ATE470301T1 - Verfahren, vorrichtung und computerprogramm zur unterscheidung von relevanten netzwerksicherheits-bedrohungen unter verwendung eines vergleichs von verfeinerten eindringdetektions-audits und einer intelligenten sicherheitsanalyse - Google Patents

Verfahren, vorrichtung und computerprogramm zur unterscheidung von relevanten netzwerksicherheits-bedrohungen unter verwendung eines vergleichs von verfeinerten eindringdetektions-audits und einer intelligenten sicherheitsanalyse

Info

Publication number
ATE470301T1
ATE470301T1 AT05730339T AT05730339T ATE470301T1 AT E470301 T1 ATE470301 T1 AT E470301T1 AT 05730339 T AT05730339 T AT 05730339T AT 05730339 T AT05730339 T AT 05730339T AT E470301 T1 ATE470301 T1 AT E470301T1
Authority
AT
Austria
Prior art keywords
computer program
security threats
audits
refined
comparison
Prior art date
Application number
AT05730339T
Other languages
English (en)
Inventor
Anil Chawla
David Greene
Klaus Julisch
Aaron Rankin
Jonathan Michael Seeber
Rhys Ulerich
Original Assignee
Ibm
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm filed Critical Ibm
Application granted granted Critical
Publication of ATE470301T1 publication Critical patent/ATE470301T1/de

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
  • Investigating Or Analyzing Materials By The Use Of Electric Means (AREA)
  • Measurement Of Resistance Or Impedance (AREA)
AT05730339T 2004-04-08 2005-03-29 Verfahren, vorrichtung und computerprogramm zur unterscheidung von relevanten netzwerksicherheits-bedrohungen unter verwendung eines vergleichs von verfeinerten eindringdetektions-audits und einer intelligenten sicherheitsanalyse ATE470301T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/821,042 US7406606B2 (en) 2004-04-08 2004-04-08 Method and system for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis
PCT/US2005/010358 WO2005101720A2 (en) 2004-04-08 2005-03-29 Method and system for distinguishing network threats from false positives

Publications (1)

Publication Number Publication Date
ATE470301T1 true ATE470301T1 (de) 2010-06-15

Family

ID=35062061

Family Applications (1)

Application Number Title Priority Date Filing Date
AT05730339T ATE470301T1 (de) 2004-04-08 2005-03-29 Verfahren, vorrichtung und computerprogramm zur unterscheidung von relevanten netzwerksicherheits-bedrohungen unter verwendung eines vergleichs von verfeinerten eindringdetektions-audits und einer intelligenten sicherheitsanalyse

Country Status (10)

Country Link
US (1) US7406606B2 (de)
EP (1) EP1741223B1 (de)
JP (1) JP4808703B2 (de)
KR (1) KR101013264B1 (de)
CN (1) CN100456258C (de)
AT (1) ATE470301T1 (de)
CA (1) CA2562358C (de)
DE (1) DE602005021630D1 (de)
TW (1) TWI335504B (de)
WO (1) WO2005101720A2 (de)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060101516A1 (en) * 2004-10-12 2006-05-11 Sushanthan Sudaharan Honeynet farms as an early warning system for production networks
KR100891329B1 (ko) 2007-01-26 2009-03-31 삼성전자주식회사 반도체 소자 및 그 제조 방법
FR2918813B1 (fr) * 2007-07-12 2012-11-16 Augier S A "systeme de gestion d'un reseau d'eclairage"
EP2040435B1 (de) * 2007-09-19 2013-11-06 Alcatel Lucent Verfahren und System zur Erkennung einer Eindringung
US20090297043A1 (en) * 2008-05-28 2009-12-03 International Business Machines Corporation Pattern scanner and editor for security audit systems
KR101394591B1 (ko) * 2012-11-23 2014-05-12 건국대학교 산학협력단 네트워크의 침입을 탐지하는 방법, 시스템 및 컴퓨터 판독 가능한 기록 매체
PL3095034T3 (pl) 2014-10-21 2019-11-29 Ironnet Cybersecurity Inc Układ zabezpieczeń cybernetycznych
US10476947B1 (en) 2015-03-02 2019-11-12 F5 Networks, Inc Methods for managing web applications and devices thereof
US11616806B1 (en) 2015-05-08 2023-03-28 F5, Inc. Methods for protecting web based resources from D/DoS attacks and devices thereof
US9923910B2 (en) 2015-10-05 2018-03-20 Cisco Technology, Inc. Dynamic installation of behavioral white labels
US10834110B1 (en) * 2015-12-18 2020-11-10 F5 Networks, Inc. Methods for preventing DDoS attack based on adaptive self learning of session and transport layers and devices thereof
US10397250B1 (en) 2016-01-21 2019-08-27 F5 Networks, Inc. Methods for detecting remote access trojan malware and devices thereof
JP6495543B2 (ja) 2016-07-14 2019-04-03 アイアンネット・サイバーセキュリティ・インコーポレイテッドIronNet Cybersecurity, Inc. シミュレーションおよび仮想現実に基づくサイバー行動システム
US10432652B1 (en) 2016-09-20 2019-10-01 F5 Networks, Inc. Methods for detecting and mitigating malicious network behavior and devices thereof
US11038869B1 (en) 2017-05-12 2021-06-15 F5 Networks, Inc. Methods for managing a federated identity environment based on application availability and devices thereof
US10931691B1 (en) 2017-10-09 2021-02-23 F5 Networks, Inc. Methods for detecting and mitigating brute force credential stuffing attacks and devices thereof
US11539740B1 (en) 2018-02-02 2022-12-27 F5, Inc. Methods for protecting CPU during DDoS attack and devices thereof
US11349981B1 (en) 2019-10-30 2022-05-31 F5, Inc. Methods for optimizing multimedia communication and devices thereof

