CN104246787A - 用于模式发现的参数调节 - Google Patents
用于模式发现的参数调节 Download PDFInfo
- Publication number
- CN104246787A CN104246787A CN201280072844.6A CN201280072844A CN104246787A CN 104246787 A CN104246787 A CN 104246787A CN 201280072844 A CN201280072844 A CN 201280072844A CN 104246787 A CN104246787 A CN 104246787A
- Authority
- CN
- China
- Prior art keywords
- parameter
- pattern
- event data
- mode
- mode discovery
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
- Debugging And Monitoring (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (15)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2012/040022 WO2013180708A1 (en) | 2012-05-30 | 2012-05-30 | Parameter adjustment for pattern discovery |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104246787A true CN104246787A (zh) | 2014-12-24 |
Family
ID=49673756
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201280072844.6A Pending CN104246787A (zh) | 2012-05-30 | 2012-05-30 | 用于模式发现的参数调节 |
Country Status (4)
Country | Link |
---|---|
US (1) | US10027686B2 (zh) |
EP (1) | EP2856332A4 (zh) |
CN (1) | CN104246787A (zh) |
WO (1) | WO2013180708A1 (zh) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10007407B2 (en) * | 2014-11-03 | 2018-06-26 | Cerner Innovation, Inc. | Duplication detection in clinical documentation to update a clinician |
US20170237752A1 (en) * | 2016-02-11 | 2017-08-17 | Honeywell International Inc. | Prediction of potential cyber security threats and risks in an industrial control system using predictive cyber analytics |
US10956669B2 (en) * | 2018-07-10 | 2021-03-23 | Beijing Didi Infinity Technology And Development Co., Ltd. | Expression recognition using character skipping |
US11163948B2 (en) | 2018-07-10 | 2021-11-02 | Beijing Didi Infinity Technology And Development Co., Ltd. | File fingerprint generation |
US11557141B2 (en) | 2019-12-19 | 2023-01-17 | Beijing Didi Infinity Technology And Development Co., Ltd. | Text document categorization using rules and document fingerprints |
US11250131B2 (en) | 2019-12-19 | 2022-02-15 | Beijing Didi Infinity Technology And Development Co., Ltd. | Multi-purpose agent for endpoint scanning |
EP4339816A1 (en) * | 2022-09-15 | 2024-03-20 | AO Kaspersky Lab | System and method for detecting cyclic activity in an event flow for dynamic application analysis |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050251860A1 (en) * | 2004-05-04 | 2005-11-10 | Kumar Saurabh | Pattern discovery in a network security system |
US20070081508A1 (en) * | 2005-04-21 | 2007-04-12 | Microsoft Corporation | Physical location verification |
US20100057663A1 (en) * | 2008-08-29 | 2010-03-04 | Oracle International Corporation | Techniques for matching a certain class of regular expression-based patterns in data streams |
US7934257B1 (en) * | 2005-01-07 | 2011-04-26 | Symantec Corporation | On-box active reconnaissance |
CN102456062A (zh) * | 2010-11-04 | 2012-05-16 | 中国人民解放军国防科学技术大学 | 社区相似度计算方法与社会网络合作模式发现方法 |
Family Cites Families (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6091712A (en) * | 1994-12-23 | 2000-07-18 | Applied Digital Access, Inc. | Method and apparatus for storing and retrieving performance data collected by a network interface unit |
WO2001088834A2 (en) | 2000-05-17 | 2001-11-22 | New York University | Method and system for data classification in the presence of a temporal non-stationarity |
US8046835B2 (en) * | 2002-10-23 | 2011-10-25 | Frederick S. M. Herz | Distributed computer network security activity model SDI-SCAM |
US8327442B2 (en) * | 2002-12-24 | 2012-12-04 | Herz Frederick S M | System and method for a distributed application and network security system (SDI-SCAM) |
US7664048B1 (en) * | 2003-11-24 | 2010-02-16 | Packeteer, Inc. | Heuristic behavior pattern matching of data flows in enhanced network traffic classification |
US8131472B2 (en) * | 2004-09-28 | 2012-03-06 | International Business Machines Corporation | Methods for hierarchical organization of data associated with medical events in databases |
US8185955B2 (en) * | 2004-11-26 | 2012-05-22 | Telecom Italia S.P.A. | Intrusion detection method and system, related network and computer program product therefor |
US7464302B2 (en) * | 2005-05-04 | 2008-12-09 | International Business Machines Corporation | Method and apparatus for expressing high availability cluster demand based on probability of breach |
US8572733B1 (en) * | 2005-07-06 | 2013-10-29 | Raytheon Company | System and method for active data collection in a network security system |
EP1917778A2 (en) * | 2005-08-03 | 2008-05-07 | Calyptix Security | Systems and methods for dynamically learning network environments to achieve adaptive security |
US8099452B2 (en) * | 2006-09-05 | 2012-01-17 | Microsoft Corporation | Event stream conditioning |
US8272033B2 (en) * | 2006-12-21 | 2012-09-18 | International Business Machines Corporation | User authentication for detecting and controlling fraudulent login behavior |
