Patents by Inventor Andrew Patrick Norman
Andrew Patrick Norman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9143524Abstract: A method of restricting transmission of data packets from a host entity in a network, including: transmitting outgoing packets to destination hosts whose identities are contained in a record stored in a working set of host identity records; over the course of repeated predetermined time intervals, restricting, to a predetermined number, destination hosts not identified in the working to which packets may be transmitted; upon transmission of a packet to a host whose identity is not contained in a record in the working set, adding a record containing the host's identity to the working set and attributing a time to live to the record; deleting each record from the working set whose time to live has expired.Type: GrantFiled: July 26, 2006Date of Patent: September 22, 2015Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jonathan Griffin, Andrew Patrick Norman, Richard James Smith
-
Patent number: 8505096Abstract: One embodiment of an apparatus for monitoring from a first location in a computer network traffic emanating from a source at a second location in the network, the apparatus comprising means at the first location for detecting traffic emanating from the source and means for monitoring the number, per unit time, of distinct destinations of the traffic that lie outside a first set specifying familiar destinations of the traffic. This monitoring process can trigger various responses such as the isolation of the source from the network. Other systems and methods are also provided.Type: GrantFiled: July 29, 2005Date of Patent: August 6, 2013Inventors: Jonathan Griffin, Andrew Patrick Norman, Matthew Murray Williamson
-
Patent number: 8392995Abstract: A method of operating a computing entity in a network having a log mapping computing entity network addresses to vulnerabilities, the method comprising the steps of: using the entity's network address, searching the log to establish what vulnerabilities the entity has; and if the log indicates the entity has a vulnerability, sending data identifying a user of the entity to an administrator of the network.Type: GrantFiled: January 11, 2005Date of Patent: March 5, 2013Assignee: Hewlett-Packard Development Company, L.P.Inventors: Matthew Murray Williamson, Andrew Patrick Norman, Jonathan Griffin
-
Patent number: 8230497Abstract: A method of identifying a software vulnerability on a computer system is disclosed in which the computer system has software stored thereon and is connected to a management system over a computer network. The method comprises the steps of: applying an interrogation program to the software, the interrogation program being capable of exploiting a known software vulnerability if it is present in the software to which the interrogation program is applied; in the event that the software vulnerability is exploited by the interrogation program, operating the interrogation program to generate a set of management information from which can be derived the identification of the computer system; and sending the management information to the management system.Type: GrantFiled: November 4, 2002Date of Patent: July 24, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventors: Andrew Patrick Norman, John Melvin Brawn, John P Scrimsher, Jonathan Griffin
-
Patent number: 8046624Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.Type: GrantFiled: October 20, 2003Date of Patent: October 25, 2011Assignee: Hewlett-Packard Development Company, L.P.Inventors: Matthew Murray Williamson, Andrew Patrick Norman
-
Patent number: 7865876Abstract: A computing platform 20 provides multiple computing environments 24 each containing a guest operating system 25 provided by a virtual machine application 26. Optionally, each computing environment 24 is formed in a compartment 220 of a compartmented host operating system 22. A trusted device 213 verifies that the host operating system 22 and each guest operating system 25 operates in a secure and trusted manner by forming integrity metrics which can be interrogated by a user 10. Each computing environment is isolated and secure, and can be verified as trustworthy independent of any other computing environment.Type: GrantFiled: June 18, 2002Date of Patent: January 4, 2011Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jonathan Griffin, Christopher I. Dalton, Michael Child, Liqun Chen, Andrew Patrick Norman
-
Patent number: 7796515Abstract: A method of operating a first host within a network of a plurality of hosts. Over the course of a first time interval, requests received at the first host from a second host to send data to destination hosts are monitored. Identities of destination hosts monitored during the first time interval are compared with destination host identities in a record. Then, either data relating to requests which identify a destination host not in the record are stored in a storage buffer. Or the passage of data from the second host to the destination host within the network is limited over the course of the first time interval, so that during the first time interval the second host is unable to send data to more than a predetermined number of hosts not in the record.Type: GrantFiled: April 28, 2004Date of Patent: September 14, 2010Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jonathan Griffin, Andrew Patrick Norman, Matthew Murray Williamson, Aled Justin Edwards
