Patents by Inventor Andrew Patrick Norman

Andrew Patrick Norman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9143524
    Abstract: A method of restricting transmission of data packets from a host entity in a network, including: transmitting outgoing packets to destination hosts whose identities are contained in a record stored in a working set of host identity records; over the course of repeated predetermined time intervals, restricting, to a predetermined number, destination hosts not identified in the working to which packets may be transmitted; upon transmission of a packet to a host whose identity is not contained in a record in the working set, adding a record containing the host's identity to the working set and attributing a time to live to the record; deleting each record from the working set whose time to live has expired.
    Type: Grant
    Filed: July 26, 2006
    Date of Patent: September 22, 2015
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jonathan Griffin, Andrew Patrick Norman, Richard James Smith
  • Patent number: 8505096
    Abstract: One embodiment of an apparatus for monitoring from a first location in a computer network traffic emanating from a source at a second location in the network, the apparatus comprising means at the first location for detecting traffic emanating from the source and means for monitoring the number, per unit time, of distinct destinations of the traffic that lie outside a first set specifying familiar destinations of the traffic. This monitoring process can trigger various responses such as the isolation of the source from the network. Other systems and methods are also provided.
    Type: Grant
    Filed: July 29, 2005
    Date of Patent: August 6, 2013
    Inventors: Jonathan Griffin, Andrew Patrick Norman, Matthew Murray Williamson
  • Patent number: 8392995
    Abstract: A method of operating a computing entity in a network having a log mapping computing entity network addresses to vulnerabilities, the method comprising the steps of: using the entity's network address, searching the log to establish what vulnerabilities the entity has; and if the log indicates the entity has a vulnerability, sending data identifying a user of the entity to an administrator of the network.
    Type: Grant
    Filed: January 11, 2005
    Date of Patent: March 5, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Matthew Murray Williamson, Andrew Patrick Norman, Jonathan Griffin
  • Patent number: 8230497
    Abstract: A method of identifying a software vulnerability on a computer system is disclosed in which the computer system has software stored thereon and is connected to a management system over a computer network. The method comprises the steps of: applying an interrogation program to the software, the interrogation program being capable of exploiting a known software vulnerability if it is present in the software to which the interrogation program is applied; in the event that the software vulnerability is exploited by the interrogation program, operating the interrogation program to generate a set of management information from which can be derived the identification of the computer system; and sending the management information to the management system.
    Type: Grant
    Filed: November 4, 2002
    Date of Patent: July 24, 2012
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Andrew Patrick Norman, John Melvin Brawn, John P Scrimsher, Jonathan Griffin
  • Patent number: 8046624
    Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.
    Type: Grant
    Filed: October 20, 2003
    Date of Patent: October 25, 2011
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Matthew Murray Williamson, Andrew Patrick Norman
  • Patent number: 7865876
    Abstract: A computing platform 20 provides multiple computing environments 24 each containing a guest operating system 25 provided by a virtual machine application 26. Optionally, each computing environment 24 is formed in a compartment 220 of a compartmented host operating system 22. A trusted device 213 verifies that the host operating system 22 and each guest operating system 25 operates in a secure and trusted manner by forming integrity metrics which can be interrogated by a user 10. Each computing environment is isolated and secure, and can be verified as trustworthy independent of any other computing environment.
    Type: Grant
    Filed: June 18, 2002
    Date of Patent: January 4, 2011
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jonathan Griffin, Christopher I. Dalton, Michael Child, Liqun Chen, Andrew Patrick Norman
  • Patent number: 7796515
    Abstract: A method of operating a first host within a network of a plurality of hosts. Over the course of a first time interval, requests received at the first host from a second host to send data to destination hosts are monitored. Identities of destination hosts monitored during the first time interval are compared with destination host identities in a record. Then, either data relating to requests which identify a destination host not in the record are stored in a storage buffer. Or the passage of data from the second host to the destination host within the network is limited over the course of the first time interval, so that during the first time interval the second host is unable to send data to more than a predetermined number of hosts not in the record.
