CO2019008341A2 - Análisis de señales múltiples para la identificación de ámbito afectado - Google Patents
Análisis de señales múltiples para la identificación de ámbito afectadoInfo
- Publication number
- CO2019008341A2 CO2019008341A2 CONC2019/0008341A CO2019008341A CO2019008341A2 CO 2019008341 A2 CO2019008341 A2 CO 2019008341A2 CO 2019008341 A CO2019008341 A CO 2019008341A CO 2019008341 A2 CO2019008341 A2 CO 2019008341A2
- Authority
- CO
- Colombia
- Prior art keywords
- signal analysis
- multiple signal
- identification
- threats
- compromised
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/01—Probabilistic graphical models, e.g. probabilistic networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/121—Timestamp
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Evolutionary Computation (AREA)
- Artificial Intelligence (AREA)
- Data Mining & Analysis (AREA)
- Mathematical Physics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Medical Informatics (AREA)
- Mathematical Analysis (AREA)
- Algebra (AREA)
- Computational Mathematics (AREA)
- Probability & Statistics with Applications (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Debugging And Monitoring (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Measurement Of Resistance Or Impedance (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
- Time-Division Multiplex Systems (AREA)
- Measurement Of Current Or Voltage (AREA)
Abstract
La detección de dispositivos y cuentas de usuario comprometidas dentro de un servicio en línea a través de un análisis de señales múltiples permite menos falsos positivos y de esta forma una distribución más exacta de los recursos de cómputo y recursos de analista humano. Se especifican ámbitos individuales de análisis, relacionados con dispositivos o procesos y se analizan múltiples comportamientos durante un período de tiempo para detectar amenazas persistentes (y de acción lenta) así como amenazas de fuerza bruta (y de acción rápida). Los analistas son alertados de ámbitos individualmente afectados con la sospecha de estar comprometidos y, por consiguiente, pueden abordarlos.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/431,391 US10491616B2 (en) | 2017-02-13 | 2017-02-13 | Multi-signal analysis for compromised scope identification |
PCT/US2018/017817 WO2018148657A1 (en) | 2017-02-13 | 2018-02-12 | Multi-signal analysis for compromised scope identification |
Publications (1)
Publication Number | Publication Date |
---|---|
CO2019008341A2 true CO2019008341A2 (es) | 2019-08-20 |
Family
ID=61386917
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CONC2019/0008341A CO2019008341A2 (es) | 2017-02-13 | 2019-07-30 | Análisis de señales múltiples para la identificación de ámbito afectado |
Country Status (18)
Country | Link |
---|---|
US (2) | US10491616B2 (es) |
EP (1) | EP3552138B1 (es) |
JP (1) | JP7108365B2 (es) |
KR (1) | KR102433425B1 (es) |
CN (1) | CN110366727B (es) |
AU (1) | AU2018219369B2 (es) |
BR (1) | BR112019014366A2 (es) |
CA (1) | CA3050321A1 (es) |
CL (1) | CL2019002189A1 (es) |
CO (1) | CO2019008341A2 (es) |
IL (1) | IL268231B (es) |
MX (1) | MX2019009505A (es) |
NZ (1) | NZ755115A (es) |
PH (1) | PH12019550134A1 (es) |
RU (1) | RU2768562C2 (es) |
SG (1) | SG11201907140UA (es) |
WO (1) | WO2018148657A1 (es) |
ZA (1) | ZA201904963B (es) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10943069B1 (en) | 2017-02-17 | 2021-03-09 | Narrative Science Inc. | Applied artificial intelligence technology for narrative generation based on a conditional outcome framework |
