Snort mailing list archives
SRI patent on "Hierarchical event monitoring and analysis"
From: Richard Bejtlich <richard_bejtlich () yahoo com>
Date: Sat, 4 Oct 2003 19:17:56 -0700 (PDT)
Hello, I was doing research for my book "The Tao of Network Security Monitoring" and learned SRI (http://www.sri.com/) was awarded a patent on 19 Nov 02 for "Hierarchical event monitoring and analysis." It's patent 6,484,203 (http://www.uspto.gov) and says: "A computer-automated method of hierarchical event monitoring and analysis within an enterprise network including deploying network monitors in the enterprise network, detecting, by the network monitors, suspicious network activity based on analysis of network traffic data selected from the following categories: {network packet data transfer commands, network packet data transfer errors, network packet data volume, network connection requests, network connection denials, error codes included in a network packet}, generating, by the monitors, reports of the suspicious activity, and automatically receiving and integrating the reports of suspicious activity, by one or more hierarchical monitors." I thought this was alarming until I started browsing through the linked patents and found just about everything under the sun has been patented. How can SRI or anyone expect a patent like this to withstand scrutiny, since anyone can point to Marty's 1999 LISA talk on Snort as prior art, or Todd Heberlein's 1990 paper on network security monitoring? Thank you, Richard http://taosecurity.com __________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- SRI patent on "Hierarchical event monitoring and analysis" Richard Bejtlich (Oct 04)
- QUASHING thread: SRI patent on "Hierarchical event monitoring and analysis" Jeff Nathan (Oct 04)
- Re: SRI patent on "Hierarchical event monitoring and analysis" Rich Adamson (Oct 05)
- Re: SRI patent on "Hierarchical event monitoring and analysis" Martin Roesch (Oct 06)