ATE323371T1 - Verfahren und system zur modellierung, analyse und anzeige von netzsicherheitsereignissen - Google Patents

Verfahren und system zur modellierung, analyse und anzeige von netzsicherheitsereignissen

Info

Publication number
ATE323371T1
ATE323371T1 AT02782237T AT02782237T ATE323371T1 AT E323371 T1 ATE323371 T1 AT E323371T1 AT 02782237 T AT02782237 T AT 02782237T AT 02782237 T AT02782237 T AT 02782237T AT E323371 T1 ATE323371 T1 AT E323371T1
Authority
AT
Austria
Prior art keywords
network
security
network security
present
cross
Prior art date
Application number
AT02782237T
Other languages
English (en)
Inventor
Reuben S Fischman
Adam Payne
Original Assignee
Gen Dynamics Gov Sys Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gen Dynamics Gov Sys Corp filed Critical Gen Dynamics Gov Sys Corp
Application granted granted Critical
Publication of ATE323371T1 publication Critical patent/ATE323371T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Maintenance And Management Of Digital Transmission (AREA)
AT02782237T 2001-10-25 2002-10-24 Verfahren und system zur modellierung, analyse und anzeige von netzsicherheitsereignissen ATE323371T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US34288701P 2001-10-25 2001-10-25
US34440401P 2001-11-09 2001-11-09

Publications (1)

Publication Number Publication Date
ATE323371T1 true ATE323371T1 (de) 2006-04-15

Family

ID=26993249

Family Applications (1)

Application Number Title Priority Date Filing Date
AT02782237T ATE323371T1 (de) 2001-10-25 2002-10-24 Verfahren und system zur modellierung, analyse und anzeige von netzsicherheitsereignissen

Country Status (7)

Country Link
US (1) US7293287B2 (de)
EP (1) EP1461927B1 (de)
AT (1) ATE323371T1 (de)
AU (1) AU2002348415B2 (de)
CA (1) CA2464402C (de)
DE (1) DE60210670D1 (de)
WO (1) WO2003036914A1 (de)

