CA2572528A1 - Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur - Google Patents

Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur Download PDF

Info

Publication number
CA2572528A1
CA2572528A1 CA002572528A CA2572528A CA2572528A1 CA 2572528 A1 CA2572528 A1 CA 2572528A1 CA 002572528 A CA002572528 A CA 002572528A CA 2572528 A CA2572528 A CA 2572528A CA 2572528 A1 CA2572528 A1 CA 2572528A1
Authority
CA
Canada
Prior art keywords
network
user
anomaly detection
baseline
users
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
CA002572528A
Other languages
English (en)
Inventor
Yuh Ming Yong
Xiaodong Lin
Original Assignee
SNIPE NETWORK SECURITY CORPORATION
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CA002531410A external-priority patent/CA2531410A1/fr
Application filed by SNIPE NETWORK SECURITY CORPORATION filed Critical SNIPE NETWORK SECURITY CORPORATION
Priority to CA002572528A priority Critical patent/CA2572528A1/fr
Publication of CA2572528A1 publication Critical patent/CA2572528A1/fr
Abandoned legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)
CA002572528A 2005-12-23 2006-12-27 Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur Abandoned CA2572528A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA002572528A CA2572528A1 (fr) 2005-12-23 2006-12-27 Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CA2,531,410 2005-12-23
CA002531410A CA2531410A1 (fr) 2005-12-23 2005-12-23 Detection des anomalies d'un reseau, basee sur le comportement, en fonction du profilage d'un utilisateur et d'un groupe d'utilisateurs
CA002572528A CA2572528A1 (fr) 2005-12-23 2006-12-27 Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur

Publications (1)

Publication Number Publication Date
CA2572528A1 true CA2572528A1 (fr) 2007-06-23

Family

ID=38175513

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002572528A Abandoned CA2572528A1 (fr) 2005-12-23 2006-12-27 Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur

Country Status (1)

Country Link
CA (1) CA2572528A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009142751A2 (fr) 2008-05-21 2009-11-26 Luis Filipe Pereira Valente Système et procédé pour découvrir des entités de réseau
US8584195B2 (en) 2006-11-08 2013-11-12 Mcafee, Inc Identities correlation infrastructure for passive network monitoring
CN114205306A (zh) * 2021-11-26 2022-03-18 阿里云计算有限公司 流量识别方法、设备及存储介质

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8584195B2 (en) 2006-11-08 2013-11-12 Mcafee, Inc Identities correlation infrastructure for passive network monitoring
WO2009142751A2 (fr) 2008-05-21 2009-11-26 Luis Filipe Pereira Valente Système et procédé pour découvrir des entités de réseau
WO2009142751A3 (fr) * 2008-05-21 2010-03-18 Mcafee, Inc. Système et procédé pour découvrir des entités de réseau
CN114205306A (zh) * 2021-11-26 2022-03-18 阿里云计算有限公司 流量识别方法、设备及存储介质

Similar Documents

Publication Publication Date Title
US20070245420A1 (en) Method and system for user network behavioural based anomaly detection
US8191136B2 (en) Connection based denial of service detection
US10356106B2 (en) Detecting anomaly action within a computer network
US7664963B2 (en) Data collectors in connection-based intrusion detection
US7774839B2 (en) Feedback mechanism to minimize false assertions of a network intrusion
US8090809B2 (en) Role grouping
US8504879B2 (en) Connection based anomaly detection
US7363656B2 (en) Event detection/anomaly correlation heuristics
US7827272B2 (en) Connection table for intrusion detection
US7949737B2 (en) Method and apparatus for grouping nodes based on connection characteristics
US8176544B2 (en) Network security system having a device profiler communicatively coupled to a traffic monitor
US7716737B2 (en) Connection based detection of scanning attacks
US7461404B2 (en) Detection of unauthorized access in a network
US7596807B2 (en) Method and system for reducing scope of self-propagating attack code in network
US20030188189A1 (en) Multi-level and multi-platform intrusion detection and response system
US20140165207A1 (en) Method for detecting anomaly action within a computer network
US20060047807A1 (en) Method and system for detecting a network anomaly in a network
EP3223495B1 (fr) Détection d'une anomalie dans un réseau d'ordinateurs
US20040221190A1 (en) Aggregator for connection based anomaly detection
Nitin et al. Intrusion detection and prevention system (idps) technology-network behavior analysis system (nbas)
CA2572528A1 (fr) Methode et systeme applicables aux anomalies, bases sur le comportement du reseau d'un utilisateur
Matoušek et al. Security monitoring of iot communication using flows
Vykopal Security Analysis of a Computer Network
Ashfaq et al. Accuracy improving guidelines for network anomaly detection systems
Muraleedharan et al. A Flow Based Slow and Fast Scan Detection System

Legal Events

Date Code Title Description
FZDE Dead