06279113 is referenced by 653 patents and cites 9 patents.

A signature based dynamic network intrusion detection system (IDS) includes attack signature profiles which are descriptive of characteristics of known network security violations. The attack signature profiles are organized into sets of attack signature profiles according to security requirements of network objects on a network. Each network object is assigned a set of attack signature profiles which is stored in a signature profile memory together with association data indicative of which sets of attack signature profiles correspond to which network objects. A monitoring device monitors network traffic for data addressed to the network objects. Upon detecting a data packet addressed to one of the network objects, packet information is extracted from the data packet. The extracted information is utilized to obtain a set of attack signature profiles corresponding to the network object based on the association data. A virtual processor executes instructions associated with attack signature profiles to determine if the packet is associated with a known network security violation. An attack signature profile generator is utilized to generate additional attack signature profiles configured for processing by the virtual processor in the absence of any corresponding modification of the virtual processor.

Title
Dynamic signature inspection-based network intrusion detection
Application Number
9/90774
Publication Number
6279113 (B1)
Application Date
June 4, 1998
Publication Date
August 21, 2001
Inventor
Vimal Vaidya
Fremont
CA, US
Agent
Luce Forward Hamilton & Scripps
US
Assignee
Internet Tools
CA, US
IPC
H04L 9/00
View Original Source