    Type: Grant
    Filed: April 28, 2004
    Date of Patent: September 14, 2010
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jonathan Griffin, Andrew Patrick Norman, Matthew Murray Williamson, Aled Justin Edwards
  • Patent number: 7558216
    Abstract: A method and apparatus for controlling communications in a data network comprises detecting a request to initiate communication between a data processor and the network and determining if the communication request is abnormal and if so, controlling the data processor to degrade the resulting communication.
    Type: Grant
    Filed: February 1, 2005
    Date of Patent: July 7, 2009
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Matthew Murray Williamson, Andrew Patrick Norman
  • Patent number: 7437758
    Abstract: Propagation of viruses in a network having a plurality of hosts is restricted. Network activity of a first host of the plurality is monitored, and a first record established which is at least indicative of identities of hosts within the network contacted by a first host. Contact of the first host to other hosts within the network is limited over the course of a first time interval, so that during the first time interval the first host is unable to contact more than a predetermined number of hosts not in the first record. The method further includes an additional selection process for determining hosts of the plurality the first host is allowed to contact.
    Type: Grant
    Filed: October 31, 2003
    Date of Patent: October 14, 2008
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Matthew Murray Williamson, Andrew Patrick Norman, Jonathan Griffin
  • Patent number: 7373665
    Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.
    Type: Grant
    Filed: October 31, 2003
    Date of Patent: May 13, 2008
    Assignee: Hewlett-Packard Developement Company, L.P.
    Inventors: Matthew Murray Williamson, Jonathan Griffin, Andrew Patrick Norman
  • Patent number: 7353539
    Abstract: A method of identifying a software vulnerability in computer systems in a computer network includes a multiple level scanning process controlled from a management system connected to the network. The management system runs a root scanner which applies an interrogation program to remote systems having network addresses in a predefined address range. When a software vulnerability is detected, the interrogation program causes the respective remote system to scan topologically local systems, the remote system itself applying a second interrogation program to the local systems to detect and mitigate the vulnerability using an associated mitigation payload. Whilst that local scanning process is in progress, the root scanner can be applied to remote systems in other predefined address ranges.
    Type: Grant
    Filed: January 16, 2003
    Date of Patent: April 1, 2008
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: John Melvin Brawn, Andrew Patrick Norman, Chris Ralph Dalton, Jonathan Griffin
  • Patent number: 7278019
    Abstract: A method of hindering the propagation of a computer virus on a computer network is disclosed. The computer network comprises a plurality of addressable connections capable of receiving data from at least one computer system, and a detection computer arranged to detect the presence of a computer virus. The method comprises: operating the detection computer to monitor the plurality of addressable connections thereby to detect the presence of a computer virus on at least one of the addressable connections; in the event that a computer virus is detected, identifying the at least one computer system that sent the computer virus to the at least one addressable connection; and sending virus remediating means to the at least one identified computer system, the virus remediating means being arranged at least to hinder the operation of the computer virus. A computer program and computer system for hindering the propagation of a computer virus is also disclosed.
    Type: Grant
    Filed: November 4, 2002
    Date of Patent: October 2, 2007
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Andrew Patrick Norman
  • Publication number: 20040255159
    Abstract: Propagation of viruses in a network having a plurality of hosts is restricted. Network activity of a first host of the plurality is monitored, and a first record established which is at least indicative of identities of hosts within the network contacted by a first host. Contact of the first host to other hosts within the network is limited over the course of a first time interval, so that during the first time interval the first host is unable to contact more than a predetermined number of hosts not in the first record. The method further comprises an additional selection process for determining hosts of the plurality the first host is allowed to contact.
    Type: Application
    Filed: October 31, 2003
    Publication date: December 16, 2004
    Inventors: Matthew Murray Williamson, Andrew Patrick Norman, Jonathan Griffin
  • Publication number: 20040218615
    Abstract: A method of operating a first host within a network of a plurality of hosts. Over the course of a first time interval, requests received at the first host from a second host to send data to destination hosts are monitored. Identities of destination hosts monitored during the first time interval are compared with destination host identities in a record. Then, either data relating to requests which identify a destination host not in the record are stored in a storage buffer. Or the passage of data from the second host to the destination host within the network is limited over the course of the first time interval, so that during the first time interval the second host is unable to send data to more than a predetermined number of hosts not in the record.