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6088804A (en) * 1998-01-12 2000-07-11 Motorola, Inc. Adaptive system and method for responding to computer network security attacks
US6282546B1 (en) * 1998-06-30 2001-08-28 Cisco Technology, Inc. System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment
US7574740B1 (en) 2000-04-28 2009-08-11 International Business Machines Corporation Method and system for intrusion detection in a computer network
EP1305688A2 (de) * 2000-05-28 2003-05-02 Yaron Mayer System und verfahren für den umfassenden allgemeinen generischen schutz für computer vor bösartigen programmen, die informationen stehlen und/oder schäden verursachen können
US7437762B2 (en) * 2001-11-29 2008-10-14 International Business Machines Corporation Method, computer program element and a system for processing alarms triggered by a monitoring system
JP3609382B2 (ja) * 2002-03-22 2005-01-12 日本電信電話株式会社 分散型サービス不能攻撃防止方法及びゲート装置、通信装置ならびにプログラム
EP1512075A1 (de) 2002-05-22 2005-03-09 Lucid Security Corporation Adaptives eindringdetektionssystem

Also Published As

Publication number Publication date
WO2005101720A3 (en) 2006-12-21
JP4808703B2 (ja) 2011-11-02
CN1961323A (zh) 2007-05-09
CA2562358A1 (en) 2005-10-27
US7406606B2 (en) 2008-07-29
DE602005021630D1 (de) 2010-07-15
CA2562358C (en) 2014-03-25
CN100456258C (zh) 2009-01-28
JP2007533001A (ja) 2007-11-15
KR20070008611A (ko) 2007-01-17
US20050229253A1 (en) 2005-10-13
EP1741223A2 (de) 2007-01-10
KR101013264B1 (ko) 2011-02-11
EP1741223A4 (de) 2008-07-23
EP1741223B1 (de) 2010-06-02
TWI335504B (en) 2011-01-01
WO2005101720A2 (en) 2005-10-27
TW200613969A (en) 2006-05-01

Similar Documents

Publication Publication Date Title
ATE470301T1 (de) Verfahren, vorrichtung und computerprogramm zur unterscheidung von relevanten netzwerksicherheits-bedrohungen unter verwendung eines vergleichs von verfeinerten eindringdetektions-audits und einer intelligenten sicherheitsanalyse
Khan et al. Malicious insider attack detection in IoTs using data analytics
CN101944167B (zh) 识别恶意程序的方法及系统
CN109347801A (zh) 一种基于多源词嵌入和知识图谱的漏洞利用风险评估方法
WO2005089526A3 (en) Methods and systems for transaction compliance monitoring
DE602005009720D1 (de) Verfahren, systeme und computerprogrammprodukte zur bewertung der sicherheit einer netzwerkumgebung
DE60321972D1 (de) Verfahren und system zur erkennung einer unbefugten benutzung eines kommunikationsnetzes
ATE449383T1 (de) Automatisches kompromitteren der computersystemsicherheit
CN111787017B (zh) 一种区块链攻击溯源系统及方法
WO2007060664A3 (en) System and method of managing data protection resources
RU2011111719A (ru) Система и способ для обнаружения вредоносных программ
CN103428196A (zh) 一种基于url白名单的web应用入侵检测方法和装置
WO2008041915A3 (en) Security system and method for detecting intrusion in a computerized system
CN107566390B (zh) 一种基于威胁情报的工业控制系统网络安全性分析系统及方法
CN103312887B (zh) 一种手机应用篡改识别系统、方法及装置
CN103957205A (zh) 一种基于终端流量的木马检测方法
Wang et al. Automatic multi-step attack pattern discovering
CN109327471B (zh) 一种漏洞发现与应急验证实现方法
CN110474906A (zh) 基于闭环反馈的主被动结合网络空间目标深度挖掘技术
CN103176984A (zh) 一种用户生成内容中欺骗性垃圾意见检测方法
CN113709170A (zh) 资产安全运营系统、方法和装置
CN108989336A (zh) 一种用于网络安全事件的应急处置系统及应急处置方法
CN103365963A (zh) 数据库稽核系统合规性快速检验方法
CN107294971A (zh) 服务器攻击源的威胁度排序方法
Luktarhan et al. Multi-stage attack detection algorithm based on hidden markov model

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties