EP1401160A4 - PACKET ANALYSIS SYSTEM - Google Patents

PACKET ANALYSIS SYSTEM

Info

Publication number
EP1401160A4
EP1401160A4 EP02722781A EP02722781A EP1401160A4 EP 1401160 A4 EP1401160 A4 EP 1401160A4 EP 02722781 A EP02722781 A EP 02722781A EP 02722781 A EP02722781 A EP 02722781A EP 1401160 A4 EP1401160 A4 EP 1401160A4
Authority
EP
European Patent Office
Prior art keywords
analysis system
packet analysis
packet
analysis
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP02722781A
Other languages
German (de)
French (fr)
Other versions
EP1401160A8 (en
EP1401160A1 (en
Inventor
Hisamichi Ohtani
Takeshi Hojo
Keiichi Iwata
Mansfield Glenn Keeni
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cyber Solutions Inc
NTT Data Group Corp
Original Assignee
NTT Data Corp
Cyber Solutions Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NTT Data Corp, Cyber Solutions Inc filed Critical NTT Data Corp
Publication of EP1401160A1 publication Critical patent/EP1401160A1/en
Publication of EP1401160A8 publication Critical patent/EP1401160A8/en
Publication of EP1401160A4 publication Critical patent/EP1401160A4/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/146Tracing the source of attacks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
EP02722781A 2001-04-27 2002-04-25 PACKET ANALYSIS SYSTEM Ceased EP1401160A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2001133290 2001-04-27
JP2001133290 2001-04-27
PCT/JP2002/004139 WO2002089426A1 (en) 2001-04-27 2002-04-25 Packet tracing system

Publications (3)

Publication Number Publication Date
EP1401160A1 EP1401160A1 (en) 2004-03-24
EP1401160A8 EP1401160A8 (en) 2004-07-07
EP1401160A4 true EP1401160A4 (en) 2008-07-30

Family

ID=18981169

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02722781A Ceased EP1401160A4 (en) 2001-04-27 2002-04-25 PACKET ANALYSIS SYSTEM

Country Status (4)

Country Link
US (1) US20040085906A1 (en)
EP (1) EP1401160A4 (en)
JP (1) JP3819364B2 (en)
WO (1) WO2002089426A1 (en)