    Type: Application
    Filed: April 28, 2004
    Publication date: November 4, 2004
    Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
    Inventors: Jonathan Griffin, Andrew Patrick Norman, Matthew Murray Williamson, Aled Justin Edwards
  • Publication number: 20040218327
    Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.
    Type: Application
    Filed: October 31, 2003
    Publication date: November 4, 2004
    Inventors: Matthew Murray Williamson, Jonathan Griffin, Andrew Patrick Norman
  • Publication number: 20040088564
    Abstract: A method of hindering the propagation of a computer virus on a computer network is disclosed. The computer network comprises a plurality of addressable connections capable of receiving data from at least one computer system, and a detection computer arranged to detect the presence of a computer virus. The method comprises: operating the detection computer to monitor the plurality of addressable connections thereby to detect the presence of a computer virus on at least one of the addressable connections; in the event that a computer virus is detected, identifying the at least one computer system that sent the computer virus to the at least one addressable connection; and sending virus remediating means to the at least one identified computer system, the virus remediating means being arranged at least to hinder the operation of the computer virus. A computer program and computer system for hindering the propagation of a computer virus is also disclosed.
    Type: Application
    Filed: November 4, 2002
    Publication date: May 6, 2004
    Inventor: Andrew Patrick Norman
  • Publication number: 20040088581
    Abstract: A method of identifying a software vulnerability in computer systems in a computer network includes a multiple level scanning process controlled from a management system connected to the network. The management system runs a root scanner which applies an interrogation program to remote systems having network addresses in a predefined address range. When a software vulnerability is detected, the interrogation program causes the respective remote system to scan topologically local systems, the remote system itself applying a second interrogation program to the local systems to detect and mitigate the vulnerability using an associated mitigation payload. Whilst that local scanning process is in progress, the root scanner can be applied to remote systems in other predefined address ranges.
    Type: Application
    Filed: January 16, 2003
    Publication date: May 6, 2004
    Inventors: John Melvin Brawn, Andrew Patrick Norman, Chris Ralph Dalton, Jonathan Griffin
  • Publication number: 20040088565
    Abstract: A method of identifying a software vulnerability on a computer system is disclosed in which the computer system has software stored thereon and is connected to a management system over a computer network. The method comprises the steps of: applying an interrogation program to the software, the interrogation program being capable of exploiting a known software vulnerability if it is present in the software to which the interrogation program is applied; in the event that the software vulnerability is exploited by the interrogation program, operating the interrogation program to generate a set of management information from which can be derived the identification of the computer system; and sending the management information to the management system.
    Type: Application
    Filed: November 4, 2002
    Publication date: May 6, 2004
    Inventors: Andrew Patrick Norman, John Melvin Brawn, John P. Scrimsher, Jonathan Griffin
  • Publication number: 20040083372
    Abstract: Requests to send data from a first host within a network of hosts are monitored against a record of destination hosts who have been sent data in accordance with a predetermined policy. Destination host identities not the record are stored in a buffer. The buffer size is monitored to establish whether requests from the first host are pursuant to viral activity therein.
    Type: Application
    Filed: October 20, 2003
    Publication date: April 29, 2004
    Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.C.
    Inventors: Matthew Murray Williamson, Andrew Patrick Norman
  • Publication number: 20040078572
    Abstract: A cheat detection facility is provided in which integrity challenges are issued to a game participant seeking to ensure that the participant is not running any patches or other executable code to augment his performance in the game. The player cannot participate further in the game if an integrity check is failed.
    Type: Application
    Filed: July 30, 2003
    Publication date: April 22, 2004
    Inventors: Siani Lynne Pearson, Andrew Patrick Norman