US20190038934A1 (en) * | 2017-08-03 | 2019-02-07 | International Business Machines Corporation | Cognitive advisory system of structured assessments through iot sensors |
US11232270B1 (en) * | 2018-06-28 | 2022-01-25 | Narrative Science Inc. | Applied artificial intelligence technology for using natural language processing to train a natural language generation system with respect to numeric style features |
US11012421B2 (en) | 2018-08-28 | 2021-05-18 | Box, Inc. | Predicting user-file interactions |
US11487873B2 (en) * | 2019-01-22 | 2022-11-01 | EMC IP Holding Company LLC | Risk score generation utilizing monitored behavior and predicted impact of compromise |
CN114981821A (zh) * | 2019-04-29 | 2022-08-30 | 摩根大通国家银行 | 用于数据驱动的基础设施控制的系统和方法 |
US11799890B2 (en) * | 2019-10-01 | 2023-10-24 | Box, Inc. | Detecting anomalous downloads |
US11449548B2 (en) | 2019-11-27 | 2022-09-20 | Elasticsearch B.V. | Systems and methods for enriching documents for indexing |
US11768945B2 (en) * | 2020-04-07 | 2023-09-26 | Allstate Insurance Company | Machine learning system for determining a security vulnerability in computer software |
US20210344690A1 (en) * | 2020-05-01 | 2021-11-04 | Amazon Technologies, Inc. | Distributed threat sensor analysis and correlation |
US11704185B2 (en) * | 2020-07-14 | 2023-07-18 | Microsoft Technology Licensing, Llc | Machine learning-based techniques for providing focus to problematic compute resources represented via a dependency graph |
CN112700060B (zh) * | 2021-01-08 | 2023-06-13 | 佳源科技股份有限公司 | 站所终端负荷预测方法和预测装置 |
US11902330B1 (en) * | 2021-06-16 | 2024-02-13 | Juniper Networks, Inc. | Generating a network security policy based on a user identity associated with malicious behavior |
WO2022269786A1 (ja) * | 2021-06-23 | 2022-12-29 | 日本電信電話株式会社 | 通信データ識別装置およびその方法 |
Family Cites Families (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE60316543T2 (de) * | 2002-03-29 | 2008-07-03 | Global Dataguard, Inc., Dallas | Adaptive verhaltensbezogene eindringdetektion |
US7784099B2 (en) * | 2005-02-18 | 2010-08-24 | Pace University | System for intrusion detection and vulnerability assessment in a computer network using simulation and machine learning |
US8122122B1 (en) * | 2005-11-08 | 2012-02-21 | Raytheon Oakley Systems, Inc. | Event monitoring and collection |
US8490194B2 (en) * | 2006-01-31 | 2013-07-16 | Robert Moskovitch | Method and system for detecting malicious behavioral patterns in a computer, using machine learning |
US7739082B2 (en) * | 2006-06-08 | 2010-06-15 | Battelle Memorial Institute | System and method for anomaly detection |
US7908660B2 (en) * | 2007-02-06 | 2011-03-15 | Microsoft Corporation | Dynamic risk management |
US20080295172A1 (en) * | 2007-05-22 | 2008-11-27 | Khushboo Bohacek | Method, system and computer-readable media for reducing undesired intrusion alarms in electronic communications systems and networks |
JP5046836B2 (ja) * | 2007-10-02 | 2012-10-10 | Kddi株式会社 | 不正検知装置、プログラム、および記録媒体 |
US8321938B2 (en) | 2009-02-12 | 2012-11-27 | Raytheon Bbn Technologies Corp. | Multi-tiered scalable network monitoring |
CN101547129B (zh) * | 2009-05-05 | 2011-05-04 | 中国科学院计算技术研究所 | 分布式拒绝服务攻击的检测方法及系统 |
US20100293103A1 (en) | 2009-05-12 | 2010-11-18 | Microsoft Corporation | Interaction model to migrate states and data |
US8793151B2 (en) * | 2009-08-28 | 2014-07-29 | Src, Inc. | System and method for organizational risk analysis and reporting by mapping detected risk patterns onto a risk ontology |
US8712596B2 (en) * | 2010-05-20 | 2014-04-29 | Accenture Global Services Limited | Malicious attack detection and analysis |
AU2011352038B2 (en) * | 2010-12-30 | 2014-10-02 | Cheq Ai Technologies (2018) Ltd. | Online privacy management |
WO2013043170A1 (en) * | 2011-09-21 | 2013-03-28 | Hewlett-Packard Development Company L.P. | Automated detection of a system anomaly |
US9529777B2 (en) * | 2011-10-28 | 2016-12-27 | Electronic Arts Inc. | User behavior analyzer |
US9117076B2 (en) * | 2012-03-14 | 2015-08-25 | Wintermute, Llc | System and method for detecting potential threats by monitoring user and system behavior associated with computer and network activity |
US9832211B2 (en) * | 2012-03-19 | 2017-11-28 | Qualcomm, Incorporated | Computing device to detect malware |
WO2014145431A1 (en) * | 2013-03-15 | 2014-09-18 | Socure Inc. | Risk assessment using social networking data |
US9558347B2 (en) * | 2013-08-27 | 2017-01-31 | Globalfoundries Inc. | Detecting anomalous user behavior using generative models of user actions |
US9338187B1 (en) * | 2013-11-12 | 2016-05-10 | Emc Corporation | Modeling user working time using authentication events within an enterprise network |
US20150235152A1 (en) * | 2014-02-18 | 2015-08-20 | Palo Alto Research Center Incorporated | System and method for modeling behavior change and consistency to detect malicious insiders |
CN103853841A (zh) * | 2014-03-19 | 2014-06-11 | 北京邮电大学 | 一种社交网用户异常行为的分析方法 |
US9565203B2 (en) * | 2014-11-13 | 2017-02-07 | Cyber-Ark Software Ltd. | Systems and methods for detection of anomalous network behavior |
US9690933B1 (en) * | 2014-12-22 | 2017-06-27 | Fireeye, Inc. | Framework for classifying an object as malicious with machine learning for deploying updated predictive models |
US9654485B1 (en) * | 2015-04-13 | 2017-05-16 | Fireeye, Inc. | Analytics-based security monitoring system and method |
US20160308725A1 (en) | 2015-04-16 | 2016-10-20 | Nec Laboratories America, Inc. | Integrated Community And Role Discovery In Enterprise Networks |
US10681060B2 (en) * | 2015-05-05 | 2020-06-09 | Balabit S.A. | Computer-implemented method for determining computer system security threats, security operations center system and computer program product |
US9699205B2 (en) * | 2015-08-31 | 2017-07-04 | Splunk Inc. | Network security system |
US9888024B2 (en) * | 2015-09-30 | 2018-02-06 | Symantec Corporation | Detection of security incidents with low confidence security events |
MA44828A (fr) | 2016-02-16 | 2018-12-26 | Morpho Bv | Procédé, système, dispositif, et produit-programme informatique, destinés à l'autorisation à distance d'un utilisateur de services numériques |
US10372910B2 (en) * | 2016-06-20 | 2019-08-06 | Jask Labs Inc. | Method for predicting and characterizing cyber attacks |
-
2017
- 2017-02-13 US US15/431,391 patent/US10491616B2/en active Active
-
2018
- 2018-02-12 NZ NZ755115A patent/NZ755115A/en unknown
- 2018-02-12 WO PCT/US2018/017817 patent/WO2018148657A1/en unknown
- 2018-02-12 BR BR112019014366-1A patent/BR112019014366A2/pt unknown
- 2018-02-12 SG SG11201907140UA patent/SG11201907140UA/en unknown
- 2018-02-12 JP JP2019543201A patent/JP7108365B2/ja active Active
- 2018-02-12 KR KR1020197023658A patent/KR102433425B1/ko active IP Right Grant
- 2018-02-12 CA CA3050321A patent/CA3050321A1/en active Pending
- 2018-02-12 CN CN201880011573.0A patent/CN110366727B/zh active Active
- 2018-02-12 EP EP18707813.4A patent/EP3552138B1/en active Active
- 2018-02-12 RU RU2019127797A patent/RU2768562C2/ru active
- 2018-02-12 AU AU2018219369A patent/AU2018219369B2/en active Active
- 2018-02-12 MX MX2019009505A patent/MX2019009505A/es unknown
-
2019
- 2019-07-22 PH PH12019550134A patent/PH12019550134A1/en unknown