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3934030B2 (en) * 2002-08-30 2007-06-20 株式会社エヌ・ティ・ティ・データ Packet passing route search method and program causing computer to execute the method
JP3832412B2 (en) * 2002-09-30 2006-10-11 横河電機株式会社 Packet path tracking system
WO2004034229A2 (en) 2002-10-10 2004-04-22 Rocksteady Networks, Inc. System and method for providing access control
JP3934029B2 (en) * 2002-10-25 2007-06-20 株式会社エヌ・ティ・ティ・データ Multiprotocol packet tracking method, multiprotocol packet tracking program, and multiprotocol packet tracking apparatus
JP4098127B2 (en) * 2003-03-14 2008-06-11 株式会社エヌ・ティ・ティ・データ Packet tracking method and packet tracking program
US7624438B2 (en) 2003-08-20 2009-11-24 Eric White System and method for providing a secure connection between networked computers
JP2005167450A (en) * 2003-12-01 2005-06-23 Yokogawa Electric Corp Packet log recorder
US7002943B2 (en) * 2003-12-08 2006-02-21 Airtight Networks, Inc. Method and system for monitoring a selected region of an airspace associated with local area networks of computing devices
JP4235907B2 (en) * 2003-12-12 2009-03-11 横河電機株式会社 Worm propagation monitoring system
US7903555B2 (en) * 2003-12-17 2011-03-08 Intel Corporation Packet tracing
JP4484663B2 (en) 2004-02-02 2010-06-16 株式会社サイバー・ソリューションズ Unauthorized information detection system and unauthorized attack source search system
JP4914468B2 (en) * 2004-02-02 2012-04-11 株式会社サイバー・ソリューションズ Unauthorized information detection system and unauthorized attack source search system
US7440434B2 (en) * 2004-02-11 2008-10-21 Airtight Networks, Inc. Method and system for detecting wireless access devices operably coupled to computer local area networks and related methods
US7339914B2 (en) * 2004-02-11 2008-03-04 Airtight Networks, Inc. Automated sniffer apparatus and method for monitoring computer systems for unauthorized access
US7610621B2 (en) 2004-03-10 2009-10-27 Eric White System and method for behavior-based firewall modeling
US8543710B2 (en) 2004-03-10 2013-09-24 Rpx Corporation Method and system for controlling network access
US7590728B2 (en) * 2004-03-10 2009-09-15 Eric White System and method for detection of aberrant network behavior by clients of a network access gateway
US20050204022A1 (en) * 2004-03-10 2005-09-15 Keith Johnston System and method for network management XML architectural abstraction
US7509625B2 (en) * 2004-03-10 2009-03-24 Eric White System and method for comprehensive code generation for system management
US7665130B2 (en) 2004-03-10 2010-02-16 Eric White System and method for double-capture/double-redirect to a different location
JP2007096413A (en) * 2005-09-27 2007-04-12 Seiko Instruments Inc Packet recording support apparatus, packet recording support method, and packet recording support program
US7647624B2 (en) 2005-11-30 2010-01-12 Novell, Inc. Techniques for preserving and managing identities in an audit log
FR2898453A1 (en) * 2006-03-13 2007-09-14 Thomson Licensing Sas TRANSMISSION OF A GENLOCK SIGNAL OVER AN IP NETWORK
JP2007251866A (en) * 2006-03-20 2007-09-27 Kyocera Mita Corp Electronic equipment device
JP4764810B2 (en) * 2006-12-14 2011-09-07 富士通株式会社 Abnormal traffic monitoring device, entry management device, and network system
JP4380710B2 (en) * 2007-02-26 2009-12-09 沖電気工業株式会社 Traffic anomaly detection system, traffic information observation device, and traffic information observation program
JP4406660B2 (en) * 2007-10-01 2010-02-03 株式会社エヌ・ティ・ティ・データ Packet tracking method and packet tracking program
US8255519B2 (en) * 2007-10-10 2012-08-28 Cisco Technology, Inc. Network bookmarking based on network traffic
US7970894B1 (en) 2007-11-15 2011-06-28 Airtight Networks, Inc. Method and system for monitoring of wireless devices in local area computer networks
US7793001B2 (en) * 2008-05-09 2010-09-07 Microsoft Corporation Packet compression for network packet traffic analysis
TWI425795B (en) * 2010-07-29 2014-02-01 Univ Nat Chiao Tung Method for tracing processing procedure of network packet
JP2014502063A (en) * 2010-12-06 2014-01-23 日本電気株式会社 Communication path verification system, path verification apparatus, communication path verification method, and path verification program
US9027139B2 (en) 2011-02-04 2015-05-05 Telefonaktiebolaget L M Ericsson (Publ) Method for malicious attacks monitoring
CN105337860B (en) * 2014-06-23 2018-10-30 华为技术有限公司 A kind of the determination method, apparatus and system of data packet transmission path
US9998542B2 (en) * 2014-12-18 2018-06-12 Yokogawa Electric Corporation System and method for determining routing information
FI127335B (en) 2016-05-27 2018-04-13 Cysec Ice Wall Oy Logging of data traffic in a computer network
US10771482B1 (en) * 2017-11-14 2020-09-08 Ca, Inc. Systems and methods for detecting geolocation-aware malware

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001004753A1 (en) * 1999-07-14 2001-01-18 Recourse Technologies, Inc. System and method for tracking the source of a computer attack

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3600257B2 (en) * 1993-05-31 2004-12-15 富士通株式会社 Information processing device and cache control device
US5802320A (en) * 1995-05-18 1998-09-01 Sun Microsystems, Inc. System for packet filtering of data packets at a computer network interface
US5802054A (en) * 1996-08-15 1998-09-01 3Com Corporation Atomic network switch with integrated circuit switch nodes
JP3483782B2 (en) * 1998-10-15 2004-01-06 株式会社エヌ・ティ・ティ・データ Electronic data tracking system and data relay device
US6678270B1 (en) * 1999-03-12 2004-01-13 Sandstorm Enterprises, Inc. Packet interception system including arrangement facilitating authentication of intercepted packets
JP3448254B2 (en) * 2000-02-02 2003-09-22 インターナショナル・ビジネス・マシーンズ・コーポレーション Access chain tracking system, network system, method, and recording medium
US7328349B2 (en) * 2001-12-14 2008-02-05 Bbn Technologies Corp. Hash-based systems and methods for detecting, preventing, and tracing network worms and viruses
US6981158B1 (en) * 2000-06-19 2005-12-27 Bbnt Solutions Llc Method and apparatus for tracing packets
US7836498B2 (en) * 2000-09-07 2010-11-16 Riverbed Technology, Inc. Device to protect victim sites during denial of service attacks
WO2002071227A1 (en) * 2001-03-01 2002-09-12 Cyber Operations, Llc System and method for anti-network terrorism
WO2002101516A2 (en) * 2001-06-13 2002-12-19 Intruvert Networks, Inc. Method and apparatus for distributed network security
US7140041B2 (en) * 2002-04-11 2006-11-21 International Business Machines Corporation Detecting dissemination of malicious programs
US7827272B2 (en) * 2002-11-04 2010-11-02 Riverbed Technology, Inc. Connection table for intrusion detection
US7426383B2 (en) * 2003-12-22 2008-09-16 Symbol Technologies, Inc. Wireless LAN intrusion detection based on location

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001004753A1 (en) * 1999-07-14 2001-01-18 Recourse Technologies, Inc. System and method for tracking the source of a computer attack

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
BELLOVIN AND LEECH AT&T LABS RESEARCH: "ICMP Traceback Messages; draft-ietf-itrace-00.txt", 1 March 2000, STANDARD-WORKING-DRAFT, INTERNET ENGINEERING TASK FORCE, IETF, CH, ISSN: 0000-0004, XP015021780 *
See also references of WO02089426A1 *
SNOEREN A C ET AL: "HASH-BASED IP TRACEBACK", COMPUTER COMMUNICATION REVIEW, ACM, NEW YORK, NY, US, vol. 31, no. 4, 7 February 2001 (2001-02-07), pages 1 - 13, XP002952661, ISSN: 0146-4833 *

Also Published As

Publication number Publication date
EP1401160A8 (en) 2004-07-07
JP3819364B2 (en) 2006-09-06
EP1401160A1 (en) 2004-03-24
JPWO2002089426A1 (en) 2004-08-19
US20040085906A1 (en) 2004-05-06
WO2002089426A1 (en) 2002-11-07

Similar Documents

Publication Publication Date Title
EP1401160A4 (en) PACKET ANALYSIS SYSTEM
DE60239687D1 (en) BIOPSY MARKER-SUPPLY SYSTEM
DE60204196D1 (en) Endoscopic system
FR2829541B1 (en) CLUTCH SYSTEM
FR2817306B1 (en) TRAINING SYSTEM
DE60201126D1 (en) TRAFFIC MONITORING SYSTEM
DE60128730D1 (en) ELECTROMAGNETIC-COUPLED CONNECTION SYSTEM ARCHITECTURE
EP1434629A4 (en) Sport swing analysis system
DE60133297D1 (en) BIOPSY SYSTEM
FR2803649B1 (en) CONNECTION DEVICE
EP1401264A4 (en) TRACING AND MARKING SYSTEM
NO20040040L (en) Improved lottery system
DE50106743D1 (en) EXHAUST SYSTEM
DE60127376D1 (en) DEVICE FOR ANALYSIS
DE60204273D1 (en) Crankcase ventilation system
FR2822225B1 (en) AIR GUIDE CHANNEL
DE60200788D1 (en) TRAFFIC MONITORING SYSTEM
EP1238278A4 (en) SPERM QUALITY ANALYSIS
FR2779824B1 (en) ATMOSPHERE ANALYSIS INSTALLATION
FR2823980B1 (en) ANESTHESIC DOSING SYSTEM
GB0130845D0 (en) Analysis
DE60219827D1 (en) Network system
FR2782281B1 (en) CREUSET FOR ANALYSIS
DE60214042D1 (en) WET-DRY-CLEANING SYSTEM
GB2382263B (en) System analysis

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20030825

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

RIN1 Information on inventor provided before grant (corrected)

Inventor name: KEENI MANSFIELD, GLENN,C/O CYBER SOLUTIONS, INC.

Inventor name: HOJO, TAKESHI,C/O NTT DATA CORPORATION

Inventor name: IWATA, KEIICHI,C/O NTT DATA CORPORATION

Inventor name: OHTANI, HISAMICHI,C/O NTT DATA CORPORATION

RIN1 Information on inventor provided before grant (corrected)

Inventor name: HOJO, TAKESHI,C/O NTT DATA CORPORATION

Inventor name: IWATA, KEIICHI,C/O NTT DATA CORPORATION

Inventor name: KEENI MANSFIELD, GLENN,C/O CYBER SOLUTIONS, INC.

Inventor name: OHTANI, HISAMICHI,C/O NTT DATA CORPORATION

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: CYBER SOLUTIONS INC.

Owner name: NTT DATA CORPORATION

A4 Supplementary search report drawn up and despatched

Effective date: 20080627

17Q First examination report despatched

Effective date: 20081021

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20120109