO (1) WO2003014932A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050050334A1 (en) 2003-08-29 2005-03-03 Trend Micro Incorporated, A Japanese Corporation Network traffic management by a virus/worm monitor in a distributed network
GB2418563A (en) * 2004-09-23 2006-03-29 Agilent Technologies Inc Monitoring for malicious attacks in a communications network
US8549639B2 (en) 2005-08-16 2013-10-01 At&T Intellectual Property I, L.P. Method and apparatus for diagnosing and mitigating malicious events in a communication network
US9329973B2 (en) 2006-03-22 2016-05-03 British Telecommunications Public Limited Company Method and apparatus for automated testing software

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5968176A (en) * 1997-05-29 1999-10-19 3Com Corporation Multilayer firewall system
EP1081894A1 (en) * 1999-08-18 2001-03-07 Alma-Baba Technical Research Laboratory Co., Ltd. System for monitoring network for cracker attack

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5968176A (en) * 1997-05-29 1999-10-19 3Com Corporation Multilayer firewall system
EP1081894A1 (en) * 1999-08-18 2001-03-07 Alma-Baba Technical Research Laboratory Co., Ltd. System for monitoring network for cracker attack

Also Published As

Publication number Publication date
CA2456118A1 (en) 2003-02-20
AU2002322692A1 (en) 2003-02-24
WO2003014932A2 (en) 2003-02-20
CA2456118C (en) 2008-10-28

Similar Documents

Publication Publication Date Title
WO2000052896A3 (en) Method and apparatus for managing a network flow in a high performance network interface
WO2002019067A3 (en) Maintaining virus detection software
BR0009754A (en) Process for providing regional subscription data for a service visitor location record
NO980366L (en) Packet routing
DE60044671D1 (en) NETWORK STACK SWITCHING ARRANGEMENT
WO2001091313A3 (en) A method, system and apparatus for establishing, monitoring, and managing connectivity for communication among heterogeneous systems
EP1009175A3 (en) Method and system for HLR access over an IP network
WO2005022440A8 (en) Network isolation techniques suitable for virus protection
WO2005117356A3 (en) Quarantine networking
WO2004027561A3 (en) Client-based message protocol translation
DE19680539T1 (en) Virus detection and removal device for computer networks
WO2003019874A3 (en) Congestion management for packet routers
MX9800927A (en) Packet routing.
AU2002250599A1 (en) Transport multiplexer management and control
WO2002103978A3 (en) Method and system for mobile ip nodes in heterogeneous networks
WO1995009504A3 (en) Protocol for transporting real-time data
CA2326852A1 (en) Providing customer treatment in a call center based on a network source address of a request originator
CA2460530A1 (en) Method, apparatus and computer program for the decapsulation and encapsulation of packets with multiple headers
EP1175061A3 (en) Computer systems, in particular virtual private networks
FI990586A (en) A method and system for transmitting multimedia information in a packet switched cellular radio network
AU3004501A (en) Method and devices to provide a defined quality of service in a packet switched communication network
CA2382746A1 (en) System and method for packet transport in a ring network
EP1122932A3 (en) Protection of computer networks against malicious content
FI990879A (en) A method and system for transmitting multimedia information in a packet switched cellular radio network having an external interface
DE60034320D1 (en) METHOD FOR AVOIDING NON-EQUINENT FRAMEWORK IN A NETWORK TRANSMISSION AGENT

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BY BZ CA CH CN CO CR CU CZ DE DM DZ EC EE ES FI GB GD GE GH HR HU ID IL IN IS JP KE KG KP KR LC LK LR LS LT LU LV MA MD MG MN MW MX MZ NO NZ OM PH PL PT RU SD SE SG SI SK SL TJ TM TN TR TZ UA UG UZ VN YU ZA ZM

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ UG ZM ZW AM AZ BY KG KZ RU TJ TM AT BE BG CH CY CZ DK EE ES FI FR GB GR IE IT LU MC PT SE SK TR BF BJ CF CG CI GA GN GQ GW ML MR NE SN TD TG

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2456118

Country of ref document: CA

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP