Patents Assigned to Q1 Labs, Inc.
-
Patent number: 8331234Abstract: Systems and methods are provided for collecting and analyzing packet data flows. A flow collector generates flow data records based on each packet that is observed at one or more network monitoring points. A flow processor receives the flow data records from one or more flow collectors and examines the flow data records to identify related flows. Further features, such as content capture and application identification, are also provided.Type: GrantFiled: September 9, 2004Date of Patent: December 11, 2012Assignee: Q1 Labs Inc.Inventors: Christopher Daniel Newton, Christopher Wayne Fanjoy, Jason Leger
-
Patent number: 8209759Abstract: A security incident manger includes events and network flows in the analysis of an attack to better identify the magnitude of the attack and how to handle the situation. The raw events are reported by monitored devices and the incident manager may request network flows from various devices corresponding to a raw event. The manager then assigns a variable score to the severity, the relevance and the credibility of the event to determine its next processing steps. Those events that appear to be a likely and effective attack are classified as offenses. Offenses are stored in order to provide additional data for evaluating future events and for building a “rap sheet” against repeat attackers and repeat events.Type: GrantFiled: July 18, 2006Date of Patent: June 26, 2012Assignee: Q1 Labs, Inc.Inventors: Christopher D. Newton, William Bird
-
Patent number: 8160855Abstract: A method of simulating network activities includes building a model of the network, the model including data retrieved over a predetermined period of time. The method further includes running a plurality of queries against the model to determine their impacts on the network.Type: GrantFiled: June 26, 2008Date of Patent: April 17, 2012Assignee: Q1 Labs, Inc.Inventors: Aliakbar Ghorbani, Iosif Viorel Onut, Natalia Stakhanova, William Bird
-
Patent number: 8024795Abstract: A network security system takes an active approach to network security. This is accomplished by providing intelligence about other networks. A master network intelligence database is established that uses a plurality of network information agents for gathering information about networks and providing the information to the master network intelligence database. A customer network security system is then able to secure the customer network in dependence upon information received from the master network intelligence. Security information includes at least one of hostility level on the Internet, collected from numerous sites; security event history; spam levels; hosted services; public wireless; organization type; organization associations; peer ISPs; bandwidth connection to the Internet; active security measures; number of users on the network; age of the network; inappropriate content served; industry; geographic placement; open proxy servers; and contact information.Type: GrantFiled: May 9, 2003Date of Patent: September 20, 2011Assignee: Q1 Labs, Inc.Inventor: Chris Newton
-
Publication number: 20110055924Abstract: A system for matching a system event to a rule is disclosed. The system includes a computer-readable data structure comprising a plurality of system event rules organizable as a partially ordered set. The system also includes a processor configured to analyze the computer-readable data structure to determine whether an event matches a description set of at least one rule from the plurality of system event rules. Methods and machine-readable mediums are also disclosed.Type: ApplicationFiled: September 2, 2009Publication date: March 3, 2011Applicant: Q1 LABS INC.Inventors: Natalia STAKHANOVA, Ali-akbar Ghorbani, William Bird
-
Publication number: 20090326899Abstract: A method of simulating network activities includes building a model of the network, the model including data retrieved over a predetermined period of time. The method further includes running a plurality of queries against the model to determine their impacts on the network.Type: ApplicationFiled: June 26, 2008Publication date: December 31, 2009Applicant: Q1 LABS, INC.Inventors: Aliakbar Ghorbani, Iosif Viorel Onut, Natalia Stakhanova, William Bird