Timothy D Dodd

US Patent:

6907531, Jun 14, 2005

Filed:

Jun 30, 2000

Appl. No.:

09/608282

Inventors:

Timothy D. Dodd - Tucker GA, US
Scott Mewett - Holloways Beach, AU
Curtis E. Ide - Roswell GA, US
Kevin A. Overcash - Atlanta GA, US
David A. Dennerline - Atlanta GA, US
Bobby J. Williams - Atlanta GA, US
Martin D. Sells - Canton GA, US

Assignee:

Internet Security Systems, Inc. - Atlanta GA

International Classification:

G06F011/30
G06F012/14
G06F015/16
H04L001/00
H04L009/00

US Classification:

713201, 713165, 709224

Abstract:

A method and system identifies, fixes, and updates security vulnerabilities in a host computer or host computers. The present invention can communicate between a scanner with plug-in capability, an operating system, and an express update package. The architectural set-up can allow exploits within the scanner and exploits in the express update package to function with no knowledge of each other. The user also needs no knowledge of whether the exploits are within the scanner or the express update package. Mutual authentication procedures can enable the scanner to load only legitimate express update packages, and can provide that express update packages can only be loaded into legitimate scanners.

US Patent:

7340776, Mar 4, 2008

Filed:

Jan 31, 2002

Appl. No.:

10/066367

Inventors:

Robert David Zobel - Atlanta GA, US
Timothy David Dodd - Tucker GA, US
Sharon A. Millar - Dawsonville GA, US
Christopher S. Singer - Decatur GA, US

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 12/14

US Classification:

726 24, 726 22, 726 23, 713188

Abstract:

Managing the selection and scheduling of security audits run on a computing network. The computer network is surveyed by a security audit system to determine the function and relative importance of the elements in the network. Based on function and priority, a more thorough type of security audit is selected to run against each of the network elements by the security audit system. The security audit can also be automatically scheduled based on the information gathered from the survey. Once the system runs the security audit, a vulnerability assessment can be calculated for each element in the network. The vulnerability assessment can be presented in a format that facilitates interpretation and response by someone operating the system. The vulnerability assessment can also be used to configure and schedule future security audits.

US Patent:

7712138, May 4, 2010

Filed:

Jun 21, 2007

Appl. No.:

11/821194

Inventors:

Robert David Zobel - Atlanta GA, US
Timothy David Dodd - Tucker GA, US
Sharon A. Millar - Dawsonville GA, US
Christopher S. Singer - Decatur GA, US

Assignee:

International Business Machines Corporation - Armonk NY

International Classification:

G06F 12/14

US Classification:

726 25, 726 22, 726 23, 726 24, 713188, 709224, 709225

Abstract:

Managing the selection and scheduling of security audits run on a computing network. The computer network is surveyed by a security audit system to determine the function and relative importance of the elements in the network. Based on function and priority, a more thorough type of security audit is selected to run against each of the network elements by the security audit system. The security audit can also be automatically scheduled based on the information gathered from the survey. Once the system runs the security audit, a vulnerability assessment can be calculated for each element in the network. The vulnerability assessment can be presented in a format that facilitates interpretation and response by someone operating the system. The vulnerability assessment can also be used to configure and schedule future security audits.

US Patent:

20020147803, Oct 10, 2002

Filed:

Jan 31, 2002

Appl. No.:

10/066461

Inventors:

Timothy Dodd - Tucker GA, US
Nicolas Heinrich - Nice, FR

International Classification:

G06F015/173

US Classification:

709/223000, 713/201000

Abstract:

Calculating risk based on information collected during a security audit of a computing network. The computer network is surveyed to determine the significance of elements in the network and to identify vulnerabilities associated with the elements. Using this information, the security audit system calculates a risk value for each vulnerability. The risk value is a function of the asset value, the probability that the vulnerability will be exploited, and the potential severity of damage to the network if the vulnerability is exploited. The risk value can be adjusted based on the ease with which the vulnerability can be fixed. A network element may have one or more risk values associated with it based on one or more vulnerabilities. The security audit system employs a band calculation method for summing risk values and computing a single security score for the element. The band calculation method can also be used to produce a security score for a group of elements. The band calculation method produces a more accurate score for comparing elements and groups of elements throughout a network.

US Patent:

20090241109, Sep 24, 2009

Filed:

Mar 24, 2008

Appl. No.:

12/053999

Inventors:

Marshall Thomas Vandegrift - Atlanta GA, US
Kevin Michael Skapinetz - Mableton GA, US
Timothy David Dodd - Atlanta GA, US

Assignee:

INTERNATIONAL BUSINESS MACHINES CORPORATION - Armonk NY

International Classification:

G06F 9/455

US Classification:

718 1

Abstract:

A computer implemented method, apparatus, and computer usable program code for executing a process within a virtual machine. A module is injected into an operating system for the virtual machine to form an injected module. The injected module is executed to load an agent process within an application space within the virtual machine. Execution of the agent process is initiated by the injected module.

US Patent:

20210126841, Apr 29, 2021

Filed:

Oct 24, 2019

Appl. No.:

16/663056

Inventors:

- Westford MA, US
Peter Allen Jensen - Ellijay GA, US
Timothy David Dodd - Auburn GA, US

Assignee:

Arbor Networks, Inc. - Westford MA

International Classification:

H04L 12/26
G06F 17/18

Abstract:

A logical expression engine and computer-implemented method for optimizing evaluation of a logical expression is provided. The method includes receiving an original logical expression to be applied by a computer program for processing input information, the original logical expression having at least one operator and a subexpression disposed on each side of a related operator of the at least one related operator. The method further includes receiving statistics accumulated about how the computer program applies the subexpressions of the original logical expression for processing the input information received by the computer program, using the accumulated statistics to optimize the order in which the subexpressions would be applied by the computer program, and outputting for application by the computer program an optimized logical expression having the subexpressions ordered in accordance with the optimized order.

US Patent:

20150149760, May 28, 2015

Filed:

Feb 3, 2015

Appl. No.:

14/612330

Inventors:

- Armonk NY, US
Kevin M. Skapinetz - Mableton GA, US
Timothy D. Dodd - Atlanta GA, US

International Classification:

G06F 1/24
G06F 9/44

US Classification:

713 2

Abstract:

A computer implemented method, apparatus, and computer usable program code for executing a process within a virtual machine. A module is injected into an operating system for the virtual machine to form an injected module. The injected module is executed to load an agent process within an application space within the virtual machine. Execution of the agent process is initiated by the injected module.