BR112015018912A2 - método e dispositivo para identificar comportamento de usuário - Google Patents
método e dispositivo para identificar comportamento de usuárioInfo
- Publication number
- BR112015018912A2 BR112015018912A2 BR112015018912A BR112015018912A BR112015018912A2 BR 112015018912 A2 BR112015018912 A2 BR 112015018912A2 BR 112015018912 A BR112015018912 A BR 112015018912A BR 112015018912 A BR112015018912 A BR 112015018912A BR 112015018912 A2 BR112015018912 A2 BR 112015018912A2
- Authority
- BR
- Brazil
- Prior art keywords
- behavior
- identifying user
- user behavior
- sliding window
- time sliding
- Prior art date
Links
- 238000000034 method Methods 0.000 title abstract 4
- 238000011156 evaluation Methods 0.000 abstract 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/10—Active monitoring, e.g. heartbeat, ping or trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/142—Denial of service attacks against network infrastructure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/144—Detection or countermeasures against botnets
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Cardiology (AREA)
- General Health & Medical Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Storage Device Security (AREA)
- Debugging And Monitoring (AREA)
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
resumo método e dispositivo para identificar comportamento de usuário a presente revelação refere-se a um método e dispositivo para identificar comportamento de usuário, configurados para identificar um comportamento malicioso de maneira mais eficaz e mais precisa. o método inclui: adquirir (101) um comportamento de acesso de um terminal dentro de uma janela deslizante de tempo predefinido; avaliar (102) o comportamento de acesso dentro da janela deslizante de tempo de acordo com o comportamento de acesso dentro da janela deslizante de tempo; e determinar (103) se o comportamento de acesso do terminal é um acesso malicioso de acordo com um resultado de avaliação.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410708281.6A CN104486298B (zh) | 2014-11-27 | 2014-11-27 | 识别用户行为的方法及装置 |
PCT/CN2015/078019 WO2016082462A1 (zh) | 2014-11-27 | 2015-04-30 | 识别用户行为的方法及装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
BR112015018912A2 true BR112015018912A2 (pt) | 2017-07-18 |
Family
ID=52760802
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
BR112015018912A BR112015018912A2 (pt) | 2014-11-27 | 2015-04-30 | método e dispositivo para identificar comportamento de usuário |
Country Status (9)
Country | Link |
---|---|
US (1) | US20160156653A1 (pt) |
EP (1) | EP3026864B1 (pt) |
JP (1) | JP2017503293A (pt) |
KR (1) | KR101677217B1 (pt) |
CN (1) | CN104486298B (pt) |
BR (1) | BR112015018912A2 (pt) |
MX (1) | MX350670B (pt) |
RU (1) | RU2628127C2 (pt) |
WO (1) | WO2016082462A1 (pt) |
Families Citing this family (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104486298B (zh) * | 2014-11-27 | 2018-03-09 | 小米科技有限责任公司 | 识别用户行为的方法及装置 |
CN104881479B (zh) * | 2015-06-03 | 2018-07-13 | 北京京东尚科信息技术有限公司 | 一种限制用户最小操作间隔的方法及装置 |
CN106327230B (zh) * | 2015-06-30 | 2019-12-24 | 阿里巴巴集团控股有限公司 | 一种异常用户检测方法及设备 |
CN104967629B (zh) * | 2015-07-16 | 2018-11-27 | 网宿科技股份有限公司 | 网络攻击检测方法及装置 |
CN105282047B (zh) * | 2015-09-25 | 2020-04-14 | 小米科技有限责任公司 | 访问请求处理方法及装置 |
CN106789831B (zh) | 2015-11-19 | 2020-10-23 | 阿里巴巴集团控股有限公司 | 识别网络攻击的方法和装置 |
CN111629010B (zh) * | 2015-11-23 | 2023-03-10 | 创新先进技术有限公司 | 一种恶意用户识别方法及装置 |
CN108885723A (zh) | 2016-03-04 | 2018-11-23 | 阿克森维伯股份公司 | 用于基于位置数据预测用户行为的系统和方法 |
CN106506451B (zh) * | 2016-09-30 | 2019-08-27 | 百度在线网络技术(北京)有限公司 | 恶意访问的处理方法及装置 |
JP6737189B2 (ja) * | 2017-01-18 | 2020-08-05 | トヨタ自動車株式会社 | 不正判定システム及び不正判定方法 |
CN106657410B (zh) * | 2017-02-28 | 2018-04-03 | 国家电网公司 | 基于用户访问序列的异常行为检测方法 |
CN107046489B (zh) * | 2017-04-07 | 2020-07-28 | 上海熙菱信息技术有限公司 | 一种频次类实时统计模型系统及方法 |
CN107481090A (zh) * | 2017-07-06 | 2017-12-15 | 众安信息技术服务有限公司 | 一种用户异常行为检测方法、装置和系统 |
FR3094518B1 (fr) | 2019-04-01 | 2021-02-26 | Idemia Identity & Security France | Procédé de détection de bots dans un réseau d’utilisateurs |
KR102034998B1 (ko) * | 2019-07-12 | 2019-10-22 | 경상대학교산학협력단 | 돼지움직임 감지용 광이표 |
KR102295463B1 (ko) * | 2019-07-12 | 2021-08-27 | 경상국립대학교산학협력단 | 가속도 센서를 구비한 돼지이표 |
CN111224939B (zh) * | 2019-11-15 | 2022-07-12 | 上海钧正网络科技有限公司 | 任务请求的拦截方法、装置、计算机设备和存储介质 |
CN110933115B (zh) * | 2019-12-31 | 2022-04-29 | 上海观安信息技术股份有限公司 | 基于动态session的分析对象行为异常检测方法及装置 |
CN113114611B (zh) * | 2020-01-13 | 2024-02-06 | 北京沃东天骏信息技术有限公司 | 黑名单管理的方法和装置 |
CN112784288B (zh) * | 2021-01-22 | 2024-05-10 | 尚娱软件(深圳)有限公司 | 访问管理方法、终端及计算机可读存储介质 |
US11991196B2 (en) | 2021-03-04 | 2024-05-21 | Qatar Foundation For Education, Science And Community Development | Anomalous user account detection systems and methods |
Family Cites Families (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000148276A (ja) * | 1998-11-05 | 2000-05-26 | Fujitsu Ltd | セキュリティ監視装置,セキュリティ監視方法およびセキュリティ監視用プログラム記録媒体 |
KR100479328B1 (ko) * | 2002-12-24 | 2005-03-31 | 한국전자통신연구원 | 슬라이딩 윈도우 캐쉬 구조 |
JP2005044277A (ja) * | 2003-07-25 | 2005-02-17 | Fuji Xerox Co Ltd | 不正通信検出装置 |
KR101074597B1 (ko) * | 2004-09-17 | 2011-10-17 | 주식회사 케이티 | 가상 웹서버 기반의 침입 유도 시스템 및 그 방법 |
JP2006279930A (ja) * | 2005-03-01 | 2006-10-12 | Nec Corp | 不正アクセス検出方法及び装置、並びに不正アクセス遮断方法及び装置 |
WO2008090470A2 (en) * | 2007-01-16 | 2008-07-31 | Absolute Software Corporation | A security module having a secondary agent in coordination with a host agent |
US7885976B2 (en) * | 2007-02-23 | 2011-02-08 | International Business Machines Corporation | Identification, notification, and control of data access quantity and patterns |
EP2009864A1 (en) * | 2007-06-28 | 2008-12-31 | Nibelung Security Systems GmbH | Method and apparatus for attack prevention |
JP4948359B2 (ja) * | 2007-10-26 | 2012-06-06 | 三菱電機株式会社 | 不正アクセス検知装置及び不正アクセス検知方法及びプログラム |
US20090144545A1 (en) * | 2007-11-29 | 2009-06-04 | International Business Machines Corporation | Computer system security using file system access pattern heuristics |
JP2009217555A (ja) * | 2008-03-11 | 2009-09-24 | Mitsubishi Electric Corp | ネットワーク異常判定装置 |