-
Patent number: 7558216Abstract: A method and apparatus for controlling communications in a data network comprises detecting a request to initiate communication between a data processor and the network and determining if the communication request is abnormal and if so, controlling the data processor to degrade the resulting communication.Type: GrantFiled: February 1, 2005Date of Patent: July 7, 2009Assignee: Hewlett-Packard Development Company, L.P.Inventors: Matthew Murray Williamson, Andrew Patrick Norman
-
Patent number: 7437758Abstract: Propagation of viruses in a network having a plurality of hosts is restricted. Network activity of a first host of the plurality is monitored, and a first record established which is at least indicative of identities of hosts within the network contacted by a first host. Contact of the first host to other hosts within the network is limited over the course of a first time interval, so that during the first time interval the first host is unable to contact more than a predetermined number of hosts not in the first record. The method further includes an additional selection process for determining hosts of the plurality the first host is allowed to contact.Type: GrantFiled: October 31, 2003Date of Patent: October 14, 2008Assignee: Hewlett-Packard Development Company, L.P.Inventors: Matthew Murray Williamson, Andrew Patrick Norman, Jonathan Griffin
-
Patent number: 7373665Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.Type: GrantFiled: October 31, 2003Date of Patent: May 13, 2008Assignee: Hewlett-Packard Developement Company, L.P.Inventors: Matthew Murray Williamson, Jonathan Griffin, Andrew Patrick Norman
-
Patent number: 7353539Abstract: A method of identifying a software vulnerability in computer systems in a computer network includes a multiple level scanning process controlled from a management system connected to the network. The management system runs a root scanner which applies an interrogation program to remote systems having network addresses in a predefined address range. When a software vulnerability is detected, the interrogation program causes the respective remote system to scan topologically local systems, the remote system itself applying a second interrogation program to the local systems to detect and mitigate the vulnerability using an associated mitigation payload. Whilst that local scanning process is in progress, the root scanner can be applied to remote systems in other predefined address ranges.Type: GrantFiled: January 16, 2003Date of Patent: April 1, 2008Assignee: Hewlett-Packard Development Company, L.P.Inventors: John Melvin Brawn, Andrew Patrick Norman, Chris Ralph Dalton, Jonathan Griffin
-
Patent number: 7278019Abstract: A method of hindering the propagation of a computer virus on a computer network is disclosed. The computer network comprises a plurality of addressable connections capable of receiving data from at least one computer system, and a detection computer arranged to detect the presence of a computer virus. The method comprises: operating the detection computer to monitor the plurality of addressable connections thereby to detect the presence of a computer virus on at least one of the addressable connections; in the event that a computer virus is detected, identifying the at least one computer system that sent the computer virus to the at least one addressable connection; and sending virus remediating means to the at least one identified computer system, the virus remediating means being arranged at least to hinder the operation of the computer virus. A computer program and computer system for hindering the propagation of a computer virus is also disclosed.Type: GrantFiled: November 4, 2002Date of Patent: October 2, 2007Assignee: Hewlett-Packard Development Company, L.P.Inventor: Andrew Patrick Norman
-
Publication number: 20040255159Abstract: Propagation of viruses in a network having a plurality of hosts is restricted. Network activity of a first host of the plurality is monitored, and a first record established which is at least indicative of identities of hosts within the network contacted by a first host. Contact of the first host to other hosts within the network is limited over the course of a first time interval, so that during the first time interval the first host is unable to contact more than a predetermined number of hosts not in the first record. The method further comprises an additional selection process for determining hosts of the plurality the first host is allowed to contact.Type: ApplicationFiled: October 31, 2003Publication date: December 16, 2004Inventors: Matthew Murray Williamson, Andrew Patrick Norman, Jonathan Griffin
-
Publication number: 20040218615Abstract: A method of operating a first host within a network of a plurality of hosts. Over the course of a first time interval, requests received at the first host from a second host to send data to destination hosts are monitored. Identities of destination hosts monitored during the first time interval are compared with destination host identities in a record. Then, either data relating to requests which identify a destination host not in the record are stored in a storage buffer. Or the passage of data from the second host to the destination host within the network is limited over the course of the first time interval, so that during the first time interval the second host is unable to send data to more than a predetermined number of hosts not in the record.Type: ApplicationFiled: April 28, 2004Publication date: November 4, 2004Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.Inventors: Jonathan Griffin, Andrew Patrick Norman, Matthew Murray Williamson, Aled Justin Edwards
-
Publication number: 20040218327Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.Type: ApplicationFiled: October 31, 2003Publication date: November 4, 2004Inventors: Matthew Murray Williamson, Jonathan Griffin, Andrew Patrick Norman
-
Publication number: 20040088581Abstract: A method of identifying a software vulnerability in computer systems in a computer network includes a multiple level scanning process controlled from a management system connected to the network. The management system runs a root scanner which applies an interrogation program to remote systems having network addresses in a predefined address range. When a software vulnerability is detected, the interrogation program causes the respective remote system to scan topologically local systems, the remote system itself applying a second interrogation program to the local systems to detect and mitigate the vulnerability using an associated mitigation payload. Whilst that local scanning process is in progress, the root scanner can be applied to remote systems in other predefined address ranges.Type: ApplicationFiled: January 16, 2003Publication date: May 6, 2004Inventors: John Melvin Brawn, Andrew Patrick Norman, Chris Ralph Dalton, Jonathan Griffin
-
Publication number: 20040088565Abstract: A method of identifying a software vulnerability on a computer system is disclosed in which the computer system has software stored thereon and is connected to a management system over a computer network. The method comprises the steps of: applying an interrogation program to the software, the interrogation program being capable of exploiting a known software vulnerability if it is present in the software to which the interrogation program is applied; in the event that the software vulnerability is exploited by the interrogation program, operating the interrogation program to generate a set of management information from which can be derived the identification of the computer system; and sending the management information to the management system.Type: ApplicationFiled: November 4, 2002Publication date: May 6, 2004Inventors: Andrew Patrick Norman, John Melvin Brawn, John P. Scrimsher, Jonathan Griffin
-
Publication number: 20040088564Abstract: A method of hindering the propagation of a computer virus on a computer network is disclosed. The computer network comprises a plurality of addressable connections capable of receiving data from at least one computer system, and a detection computer arranged to detect the presence of a computer virus. The method comprises: operating the detection computer to monitor the plurality of addressable connections thereby to detect the presence of a computer virus on at least one of the addressable connections; in the event that a computer virus is detected, identifying the at least one computer system that sent the computer virus to the at least one addressable connection; and sending virus remediating means to the at least one identified computer system, the virus remediating means being arranged at least to hinder the operation of the computer virus. A computer program and computer system for hindering the propagation of a computer virus is also disclosed.Type: ApplicationFiled: November 4, 2002Publication date: May 6, 2004Inventor: Andrew Patrick Norman
-
Publication number: 20040083372Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.Type: ApplicationFiled: October 20, 2003Publication date: April 29, 2004Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.C.Inventors: Matthew Murray Williamson, Andrew Patrick Norman
-
Publication number: 20040078572Abstract: A cheat detection facility is provided in which integrity challenges are issued to a game participant seeking to ensure that the participant is not running any patches or other executable code to augment his performance in the game. The player cannot participate further in the game if an integrity check is failed.Type: ApplicationFiled: July 30, 2003Publication date: April 22, 2004Inventors: Siani Lynne Pearson, Andrew Patrick Norman