| Patent application number | Description | Published |
|---|
| 20080282352 | Modification of Messages for Analyzing the Security of Communication Protocols and Channels - A system is used to analyze the implementation of a protocol by a device-under-analysis (DUA). The system includes a source endpoint, a destination endpoint (the DUA), and a message generator. The source endpoint generates an original message and attempts to send it to the DUA. The original message is intercepted by the message generator, which generates a replacement message. The replacement message is then sent to the DUA instead of the original message. The replacement message is deliberately improper so as to analyze the DUA's implementation of the protocol. The message generator includes a structure recognition system and a mutation system. The structure recognition system determines the underlying structure and/or semantics of a message. After the structure recognition system has determined the structure, it creates a description of the structure (a structure description). The mutation system modifies the message based on the structure description to generate a replacement message. | 11-13-2008 |
| 20090083854 | Syntax-Based Security Analysis Using Dynamically Generated Test Cases - A security analysis methodology is used to analyze the security of a device-under-analysis (DUA) with respect to a particular protocol message exchange. First, the mutation points that exist in the message exchange are determined. Then, the message exchange is executed multiple times—once for each mutation point. Each execution applies the mutation associated with that particular mutation point (e.g., a particular message during the exchange is modified in a particular way) to create a mutated message exchange. In other words, each message exchange with an applied mutation point corresponds to a test case. | 03-26-2009 |
| 20100077072 | Test Driven Deployment and Monitoring of Heterogeneous Network Systems - A test system (and corresponding method and computer program product) for generating unit tests for a heterogeneous network system and validating test results to ensure that the network system functions properly is described. In one embodiment, the test system is an appliance that is capable of normalizing communication protocols supported by component systems of the network system. The test system creates objects and methods corresponding to component systems and their supported protocol commands in the network system, and generates unit test cases based on the objects, the methods, and the normalized protocols. The test system transmits the unit test cases to the component systems, receives test results, and validates the test results to ensure that the network system functions properly. | 03-25-2010 |
| 20100106742 | System and Method for Discovering Assets and Functional Relationships in a Network - A discovery system (and corresponding method and computer program product) for automatically discovering assets and their roles and functional relationships in a network system is described. In one aspect, the discovery system interrogates known assets through protocol messages, normalizes response messages, and contextually analyzes the normalized response message to identify additional assets and their roles and functional relationships with the interrogated assets. The discovery system can recursively interrogate newly discovered assets to discover additional assets. In another aspect of the present invention, the discovery system is scheduled to periodically interrogate known assets for up-to-date information of the assets and their roles and functional relationships. Such information can be used to provide various services. | 04-29-2010 |
| 20100242093 | INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE FOR HIGH-AVAILABILITY APPLICATIONS - Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system. | 09-23-2010 |
| 20110238852 | TEST DRIVEN DEPLOYMENT AND MONITORING OF HETEROGENEOUS NETWORK SYSTEMS - A test system (and corresponding method and computer program product) for generating unit tests for a heterogeneous network system and validating test results to ensure that the network system functions properly is described. In one embodiment, the test system is an appliance that is capable of normalizing communication protocols supported by component systems of the network system. The test system creates objects and methods corresponding to component systems and their supported protocol commands in the network system, and generates unit test cases based on the objects, the methods, and the normalized protocols. The test system transmits the unit test cases to the component systems, receives test results, and validates the test results to ensure that the network system functions properly. | 09-29-2011 |
| 20110271348 | PORTABLE PROGRAM FOR GENERATING ATTACKS ON COMMUNICATION PROTOCOLS AND CHANNELS - A security analyzer is capable of generating attacks to test the security of a device under analysis. The security analyzer further has the capability to generate a portable, executable program to generate specified attacks. In this way, others can recreate the attacks without requiring access to the security analyzer. | 11-03-2011 |