US8572736B2 (en) * | 2008-11-12 | 2013-10-29 | YeeJang James Lin | System and method for detecting behavior anomaly in information access |
US8326987B2 (en) * | 2008-11-12 | 2012-12-04 | Lin Yeejang James | Method for adaptively building a baseline behavior model |
CN101446956A (zh) * | 2008-12-12 | 2009-06-03 | 北京理工大学 | 预测模型的在线增量式插入与删除方法 |
JP2010146160A (ja) * | 2008-12-17 | 2010-07-01 | Kureo:Kk | 通信管理装置、通信管理方法、およびプログラム |
US20100192201A1 (en) * | 2009-01-29 | 2010-07-29 | Breach Security, Inc. | Method and Apparatus for Excessive Access Rate Detection |
US9805271B2 (en) * | 2009-08-18 | 2017-10-31 | Omni Ai, Inc. | Scene preset identification using quadtree decomposition analysis |
JP5911431B2 (ja) * | 2010-01-21 | 2016-05-11 | アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited | 悪意のあるアクセスの遮断 |
CN102769549B (zh) * | 2011-05-05 | 2016-02-17 | 腾讯科技(深圳)有限公司 | 网络安全监控的方法和装置 |
CN103718170B (zh) * | 2011-07-29 | 2017-06-13 | 惠普发展公司,有限责任合伙企业 | 用于事件的分布式基于规则的相关的系统和方法 |
JP5791548B2 (ja) * | 2012-03-15 | 2015-10-07 | 三菱電機株式会社 | アドレス抽出装置 |
US20130291107A1 (en) * | 2012-04-27 | 2013-10-31 | The Irc Company, Inc. | System and Method for Mitigating Application Layer Distributed Denial of Service Attacks Using Human Behavior Analysis |
US20140304833A1 (en) * | 2013-04-04 | 2014-10-09 | Xerox Corporation | Method and system for providing access to crowdsourcing tasks |
CN104113519B (zh) * | 2013-04-16 | 2017-07-14 | 阿里巴巴集团控股有限公司 | 网络攻击检测方法及其装置 |
RU133954U1 (ru) * | 2013-04-29 | 2013-10-27 | Федеральное государственное образовательное бюджетное учреждение высшего профессионального образования "Санкт-Петербургский государственный университет телекоммуникаций им. проф. М.А. Бонч-Бруевича" (СПбГУТ) | Устройство защиты сети |
CN104486298B (zh) * | 2014-11-27 | 2018-03-09 | 小米科技有限责任公司 | 识别用户行为的方法及装置 |
-
2014
- 2014-11-27 CN CN201410708281.6A patent/CN104486298B/zh active Active
-
2015
- 2015-04-30 BR BR112015018912A patent/BR112015018912A2/pt not_active IP Right Cessation
- 2015-04-30 RU RU2015128769A patent/RU2628127C2/ru active
- 2015-04-30 JP JP2016561070A patent/JP2017503293A/ja active Pending
- 2015-04-30 KR KR1020157016876A patent/KR101677217B1/ko active IP Right Grant
- 2015-04-30 MX MX2015009131A patent/MX350670B/es active IP Right Grant
- 2015-04-30 WO PCT/CN2015/078019 patent/WO2016082462A1/zh active Application Filing
- 2015-11-05 US US14/933,197 patent/US20160156653A1/en not_active Abandoned
- 2015-11-24 EP EP15196035.8A patent/EP3026864B1/en active Active
Also Published As
Publication number | Publication date |
---|---|
WO2016082462A1 (zh) | 2016-06-02 |
RU2015128769A (ru) | 2017-01-20 |
JP2017503293A (ja) | 2017-01-26 |
KR101677217B1 (ko) | 2016-11-17 |
KR20160077009A (ko) | 2016-07-01 |
MX2015009131A (es) | 2016-08-01 |
EP3026864A1 (en) | 2016-06-01 |
CN104486298B (zh) | 2018-03-09 |
MX350670B (es) | 2017-09-12 |
CN104486298A (zh) | 2015-04-01 |
RU2628127C2 (ru) | 2017-08-15 |
US20160156653A1 (en) | 2016-06-02 |
EP3026864B1 (en) | 2018-09-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
BR112015018912A2 (pt) | método e dispositivo para identificar comportamento de usuário | |
BR112017017222A2 (pt) | detecção de condição de cenário ambiental | |
BR112017003023A2 (pt) | classificação enviesante de gráfico de conhecimento para dados | |
GB2555192B (en) | Methods and apparatus for detecting and identifying malware by mapping feature data into a semantic space | |
BR112019003706A8 (pt) | Método para processamento de dados e aparelho para processamento de dados | |
BR112016021697A2 (pt) | Seleção de protocolo escute antes de falar | |
BR112018002040A2 (pt) | controle de uma nuvem de dispositivo | |
BR112016002900A2 (pt) | adaptador para habilitar um dispositivo de comunicação eletrônica com funções adicionais | |
BR112017000687A2 (pt) | ferramenta de fundo de poço, método, e, sistema de utilização de uma ferramenta de fundo de poço. | |
BR112017022618A2 (pt) | correlação e combinação de métricas de mdt e qoe | |
BR112017000698A2 (pt) | métodos e sistemas para disparar uma sincronização eficiente de aplicativo | |
BR112016028416A2 (pt) | autenticação baseada em um indicador de movimento atual seguro | |
BR112019006093A8 (pt) | Método e dispositivo de envio de informação | |
BR112017008666A2 (pt) | anticorpos anti-fgfr2/3 e métodos de uso dos mesmos | |
TW201611775A (en) | Electronic device and method for measuring vital signal by the electronic device | |
BR112017014158A2 (pt) | sistema e método para medição de qualidade de imagem. | |
BR112015027143A2 (pt) | método e dispositivo para definição de tarefa | |
EP3050286A4 (en) | System and apparatus for assessing reach, engagement, conversation or other social metrics based on domain tailored evaluation of social media exposure | |
BR112019002756A2 (pt) | método, aparelho e dispositivo de seleção de recurso | |
BR112016023619A8 (pt) | técnicas para otimização de potência com base em parâmetros de rede | |
EA201790769A1 (ru) | Определение уровней гликозаминогликанов методом масс-спектрометрии | |
MX2016004865A (es) | Metodo y dispositivo para analizar relacion social. | |
BR112016025627A2 (pt) | biomarcadores e combinações dos mesmos para diagnóstico de tuberculose | |
BR112017002546A2 (pt) | caneta com controle de cor | |
MX2016005766A (es) | Dispositivo y metodo para evaluar automaticamente un progreso de un ejercito de entrenamiento. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
B06F | Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette] | ||
B08F | Application dismissed because of non-payment of annual fees [chapter 8.6 patent gazette] |
Free format text: REFERENTE A 4A ANUIDADE. |
|
B08K | Patent lapsed as no evidence of payment of the annual fee has been furnished to inpi [chapter 8.11 patent gazette] |
Free format text: EM VIRTUDE DO ARQUIVAMENTO PUBLICADO NA RPI 2512 DE 26-02-2019 E CONSIDERANDO AUSENCIA DE MANIFESTACAO DENTRO DOS PRAZOS LEGAIS, INFORMO QUE CABE SER MANTIDO O ARQUIVAMENTO DO PEDIDO DE PATENTE, CONFORME O DISPOSTO NO ARTIGO 12, DA RESOLUCAO 113/2013. |