Families Citing this family (75)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7162528B1 (en) * 1998-11-23 2007-01-09 The United States Of America As Represented By The Secretary Of The Navy Collaborative environment implemented on a distributed computer network and software therefor
US7078070B2 (en) * 2000-11-07 2006-07-18 Helix Technology Inc. Method for fabricating an organic light emitting diode
GB2374258B (en) * 2001-04-05 2004-03-31 Ibm Method and apparatus for encryption of data
EP1286498A1 (de) * 2001-08-21 2003-02-26 Alcatel Verfahren, Dienst-Agent und Netzwerk-Management-System zur Bedienung eines Telekommunikationsnetzes
US7302692B2 (en) * 2002-05-31 2007-11-27 International Business Machines Corporation Locally providing globally consistent information to communications layers
US8087087B1 (en) * 2002-06-06 2011-12-27 International Business Machines Corporation Management of computer security events across distributed systems
US7146640B2 (en) * 2002-09-05 2006-12-05 Exobox Technologies Corp. Personal computer internet security system
US8407798B1 (en) 2002-10-01 2013-03-26 Skybox Secutiry Inc. Method for simulation aided security event management
US8359650B2 (en) * 2002-10-01 2013-01-22 Skybox Secutiry Inc. System, method and computer readable medium for evaluating potential attacks of worms
US20040260754A1 (en) * 2003-06-20 2004-12-23 Erik Olson Systems and methods for mitigating cross-site scripting
US7712133B2 (en) * 2003-06-20 2010-05-04 Hewlett-Packard Development Company, L.P. Integrated intrusion detection system and method
US7848259B2 (en) * 2003-08-01 2010-12-07 Opnet Technologies, Inc. Systems and methods for inferring services on a network
US8225407B1 (en) * 2003-08-21 2012-07-17 Symantec Corporation Incident prioritization and adaptive response recommendations
CN100456687C (zh) * 2003-09-29 2009-01-28 华为技术有限公司 网络故障实时相关性分析方法及系统
US9027120B1 (en) 2003-10-10 2015-05-05 Hewlett-Packard Development Company, L.P. Hierarchical architecture in a network security system
US8015604B1 (en) * 2003-10-10 2011-09-06 Arcsight Inc Hierarchical architecture in a network security system
US7409676B2 (en) * 2003-10-20 2008-08-05 International Business Machines Corporation Systems, methods and computer programs for determining dependencies between logical components in a data processing system or network
US7971244B1 (en) * 2003-11-19 2011-06-28 Cisco Technology, Inc. Method of determining network penetration
FR2864392A1 (fr) * 2003-12-17 2005-06-24 France Telecom Procede de classification automatique d'un ensemble d'alertes issues de sondes de detection d'intrusions d'un systeme de securite d'information
US8561154B2 (en) 2003-12-22 2013-10-15 International Business Machines Corporation Method for providing network perimeter security assessment
WO2006007460A2 (en) * 2004-06-21 2006-01-19 Spirent Communications Of Rockville, Inc. Service-centric computer network services diagnostic conclusions
US20060021044A1 (en) * 2004-07-22 2006-01-26 Cook Chad L Determination of time-to-defeat values for network security analysis
US7299385B2 (en) * 2004-07-28 2007-11-20 Hewlett-Packard Development Company, L.P. Managing a fault tolerant system
US7912055B1 (en) * 2004-08-25 2011-03-22 Emc Corporation Method and apparatus for configuration and analysis of network multicast routing protocols
WO2006032045A2 (en) * 2004-09-15 2006-03-23 Cisco Technology, Inc. Agile information technology infrastructure management system
US8433768B1 (en) * 2004-10-14 2013-04-30 Lockheed Martin Corporation Embedded model interaction within attack projection framework of information system
US7735141B1 (en) * 2005-03-10 2010-06-08 Noel Steven E Intrusion event correlator
US7743421B2 (en) 2005-05-18 2010-06-22 Alcatel Lucent Communication network security risk exposure management systems and methods
US7873717B1 (en) * 2005-06-06 2011-01-18 International Business Machines Corporation Progressive layered forensic correlation of computer network and security events
CN100461690C (zh) * 2005-07-21 2009-02-11 华为技术有限公司 通用网管安全管理系统及其方法
US8130759B2 (en) 2005-07-29 2012-03-06 Opnet Technologies, Inc. Routing validation
US8140665B2 (en) * 2005-08-19 2012-03-20 Opnet Technologies, Inc. Managing captured network traffic data
US20070124465A1 (en) * 2005-08-19 2007-05-31 Malloy Patrick J Synchronized network and process performance overview
US8694621B2 (en) * 2005-08-19 2014-04-08 Riverbed Technology, Inc. Capture, analysis, and visualization of concurrent system and network behavior of an application
US8544098B2 (en) 2005-09-22 2013-09-24 Alcatel Lucent Security vulnerability information aggregation
US8438643B2 (en) * 2005-09-22 2013-05-07 Alcatel Lucent Information system service-level security risk analysis
US8095984B2 (en) * 2005-09-22 2012-01-10 Alcatel Lucent Systems and methods of associating security vulnerabilities and assets
US7774657B1 (en) * 2005-09-29 2010-08-10 Symantec Corporation Automatically estimating correlation between hardware or software changes and problem events
US8046833B2 (en) 2005-11-14 2011-10-25 Sourcefire, Inc. Intrusion event correlation with network discovery information
US8266697B2 (en) * 2006-03-04 2012-09-11 21St Century Technologies, Inc. Enabling network intrusion detection by representing network activity in graphical form utilizing distributed data sensors to detect and transmit activity data
US7624448B2 (en) * 2006-03-04 2009-11-24 21St Century Technologies, Inc. Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data
US7480712B2 (en) * 2006-03-21 2009-01-20 21St Century Technologies, Inc. Computer automated group detection
US8135990B2 (en) 2006-08-11 2012-03-13 Opnet Technologies, Inc. Multi-variate network survivability analysis
US8813101B2 (en) * 2007-03-28 2014-08-19 Microsoft Corporation Software technique to correlate conceptually similar entities
US8095649B2 (en) 2007-05-09 2012-01-10 Opnet Technologies, Inc. Network delay analysis including parallel delay effects
US8848544B2 (en) * 2007-11-08 2014-09-30 Cisco Technology, Inc. Event correlation using network data flow simulation over unmanaged network segments
US8180718B2 (en) * 2008-01-14 2012-05-15 Hewlett-Packard Development Company, L.P. Engine for performing root cause and effect analysis
US8447719B2 (en) * 2008-01-14 2013-05-21 Hewlett-Packard Development Company, L.P. Compilation of causal rules into continuations
US7813298B2 (en) * 2008-01-31 2010-10-12 Telefonaktiebolaget Lm Ericsson Root cause problem detection in network traffic information
US8032557B1 (en) * 2008-03-28 2011-10-04 Emc Corporation Model driven compliance management system and method
US8813050B2 (en) * 2008-06-03 2014-08-19 Isight Partners, Inc. Electronic crime detection and tracking
US8601068B2 (en) * 2008-06-26 2013-12-03 Ca, Inc. Information technology system collaboration
US8533843B2 (en) * 2008-10-13 2013-09-10 Hewlett-Packard Development Company, L. P. Device, method, and program product for determining an overall business service vulnerability score
US8577829B2 (en) * 2009-09-11 2013-11-05 Hewlett-Packard Development Company, L.P. Extracting information from unstructured data and mapping the information to a structured schema using the naïve bayesian probability model
US20110125548A1 (en) * 2009-11-25 2011-05-26 Michal Aharon Business services risk management
US8806620B2 (en) * 2009-12-26 2014-08-12 Intel Corporation Method and device for managing security events
US8494974B2 (en) * 2010-01-18 2013-07-23 iSIGHT Partners Inc. Targeted security implementation through security loss forecasting
US8438644B2 (en) * 2011-03-07 2013-05-07 Isight Partners, Inc. Information system security based on threat vectors
US8868797B1 (en) 2012-03-30 2014-10-21 Emc Corporation Techniques for automated discovery of storage devices and their performance characteristics
US8838931B1 (en) 2012-03-30 2014-09-16 Emc Corporation Techniques for automated discovery and performing storage optimizations on a component external to a data storage system
US8725741B2 (en) 2011-12-04 2014-05-13 Riverbed Technology, Inc. Assessing application performance with an operational index
US8928476B2 (en) 2012-05-17 2015-01-06 Honeywell International Inc. System for advanced security management
US9141791B2 (en) * 2012-11-19 2015-09-22 Hewlett-Packard Development Company, L.P. Monitoring for anomalies in a computing environment
US10409980B2 (en) 2012-12-27 2019-09-10 Crowdstrike, Inc. Real-time representation of security-relevant system state
US9455993B2 (en) 2013-03-13 2016-09-27 Lookingglass Cyber Solutions, Inc. Computer network attribute bilateral inheritance
US9749344B2 (en) 2014-04-03 2017-08-29 Fireeye, Inc. System and method of cyber threat intensity determination and application to cyber threat mitigation
US9749343B2 (en) 2014-04-03 2017-08-29 Fireeye, Inc. System and method of cyber threat structure mapping and application to cyber threat mitigation
US9798882B2 (en) * 2014-06-06 2017-10-24 Crowdstrike, Inc. Real-time model of states of monitored devices
EP2985949B1 (de) 2014-08-14 2018-05-23 Hewlett-Packard Enterprise Development LP Korrelationsmotor mit Grundursachen- und Dienstauswirkungsanalysen
US9892261B2 (en) 2015-04-28 2018-02-13 Fireeye, Inc. Computer imposed countermeasures driven by malware lineage
US10291463B2 (en) * 2015-10-07 2019-05-14 Riverbed Technology, Inc. Large-scale distributed correlation
US11258763B2 (en) 2016-11-25 2022-02-22 Cybernetiq, Inc. Computer network security configuration visualization and control system
US10831838B2 (en) 2017-03-20 2020-11-10 Expanse, Inc. Triggered scanning based on network available data change
US11170011B2 (en) 2017-03-20 2021-11-09 Palo Alto Networks, Inc. Triggered scanning using provided configuration information
US10587644B1 (en) 2017-05-11 2020-03-10 Ca, Inc. Monitoring and managing credential and application threat mitigations in a computer system

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5528516A (en) 1994-05-25 1996-06-18 System Management Arts, Inc. Apparatus and method for event correlation and problem reporting
US6131112A (en) * 1996-05-17 2000-10-10 Cabletron Systems, Inc. Method and apparatus for integrated network and systems management
US5768501A (en) * 1996-05-28 1998-06-16 Cabletron Systems Method and apparatus for inter-domain alarm correlation
US7047423B1 (en) * 1998-07-21 2006-05-16 Computer Associates Think, Inc. Information security analysis system
US6957186B1 (en) * 1999-05-27 2005-10-18 Accenture Llp System method and article of manufacture for building, managing, and supporting various components of a system
US7020697B1 (en) * 1999-10-01 2006-03-28 Accenture Llp Architectures for netcentric computing systems
US7096502B1 (en) * 2000-02-08 2006-08-22 Harris Corporation System and method for assessing the security posture of a network
US6535227B1 (en) 2000-02-08 2003-03-18 Harris Corporation System and method for assessing the security posture of a network and having a graphical user interface
US20030051026A1 (en) * 2001-01-19 2003-03-13 Carter Ernst B. Network surveillance and security system

Also Published As

Publication number Publication date
DE60210670D1 (de) 2006-05-24
CA2464402A1 (en) 2003-05-01
US20030097588A1 (en) 2003-05-22
EP1461927A1 (de) 2004-09-29
CA2464402C (en) 2010-04-06
AU2002348415A2 (en) 2003-05-06
US7293287B2 (en) 2007-11-06
WO2003036914A1 (en) 2003-05-01
AU2002348415B2 (en) 2007-05-24
EP1461927B1 (de) 2006-04-12

Similar Documents

Publication Publication Date Title
DE60210670D1 (de) Verfahren und system zur modellierung, analyse und anzeige von netzsicherheitsereignissen
ATE513402T1 (de) Verfahren zur risikodetektion und -analyse in einem computernetzwerk
Kang et al. A model for implementing soundscape maps in smart cities
DE60333834D1 (de) Verfahren und vorrichtung zur charakterisierung einer route in einem fibre-channel-koppelnetz
ATE365357T1 (de) System und verfahren zum inferrieren einer elektronischen wiedergabe einer umgebung
DE60308722D1 (de) Verfahren, vorrichtung und computersoftware-produkt zur reaktion auf computereinbrüche
ATE399417T1 (de) Verfahren zur bereitstellung von topologiebewusstseinsinformationen in einem ip- netzwerk
DE60138470D1 (de) Überwachung der netzwerkaktivität
DE60108861D1 (de) Gerät und verfahren zur überwachung der netzwerkauslastung
ATE288106T1 (de) System und verfahren zur optimierung der leistungskontrolle von komplexen informationstechnologiesystemen
DE69939045D1 (de) Verfahren und Vorrichtung zur browser-basierten Netzwerkverwaltung
BRPI0407745A (pt) gerenciamento de mobilidade em redes sem fio
DE602005009720D1 (de) Verfahren, systeme und computerprogrammprodukte zur bewertung der sicherheit einer netzwerkumgebung
WO2002047325A3 (en) Method for generating a network management database record
ATE418759T1 (de) Verfahren und vorrichtungen zum verifizieren von kontextteilnehmern in einem kontextverwaltungssystem in einer vernetzten umgebung
ATE300145T1 (de) Vorrichtung und verfahren zur beurteilung der verletzlichkeit des netzsicherheit
DE60233174D1 (de) Verfahren und system zur schätzung der position einer mobilen einrichtung
ATE498970T1 (de) Netzwerkkonfigurationsauswertung
DE60024304D1 (de) Verbesserte schnittstelle zur behandlung von testbestimmungen
Cheng et al. Audio signal processing for activity recognition of construction heavy equipment
DE602004028747D1 (de) Verfahren zum zählen von objekten in einer überwachten umgebung und vorrichtung dafür
DE60022141D1 (de) Verfahren und vorrichtung zur analyse radioaktiver gegenstände unter verwendung von neutronen
DE50110056D1 (de) Verfahren zur ferndiagnose eines technologischen prozesses
DE50310921D1 (de) Verfahren und Vorrichtung zur Übertragung von Information und Fehlererkennung in einem ringförmigen Netzwerk
DE60134014D1 (de) Vorrichtung und verfahren zur analyse eines systems mit fehlstarten

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties