06785821 is referenced by 67 patents.

An intrusion detection system and method for detecting unauthorized or malicious use of network resources includes an intrusion detection analysis engine that instanciates one or more analysis objects to detect signatures associated with attacks on network vulnerabilities. As new network vulnerabilities are identified, new analysis objects can be dynamically interfaced on a runtime basis with the intrusion detection analysis engine to detect signatures associated with the new network vulnerabilities. A signature application programming interface supports communication between the intrusion detection analysis engine and the analysis objects. When the instance of an analysis object indicates that an associated signature exists in network data, the intrusion detection analysis engine can provide an alarm.

Title
Intrusion detection system and method having dynamically loaded signatures
Application Number
10/288660
Publication Number
6785821 (B1)
Application Date
November 4, 2002
Publication Date
August 31, 2004
Inventor
Daniel M Teal
San Antonio
TX, US
Agent
Baker Botts L
US
Assignee
Cisco Technology
CA, US
IPC
H04L 9/00
View Original Source