CN104871171B - 分布式模式发现 - Google Patents
分布式模式发现 Download PDFInfo
- Publication number
- CN104871171B CN104871171B CN201280077653.9A CN201280077653A CN104871171B CN 104871171 B CN104871171 B CN 104871171B CN 201280077653 A CN201280077653 A CN 201280077653A CN 104871171 B CN104871171 B CN 104871171B
- Authority
- CN
- China
- Prior art keywords
- tree
- frequent pattern
- local
- mode
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (10)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/US2012/067332 WO2014084849A1 (en) | 2012-11-30 | 2012-11-30 | Distributed pattern discovery |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104871171A CN104871171A (zh) | 2015-08-26 |
CN104871171B true CN104871171B (zh) | 2018-09-21 |
Family
ID=50828317
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201280077653.9A Active CN104871171B (zh) | 2012-11-30 | 2012-11-30 | 分布式模式发现 |
Country Status (4)
Country | Link |
---|---|
US (1) | US9830451B2 (zh) |
EP (1) | EP2926291A4 (zh) |
CN (1) | CN104871171B (zh) |
WO (1) | WO2014084849A1 (zh) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9331916B1 (en) | 2013-03-15 | 2016-05-03 | Emc Corporation | Data-driven detection of servers and clients |
EP3039566A4 (en) * | 2013-08-28 | 2017-06-21 | Hewlett-Packard Enterprise Development LP | Distributed pattern discovery |
US9948661B2 (en) | 2014-10-29 | 2018-04-17 | At&T Intellectual Property I, L.P. | Method and apparatus for detecting port scans in a network |
US10324965B2 (en) * | 2014-12-30 | 2019-06-18 | International Business Machines Corporation | Techniques for suggesting patterns in unstructured documents |
SG10201503755QA (en) * | 2015-05-13 | 2016-12-29 | Dataesp Private Ltd | Searching large data space for statistically significant patterns |
US11030157B2 (en) * | 2017-05-18 | 2021-06-08 | Nec Corporation | Template based data reduction for commercial data mining |
US11036741B2 (en) | 2019-03-01 | 2021-06-15 | International Business Machines Corporation | Association rule mining system |
US11755927B2 (en) | 2019-08-23 | 2023-09-12 | Bank Of America Corporation | Identifying entitlement rules based on a frequent pattern tree |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6708163B1 (en) | 1999-02-24 | 2004-03-16 | Hillol Kargupta | Collective data mining from distributed, vertically partitioned feature space |
US6725377B1 (en) * | 1999-03-12 | 2004-04-20 | Networks Associates Technology, Inc. | Method and system for updating anti-intrusion software |
JP2001134575A (ja) * | 1999-10-29 | 2001-05-18 | Internatl Business Mach Corp <Ibm> | 頻出パターン検出方法およびシステム |
US20020091680A1 (en) * | 2000-08-28 | 2002-07-11 | Chirstos Hatzis | Knowledge pattern integration system |
US7539677B1 (en) | 2000-10-09 | 2009-05-26 | Battelle Memorial Institute | Sequential pattern data mining and visualization |
US7370358B2 (en) * | 2001-09-28 | 2008-05-06 | British Telecommunications Public Limited Company | Agent-based intrusion detection system |
US7509677B2 (en) | 2004-05-04 | 2009-03-24 | Arcsight, Inc. | Pattern discovery in a network security system |
US7352280B1 (en) * | 2005-09-01 | 2008-04-01 | Raytheon Company | System and method for intruder tracking using advanced correlation in a network security system |
US7624448B2 (en) | 2006-03-04 | 2009-11-24 | 21St Century Technologies, Inc. | Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data |
WO2007147166A2 (en) | 2006-06-16 | 2007-12-21 | Quantum Leap Research, Inc. | Consilence of data-mining |
WO2008002590A2 (en) * | 2006-06-29 | 2008-01-03 | Sipera Systems, Inc. | System, method and apparatus for protecting a network or device against high volume attacks |
US7953685B2 (en) | 2007-12-27 | 2011-05-31 | Intel Corporation | Frequent pattern array |
US7668942B2 (en) | 2008-05-02 | 2010-02-23 | Yahoo! Inc. | Generating document templates that are robust to structural variations |
US20100017870A1 (en) * | 2008-07-18 | 2010-01-21 | Agnik, Llc | Multi-agent, distributed, privacy-preserving data management and data mining techniques to detect cross-domain network attacks |