- 2019-07-23 IL IL268231A patent/IL268231B/en unknown
- 2019-07-29 ZA ZA2019/04963A patent/ZA201904963B/en unknown
- 2019-07-30 CO CONC2019/0008341A patent/CO2019008341A2/es unknown
- 2019-08-02 CL CL2019002189A patent/CL2019002189A1/es unknown
- 2019-11-21 US US16/690,982 patent/US11233810B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
IL268231B (en) | 2022-05-01 |
KR20190117526A (ko) | 2019-10-16 |
JP2020509478A (ja) | 2020-03-26 |
US11233810B2 (en) | 2022-01-25 |
JP7108365B2 (ja) | 2022-07-28 |
CA3050321A1 (en) | 2018-08-16 |
CL2019002189A1 (es) | 2019-12-27 |
MX2019009505A (es) | 2019-10-02 |
RU2019127797A3 (es) | 2021-07-05 |
US10491616B2 (en) | 2019-11-26 |
NZ755115A (en) | 2023-06-30 |
WO2018148657A1 (en) | 2018-08-16 |
ZA201904963B (en) | 2020-11-25 |
US20200092318A1 (en) | 2020-03-19 |
RU2019127797A (ru) | 2021-03-15 |
RU2768562C2 (ru) | 2022-03-24 |
BR112019014366A2 (pt) | 2020-02-27 |
PH12019550134A1 (en) | 2020-06-01 |
EP3552138B1 (en) | 2023-07-12 |
KR102433425B1 (ko) | 2022-08-17 |
IL268231A (en) | 2019-09-26 |
EP3552138A1 (en) | 2019-10-16 |
CN110366727A (zh) | 2019-10-22 |
AU2018219369B2 (en) | 2022-01-06 |
CN110366727B (zh) | 2023-09-19 |
SG11201907140UA (en) | 2019-09-27 |
AU2018219369A1 (en) | 2019-07-25 |
US20180234442A1 (en) | 2018-08-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CO2019008341A2 (es) | Análisis de señales múltiples para la identificación de ámbito afectado | |
AR125441A2 (es) | Análisis de datos agrícolas | |
EP4253936A3 (en) | Parallel flow cytometer using radiofrequency mulitplexing, and method | |
WO2015047802A3 (en) | Advanced persistent threat (apt) detection center | |
MX2019003559A (es) | Deteccion de vulnerabilidades del servicio en un sistema de computacion distribuido. | |
CO2017003261A2 (es) | Sistemas y métodos para análisis y reporte de red | |
MX2017009602A (es) | Metodos y sistema para detectar ataques de inyeccion de datos falsos. | |
GB2540686A (en) | Method and apparatus for decoding multiplexed information in a chromatographic system | |
GB2553451A (en) | Implementing a neural network algorithm on a neurosynaptic substrate based on metadata associated with the neural network algorithm | |
MX342267B (es) | Sistemas y metodos para multiples analisis. | |
GB2538915A (en) | Detection of an unauthorized wireless communication device | |
AR093092A1 (es) | Metodo y sistema para determinar las caracteristicas de una formacion | |
MX2016016828A (es) | Un sistema de deteccion microfluidico y un cartucho microfluidico. | |
MX2019001134A (es) | Sistemas y metodos para la deteccion de reacciones quimioluminiscentes. | |
BR112017000720A2 (pt) | sistema e dispositivo de comunicação portátil | |
AR110613A1 (es) | Monitoreo de un componente utilizado en una operación de pozo | |
AR111831A1 (es) | Multiplexación de alto rendimiento | |
UA117854C2 (uk) | Система боротьби з підробками, основана на фізично не клонованій функції | |
NZ760010A (en) | Methods and systems for assessing quality of a meat product | |
MY181128A (en) | Transaction processing device and transaction system | |
SA518391940B1 (ar) | عملية ضبط انحراف ساعة يتم تنفيذها بالبيانات | |
MX342407B (es) | Deteccion de bloqueo de antena. | |
AR106240A1 (es) | Detección y caracterización de planos de estratificación débiles y delgados en formaciones laminadas que portan hidrocarburos | |
MX362528B (es) | Sistema de medicion optica de peliculas finas en paralelo para analizar multianalitos. | |
BR112016029941A2 (pt) | ferramenta acústica para avaliação de uma formação geológica, aparelho de alojamento e sistema de ferramenta de poços |