Patents by Inventor Martin Wayne Fong

Martin Wayne Fong has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 7694115
    Abstract: A system for managing network alerts including data connections adapted to receive alerts from network sensors, alert processing logic coupled to the data connections and further including alert integration logic operable to integrate the alerts, report generation logic coupled to the alert integration logic, distribution logic coupled to the report generation logic and a remote management unit coupled to the alert processing logic and being operable to dynamically modify the alert processing logic.
    Type: Grant
    Filed: August 1, 2000
    Date of Patent: April 6, 2010
    Assignee: SRI International
    Inventors: Phillip Andrew Porras, Martin Wayne Fong
  • Patent number: 7379993
    Abstract: This invention uses Bayesian techniques to prioritize alerts or alert groups generated by intrusion detection systems and other information security devices, such as network analyzers, network monitors, firewalls, antivirus software, authentication services, host and application security services, etc. In a preferred embodiment, alerts are examined for the presence of one or more relevant features, such as the type of an attack, the target of an attack, the outcome of an attack, etc. At least a subset of the features is then provided to a real-time Bayes network, which assigns relevance scores to the received alerts or alert groups. In another embodiment, a network manager (a person) can disagree with the relevance score assigned by the Bayes network, and give an alert or alert group a different relevance score. The Bayes network is then modified so that similar future alerts or alert groups will be assigned a relevance score that more closely matches the score given by the network manager.
    Type: Grant
    Filed: September 13, 2001
    Date of Patent: May 27, 2008
    Assignee: SRI International
    Inventors: Alfonso De Jesus Valdes, Martin Wayne Fong, Phillip Andrew Porras
  • Patent number: 6704874
    Abstract: A method of managing alerts in a network including receiving alerts from network sensors, consolidating the alerts that are indicative of a common incident and generating output reflecting the consolidated alerts.
    Type: Grant
    Filed: July 25, 2000
    Date of Patent: March 9, 2004
    Assignee: SRI International, Inc.
    Inventors: Phillip Andrew Porras, Martin Wayne Fong
  • Publication number: 20040024864
    Abstract: Preferred embodiments combine audit records with other relevant information to identify and track the users, processes or applications responsible for an attack. Information that identifies a user, process, or application may be associated with subsequent audit records related to the user or process session; this information may also be associated with IDS alerts related to the session. By reliably identifying the source of user and process sessions, the preferred embodiments make it possible to selectively target the sessions and applications that are related to an intrusion or attack.
    Type: Application
    Filed: July 31, 2002
    Publication date: February 5, 2004
    Inventors: Phillip Andrew Porras, Martin Wayne Fong
  • Publication number: 20030093514
    Abstract: This invention uses Bayesian techniques to prioritize alerts or alert groups generated by intrusion detection systems and other information security devices, such as network analyzers, network monitors, firewalls, antivirus software, authentication services, host and application security services, etc. In a preferred embodiment, alerts are examined for the presence of one or more relevant features, such as the type of an attack, the target of an attack, the outcome of an attack, etc. At least a subset of the features is then provided to a real-time Bayes network, which assigns relevance scores to the received alerts or alert groups. In another embodiment, a network manager (a person) can disagree with the relevance score assigned by the Bayes network, and give an alert or alert group a different relevance score. The Bayes network is then modified so that similar future alerts or alert groups will be assigned a relevance score that more closely matches the score given by the network manager.
    Type: Application
    Filed: September 13, 2001
    Publication date: May 15, 2003
    Inventors: Alfonso De Jesus Valdes, Martin Wayne Fong, Phillip Andrew Porras