US 9,813,377 B2
Dynamic provisioning of protection software in a host intrusion prevention system
Anthony Robert Durie, Ottawa (CA); and William G. McGee, Ottawa (CA)
Assigned to TREND MICRO INCORPORATED, Tokyo (JP)
Filed by Anthony Robert Durie, Ottawa (CA); and William G. McGee, Ottawa (CA)
Filed on Apr. 10, 2017, as Appl. No. 15/483,407.
Application 15/483,407 is a continuation of application No. 14/590,916, filed on Jan. 6, 2015, granted, now 9,621,589, issued on Apr. 11, 2017.
Application 14/590,916 is a continuation of application No. 14/508,992, filed on Oct. 7, 2014, granted, now 9,231,917, issued on Jan. 5, 2016.
Application 14/508,992 is a continuation of application No. 13/957,297, filed on Aug. 1, 2013, granted, now 8,943,593, issued on Jan. 27, 2015.
Application 13/957,297 is a continuation of application No. 11/874,590, filed on Oct. 18, 2007, granted, now 8,505,092, issued on May 6, 2013.
Claims priority of provisional application 60/883,657, filed on Jan. 5, 2007.
Prior Publication US 2017/0214656 A1, Jul. 27, 2017
Int. Cl. H04L 29/06 (2006.01)
CPC H04L 63/0227 (2013.01) [H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1441 (2013.01); H04L 63/205 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A server for intrusion protection of a plurality of computers, the server comprising:
a processor and a memory device storing processor executable instructions causing the processor to:
acquire a superset of descriptors characterizing said plurality of computers;
acquire a superset of filters;
acquire a set of rules, each rule for determining a respective rule-specific set of filters corresponding to a respective rule-specific set of descriptors;
classify said plurality of computers according to predefined computer types;
associate each computer type with a respective type-specific set of descriptors;
associate a target computer of said plurality of computer with a respective computer type;
determine a rule domain as an intersection of a type-specific set of descriptors corresponding to said respective computer type and a rule-specific set of descriptors corresponding to a selected rule;
communicate with said target computer to acquire a value of each of at least one descriptor of said rule domain; and
execute said selected rule to determine a set of requisite filters.