Patents by Inventor Troy Dean Rockwood

Troy Dean Rockwood has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8572733
    Abstract: A network security system comprises a plurality of sensors, a management server, and a data collection module. The plurality of sensors receive first data associated with potential attacks on the system. The manager server is coupled to at least one sensor and correlates at least a portion of the first data to detect potential attacks on the system. The data collection module is coupled to the manager server and generates at least one request for second data based upon at least one of the first data and the correlated data. The data collection module communicates the request to at least one source different from the plurality of sensors.
    Type: Grant
    Filed: July 6, 2005
    Date of Patent: October 29, 2013
    Assignee: Raytheon Company
    Inventor: Troy Dean Rockwood
  • Patent number: 8224761
    Abstract: A method for generating correlation rules for events comprises receiving event data for each of a plurality of events, the event data of a particular event comprising at least one attribute associated with that event. The method continues by displaying the event data for each of the plurality of events to an operator. The method continues by receiving a selection of at least a portion of the events. The method continues by generating at least one rule that correlates the selected events based at least in part upon the attributes associated with the selected events. The method concludes by displaying the event data to the operator in accordance with the at least one rule.
    Type: Grant
    Filed: September 1, 2005
    Date of Patent: July 17, 2012
    Assignee: Raytheon Company
    Inventor: Troy Dean Rockwood
  • Patent number: 7950058
    Abstract: A method for security information management in a network comprises receiving event information for a plurality of events, wherein the event information for a particular event comprises a plurality of attributes associated with that event. The method continues by assigning a plurality of attribute values to each event, the attribute values of each event defining a point in n-dimensional space. The method continues by generating a first n-dimensional graph comprising a plurality of points, the points corresponding to the events. The method continues by receiving a second n-dimensional graph comprising a plurality of points. The method concludes by combining the first n-dimensional graph with the second n-dimensional graph.
    Type: Grant
    Filed: September 1, 2005
    Date of Patent: May 24, 2011
    Assignee: Raytheon Company
    Inventor: Troy Dean Rockwood
  • Patent number: 7895649
    Abstract: A method for dynamically generating rules for an enterprise intrusion detection system comprises receiving a packet flow from a sensor. The packet flow is dynamically processed to detect if the packet flow represents an attack on the enterprise system. A response message is automatically generated in response to the attack, the response message comprising a signature to identify the attack. The response message is automatically communicated to a response message file, the response message file comprising at least one response message.
    Type: Grant
    Filed: April 4, 2003
    Date of Patent: February 22, 2011
    Assignee: Raytheon Company
    Inventors: Jon-Michael C. Brook, Matthew C. Rixon, Randall S. Brooks, Troy Dean Rockwood
  • Patent number: 7849185
    Abstract: A method for correlating event information comprises receiving a query associated with an attribute value of a detected event. The method continues by identifying a rule for determining the attribute value, the rule associated with a rule identifier. The method continues by identifying in a first table a rule update time associated with the rule. The method continues by determining attribute values for a plurality of detected events stored in a second table, wherein the plurality of detected events occurred after the rule update time and are associated with event identifiers. The method continues by storing in a third table the determined attribute values and the event identifiers. The method concludes by identifying in the third table one or more event identifiers associated with one or more attribute values that satisfy the query.
    Type: Grant
    Filed: January 10, 2006
    Date of Patent: December 7, 2010
    Assignee: Raytheon Company
    Inventor: Troy Dean Rockwood
  • Patent number: 7356585
    Abstract: A method for vertically extensible intrusion detection for an enterprise comprises receiving a first packet flow from a first node, the first packet flow comprising at least a portion of packet headers received at the first node during a first timeframe and receiving a second packet flow, the second packet flow comprising at least a portion of packet headers received at the second node during a second timeframe. The first and second packet flow are processed to detect an attack on the enterprise system. In response to the attack, an alert message is communicated to a master server, a response message is received from the master server, the response message comprising a signature to impede the attack, and the response message is automatically communicated to the first node and the second node.
    Type: Grant
    Filed: April 4, 2003
    Date of Patent: April 8, 2008
    Assignee: Raytheon Company
    Inventors: Jon-Michael C. Brook, Matthew C. Rixon, Randall S. Brooks, Troy Dean Rockwood
  • Patent number: 7352280
    Abstract: A method for correlating event information comprises receiving event information for a plurality of detected events wherein the event information for a particular detected event comprises a plurality of attributes associated with that detected event. The method continues by assigning a plurality of attribute values to each detected event, the attribute values of each detected event defining a point in n-dimensional space. The method continues by storing the event information for each detected event in accordance with the attribute values assigned to that detected event. The method continues by receiving a target event comprising a plurality of attributes wherein the attributes of the target event are associated with attribute values and the attribute values of the target event define a target point in n-dimensional space. The method continues by receiving a plurality of proximity limits that define a portion of n-dimensional space surrounding the target point.
    Type: Grant
    Filed: September 1, 2005
    Date of Patent: April 1, 2008
    Assignee: Raytheon Company
    Inventor: Troy Dean Rockwood
  • Patent number: 7293238
    Abstract: A method for interfacing with a user of an enterprise intrusion detection system, the method comprises receiving at least one packet flow, each packet flow originating from a unique node in the intrusion detection system and comprising descriptive information and a plurality of packet headers. The descriptive information of a first subset of the received packet flows is communicated to a user based at least in part on a filtering ruleset. A second subset of the received packet flows is concealed from the user based at least in part on the filtering ruleset. In response to receiving a command from the user, the plurality of packet headers for at least one packet flow in the first subset is communicated to the user.
    Type: Grant
    Filed: April 4, 2003
    Date of Patent: November 6, 2007
    Assignee: Raytheon Company
    Inventors: Jon-Michael C. Brook, Matthew C. Rixon, Randall S. Brooks, Troy Dean Rockwood
  • Publication number: 20030204716
    Abstract: A system for distributing digital content from a content provider to content presenter(s) for presentation. The system includes a provider apparatus that encrypts the content before distribution thereof and sets at least one condition for presenting the content, and a presenter apparatus to which is distributed the encrypted content and which is allowed to decrypt the content when the at least one condition is satisfied. The system allows for secure distribution of multimedia presentations from one source to geographically separate locations. The system provides for secure presentation and cryptographically secure accounting for each presentation.
    Type: Application
    Filed: April 24, 2002
    Publication date: October 30, 2003
    Inventors: Troy Dean Rockwood, Bong Kyun Ryu, Wensheng Zhou, Yongguang Zhang