AU2010259950A1 (en) | 2009-06-12 | 2011-12-01 | QinetiQ North America, Inc. | Integrated cyber network security system and method |
CN101996102B (zh) | 2009-08-31 | 2013-07-17 | 中国移动通信集团公司 | 数据关联规则挖掘实现方法与系统 |
KR101105363B1 (ko) * | 2010-01-18 | 2012-01-16 | 연세대학교 산학협력단 | 롱 트랜잭션 데이터 스트림을 위한 빈발항목집합 탐색 방법 |
CN101931570B (zh) | 2010-02-08 | 2011-05-04 | 中国航天科技集团公司第七一○研究所 | 一种基于频繁模式增长算法的网络攻击路径重构方法 |
-
2012
- 2012-11-30 CN CN201280077653.9A patent/CN104871171B/zh active Active
- 2012-11-30 US US14/647,833 patent/US9830451B2/en active Active
- 2012-11-30 EP EP12889263.5A patent/EP2926291A4/en not_active Withdrawn
- 2012-11-30 WO PCT/US2012/067332 patent/WO2014084849A1/en active Application Filing
Non-Patent Citations (3)
Title |
---|
"一种网格环境下的FP-树分布式构造算法";荀亚玲,吴晓婷,张继福;《计算机工程与应用》;20111101;第47卷(第31期);第128-131、147页 * |
"基于分布式数据入侵检测模型研究";彭国星;《计算机仿真》;20100615;第27卷(第6期);参见第1-4部分,图3 * |
"基于频繁模式树的分布式关联规则挖掘算法";何波;《控制与决策》;20120415;第27卷(第4期);参见第2.2-2.4节、第3节 * |
Also Published As
Publication number | Publication date |
---|---|
US20150317476A1 (en) | 2015-11-05 |
US9830451B2 (en) | 2017-11-28 |
CN104871171A (zh) | 2015-08-26 |
EP2926291A1 (en) | 2015-10-07 |
WO2014084849A1 (en) | 2014-06-05 |
EP2926291A4 (en) | 2016-07-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104871171B (zh) | 分布式模式发现 | |
US11212299B2 (en) | System and method for monitoring security attack chains | |
US11165815B2 (en) | Systems and methods for cyber security alert triage | |
CN108881265B (zh) | 一种基于人工智能的网络攻击检测方法及系统 | |
CN108471429B (zh) | 一种网络攻击告警方法及系统 | |
JP5941149B2 (ja) | 基準ベースラインに基づき、イベントシーケンス中の時間的位置に従ってイベントを評価するシステム及び方法 | |
US9462009B1 (en) | Detecting risky domains | |
CN104246786B (zh) | 模式发现中的字段选择 | |
US9661003B2 (en) | System and method for forensic cyber adversary profiling, attribution and attack identification | |
CN104509034A (zh) | 模式合并以识别恶意行为 | |
US11159564B2 (en) | Detecting zero-day attacks with unknown signatures via mining correlation in behavioral change of entities over time | |
Vaas et al. | Detecting disguised processes using application-behavior profiling | |
Al-Utaibi et al. | Intrusion detection taxonomy and data preprocessing mechanisms | |
US20240031407A1 (en) | Honeypot Network Management Based on Probabilistic Detection of Malicious Port Activity | |
JP6616045B2 (ja) | 異種混在アラートのグラフベース結合 | |
CN114143015A (zh) | 异常访问行为检测方法和电子设备 | |
Bertino et al. | Securing dbms: characterizing and detecting query floods | |
CN108351940B (zh) | 用于信息安全事件的高频启发式数据获取与分析的系统和方法 | |
Jakhale | Design of anomaly packet detection framework by data mining algorithm for network flow | |
Flores et al. | Network anomaly detection by continuous hidden markov models: An evolutionary programming approach | |
Amiri et al. | A complete operational architecture of alert correlation | |
Mowri et al. | A comparative performance analysis of explainable machine learning models with and without rfecv feature selection technique towards ransomware classification | |
CN113032774A (zh) | 异常检测模型的训练方法、装置、设备及计算机存储介质 | |
US20230275907A1 (en) | Graph-based techniques for security incident matching | |
Gupta | Robust and efficient intrusion detection systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
EXSB | Decision made by sipo to initiate substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20160912 Address after: American Texas Applicant after: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP Address before: American Texas Applicant before: Hewlett-Packard Development Company, Limited Liability Partnership |
|
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20180627 Address after: American California Applicant after: Antite Software Co., Ltd. Address before: American Texas Applicant before: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: Utah, USA Patentee after: Weifosi Co., Ltd Address before: California, USA Patentee before: Antiy Software Co.,Ltd. |