US8209738B2 (en) * | 2007-05-31 | 2012-06-26 | The Board Of Trustees Of The University Of Illinois | Analysis of distributed policy rule-sets for compliance with global policy |
US7957335B2 (en) * | 2007-08-23 | 2011-06-07 | Cisco Technology, Inc. | Dynamic power usage management based on historical traffic pattern data for network devices |
US8584128B1 (en) * | 2007-09-10 | 2013-11-12 | Emc Corporation | Techniques for adjusting priorities associated with servicing requests |
US8527624B2 (en) | 2008-05-30 | 2013-09-03 | International Business Machines Corporation | Mechanism for adaptive profiling for performance analysis |
WO2010061561A1 (ja) * | 2008-11-26 | 2010-06-03 | パナソニック株式会社 | 監視システム、プログラム実行装置、監視プログラム、記録媒体及び集積回路 |
JP5309924B2 (ja) * | 2008-11-27 | 2013-10-09 | 富士通株式会社 | パケット処理装置、ネットワーク機器、及びパケット処理方法 |
WO2010071998A1 (en) | 2008-12-23 | 2010-07-01 | Andrew Wong | System, method and computer program for pattern based intelligent control, monitoring and automation |
CN101854340B (zh) * | 2009-04-03 | 2015-04-01 | 瞻博网络公司 | 基于访问控制信息进行的基于行为的通信剖析 |
JP5392049B2 (ja) * | 2009-12-11 | 2014-01-22 | 富士通株式会社 | 経路制御方法、通信システム、及び通信装置 |
US8800036B2 (en) * | 2010-01-22 | 2014-08-05 | The School Of Electrical Engineering And Computer Science (Seecs), National University Of Sciences And Technology (Nust) | Method and system for adaptive anomaly-based intrusion detection |
US8457928B2 (en) * | 2010-03-26 | 2013-06-04 | Bmc Software, Inc. | Automatic determination of dynamic threshold for accurate detection of abnormalities |
US8838764B1 (en) * | 2011-09-13 | 2014-09-16 | Amazon Technologies, Inc. | Hosted network management |
US8688831B2 (en) * | 2012-01-17 | 2014-04-01 | International Business Machines Corporation | Managing workload distribution among a plurality of compute nodes |
US20130254524A1 (en) * | 2012-03-20 | 2013-09-26 | Yariv SNAPIR | Automated configuration change authorization |
-
2012
- 2012-05-30 US US14/398,017 patent/US10027686B2/en active Active
- 2012-05-30 CN CN201280072844.6A patent/CN104246787A/zh active Pending
- 2012-05-30 WO PCT/US2012/040022 patent/WO2013180708A1/en active Application Filing
- 2012-05-30 EP EP12877746.3A patent/EP2856332A4/en not_active Withdrawn
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050251860A1 (en) * | 2004-05-04 | 2005-11-10 | Kumar Saurabh | Pattern discovery in a network security system |
US7934257B1 (en) * | 2005-01-07 | 2011-04-26 | Symantec Corporation | On-box active reconnaissance |
US20070081508A1 (en) * | 2005-04-21 | 2007-04-12 | Microsoft Corporation | Physical location verification |
US20100057663A1 (en) * | 2008-08-29 | 2010-03-04 | Oracle International Corporation | Techniques for matching a certain class of regular expression-based patterns in data streams |
CN102456062A (zh) * | 2010-11-04 | 2012-05-16 | 中国人民解放军国防科学技术大学 | 社区相似度计算方法与社会网络合作模式发现方法 |
Also Published As
Publication number | Publication date |
---|---|
EP2856332A4 (en) | 2016-02-24 |
EP2856332A1 (en) | 2015-04-08 |
US20150106922A1 (en) | 2015-04-16 |
US10027686B2 (en) | 2018-07-17 |
WO2013180708A1 (en) | 2013-12-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104246786B (zh) | 模式发现中的字段选择 | |
CN110428127B (zh) | 自动化分析方法、用户设备、存储介质及装置 | |
CN104246787A (zh) | 用于模式发现的参数调节 | |
RU2378689C2 (ru) | Система и способ для контроля сети | |
CN103026345B (zh) | 用于事件监测优先级的动态多维模式 | |
US8051028B2 (en) | Method and apparatus for generating configuration rules for computing entities within a computing environment using association rule mining | |
US20060074621A1 (en) | Apparatus and method for prioritized grouping of data representing events | |
CN104067281A (zh) | 按多个时间维度的聚类事件数据 | |
CN110175451A (zh) | 一种基于电力云的安全监控方法和系统 | |
US9104706B2 (en) | Meta-directory control and evaluation of events | |
CN103502990A (zh) | 用于事件的内存中处理的系统和方法 | |
CN103718170A (zh) | 用于事件的分布式基于规则的相关的系统和方法 | |
CN104509034A (zh) | 模式合并以识别恶意行为 | |
CN103782293A (zh) | 用于数据分区的多维集群 | |
JP2014531647A (ja) | 基準ベースラインに基づき、イベントシーケンス中の時間的位置に従ってイベントを評価するシステム及び方法 | |
CN104871171B (zh) | 分布式模式发现 | |
CN106936812B (zh) | 一种云环境下基于Petri网的文件隐私泄露检测方法 | |
Sapegin et al. | Towards a system for complex analysis of security events in large-scale networks | |
CN112738040A (zh) | 一种基于dns日志的网络安全威胁检测方法、系统及装置 | |
CN109408340A (zh) | 存储设备的监控方法、存储介质 | |
CN114143015A (zh) | 异常访问行为检测方法和电子设备 | |
CN114528457A (zh) | Web指纹检测方法及相关设备 | |
EP3202091B1 (en) | Operation of data network | |
CN113836237A (zh) | 对数据库的数据操作进行审计的方法及装置 | |
CN115712646A (zh) | 一种告警策略生成方法、装置和存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20170111 Address after: American Texas Applicant after: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP Address before: American Texas Applicant before: Hewlett-Packard Development Company, L.P. |
|
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20180613 Address after: American California Applicant after: Antite Software Co., Ltd. Address before: American Texas Applicant before: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP |
|
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20141224 |