319results about How to "Improve network security" patented technology

A method and system for security monitoring in a computer network has a packet sink with filtering and data analysis capabilities. The packet sink is a default destination for data packets having an address unrecognized by the network routers. At the packet sink, the packets are filtered and statistical summaries about the data traffic are created. The packet sink then forwards the data to a monitor, the information content depending on the level of traffic in the network.

A method of scanning electronic files for computer viruses comprises identifying at a first node 4 of a computer network 1, electronic files which require to be scanned for computer viruses. The first node 4 initiates a dialogue with a second node 7 of the network 1, the second node comprising a virus scanning application. During the dialogue, the second node 7 identifies to the first node 4 one or more portions of the electronic file required by the virus scanning application. The first node 4 transfers the identified portions to the second node 7 which then carries out a virus scanning operation. The result of this operation is then returned to the first node 4.

A system and method for enhancing the security of signal exchanges in a network system. The system and method include a process and means for generating one or more replacement encryption key sets based on information and events. The information that may cause the generation of a replacement encryption key set includes, but is not limited to, a specified period of time, the level and / or type of signal traffic, and the signal transmission protocol and the amount of data sent. A key manager function initiates the replacement encryption key process based on the information. The replacement encryption key set may be randomly or pseudo-randomly generated. Functions attached to the network system required to employ encryption key sets may have encryption key sets unique to them or shared with one or more other attached functions. The system and method may be employed in a wireless, wired, or mixed transmission medium environment.

Systems, methods, devices, and network architectures are disclosed for creating and implementing secure wireless, wired, and / or optical stealth-enabled networks using specially modified packets, cells, frames, and / or other “stealth” information structures. This enables stealth packets to have a low probability of detection, a low probability of interception, and a low probability of interpretation. Stealth packets are only detected, intercepted, and correctly interpreted by stealth-enabled network equipment. In its simplest form, stealth packet switching modifies the packet structure, protocols, timing, synchronization, and other elements through various rule-violations. This creates stealth packets, which normal equipment cannot receive correctly, and hence normal equipment discards the stealth packets. Stealth packets may be further enhanced with encryption techniques which focus on encrypting the packet structure itself, as opposed to merely encrypting the data. Using encryption to modify the packet structure itself adds an entirely new level of encryption complexity, thus making the stealth communications orders of magnitude more difficult to decrypt than standard decryption techniques. Combining stealth packets with time-based reservation packet switching enables total encryption of the packet (including header and preamble encryption) capable of routing through multiple hops without decryption of headers and preamble at each hop. Time-based reservation packet switching can also guarantee real-time stealth packet delivery through a network that is totally congested from data storms, virus caused congestion, and / or denial of service attacks.

A multiple key, multiple tiered network security system, method and apparatus provides at least three levels of security. The first level of security includes physical (MAC) address authentication of a user device being attached to the network, such as a user device being attached to a port of a network access device. The second level includes authentication of the user of the user device, such as user authentication in accordance with the IEEE 802.1x standard. The third level includes dynamic assignment of a user policy to the port based on the identity of the user, wherein the user policy is used to selectively control access to the port. The user policy may identify or include an access control list (ACL) or MAC address filter. Also, the user policy is not dynamically assigned if insufficient system resources are available to do so. Failure to pass a lower security level results in a denial of access to subsequent levels of authentication.

A high-directivity transponder system uses a dual system of a retrodirective array transmitting a data signal peak toward an interrogator source, and a self-null-steering array transmitting a null toward the interrogator source and a jamming signal elsewhere, resulting in high S / N reception at the interrogator source and avoidance of interception. Integrating modulators would allow each array to transmit different data while the spectra of the transmitted signals are identical, thus disabling interception. The system enables secure point-to-point communications and can be used for short-distance wireless data transmission systems such as wireless LAN and RFID servers. As another aspect, self-steering signal transmission is employed for randomly oriented satellites using circularly polarized, two-dimensional retrodirective arrays. Quadruple subharmonic mixing is used as an effective means of achieving phase conjugation when a high-frequency LO is not feasible or inapplicable. These features may be used for small-satellite communications, secure tactical communications, search and rescue, enemy location fixing and tracking, UAV command and control, forest fire detection, marine-based tracking, and many other applications requiring secure communications with high signal directivity.

A device (120) processes traffic in a network. The device (120) obtains information corresponding to an activity between a group of source devices and one or more services of destination devices, measures, for each of the group of source devices, a behavior of the source activity in terms of independence and uniformity of access to the one or more services, and determines, for each of the group of source devices, whether the source activity includes probing based on the measured behavior. The device (120) also determines, for each of the group of source devices, a similarity factor representing a similarity between the source activity of one of the group of source devices and another of the group of source devices, compares the similarity factors for each pair of source devices to a threshold, and groups source devices when the similar factor for those source devices are below the threshold.

A system for physically consolidating and securing access to service processors and management modules in computer, telecommunication and networking equipment is provided that isolates the management ports from the data network. The system converts low-level management protocols into higher-level network protocols suitable for secure transport over the data network. The system may encrypt the common format management data. The system may also authenticate each user that attempts to access the management interfaces.

A high-directivity transponder system uses a dual system of a retrodirective array transmitting a data signal peak toward an interrogator source, and a self-null-steering array transmitting a null toward the interrogator source and a jamming signal elsewhere, resulting in high S / N reception at the interrogator source and avoidance of interception. Integrating modulators would allow each array to transmit different data while the spectra of the transmitted signals are identical, thus disabling interception. The system enables secure point-to-point communications and can be used for short-distance wireless data transmission systems such as wireless LAN and RFID servers. As another aspect, self-steering signal transmission is employed for randomly oriented satellites using circularly polarized, two-dimensional retrodirective arrays. Quadruple subharmonic mixing is used as an effective means of achieving phase conjugation when a high-frequency LO is not feasible or inapplicable. These features may be used for small-satellite communications, secure tactical communications, search and rescue, enemy location fixing and tracking, UAV command and control, forest fire detection, marine-based tracking, and many other applications requiring secure communications with high signal directivity.

Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security.

A method and apparatus for providing network security using security labeling is disclosed. The method includes comparing first security level information and second security level information, and indicating processing to be performed on the packet based on the comparing. The first security level information is stored in a security label of a packet received at a network node, while the second security level information is stored at the network node.