DE112018004284B4 - Dynamisches neuzusammenstellen von patch-gruppen unter verwendung von stream-clustering - Google Patents

Dynamisches neuzusammenstellen von patch-gruppen unter verwendung von stream-clustering Download PDF

Info

Publication number
DE112018004284B4
DE112018004284B4 DE112018004284.7T DE112018004284T DE112018004284B4 DE 112018004284 B4 DE112018004284 B4 DE 112018004284B4 DE 112018004284 T DE112018004284 T DE 112018004284T DE 112018004284 B4 DE112018004284 B4 DE 112018004284B4
Authority
DE
Germany
Prior art keywords
risk
server
server group
computer
component
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
DE112018004284.7T
Other languages
German (de)
English (en)
Other versions
DE112018004284T5 (de
Inventor
Jinho Hwang
Mohammed Faith Bulut
Vugranam Sreedhar
Sai Zeng
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kyndryl Inc
Original Assignee
Kyndryl Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kyndryl Inc filed Critical Kyndryl Inc
Publication of DE112018004284T5 publication Critical patent/DE112018004284T5/de
Application granted granted Critical
Publication of DE112018004284B4 publication Critical patent/DE112018004284B4/de
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/561Virus type analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3404Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment for parallel or distributed programming
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring
    • G06F11/3495Performance evaluation by tracing or monitoring for systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • General Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Debugging And Monitoring (AREA)
  • Stored Programmes (AREA)
DE112018004284.7T 2017-09-29 2018-09-25 Dynamisches neuzusammenstellen von patch-gruppen unter verwendung von stream-clustering Active DE112018004284B4 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/721,566 2017-09-29
US15/721,566 US10540496B2 (en) 2017-09-29 2017-09-29 Dynamic re-composition of patch groups using stream clustering
PCT/IB2018/057407 WO2019064176A1 (en) 2017-09-29 2018-09-25 DYNAMIC RE-COMPOSITION OF CORRECTIVE GROUPS USING A FLOW REGROUP

Publications (2)

Publication Number Publication Date
DE112018004284T5 DE112018004284T5 (de) 2020-05-14
DE112018004284B4 true DE112018004284B4 (de) 2024-12-24

Family

ID=65896062

Family Applications (1)

Application Number Title Priority Date Filing Date
DE112018004284.7T Active DE112018004284B4 (de) 2017-09-29 2018-09-25 Dynamisches neuzusammenstellen von patch-gruppen unter verwendung von stream-clustering

Country Status (6)

Country Link
US (3) US10540496B2 (https=)
JP (1) JP7129474B2 (https=)
CN (1) CN111164597B (https=)
DE (1) DE112018004284B4 (https=)
GB (1) GB2582460B (https=)
WO (1) WO2019064176A1 (https=)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12184683B2 (en) * 2020-05-05 2024-12-31 The United States Of America As Represented By The Secretary Of The Army Cybersecurity resilience by integrating adversary and defender actions, deep learning, and graph thinking
WO2021203975A1 (zh) * 2020-11-11 2021-10-14 平安科技(深圳)有限公司 服务器调配方法、装置、设备及存储介质
US11783068B2 (en) * 2021-03-24 2023-10-10 Bank Of America Corporation System for dynamic exposure monitoring
US12333018B2 (en) * 2021-10-15 2025-06-17 Capital One Services, Llc Security vulnerability communication and remediation with machine learning
DE102022203086A1 (de) * 2022-03-29 2023-10-05 Volkswagen Aktiengesellschaft Risikoanalyse eines verteilten Untersuchungsgegenstands
US12169709B2 (en) * 2022-03-30 2024-12-17 Kyndryl, Inc. Contextually cognitive edge server manager

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050015760A1 (en) * 2003-07-16 2005-01-20 Oleg Ivanov Automatic detection and patching of vulnerable files
US20130340074A1 (en) * 2012-06-13 2013-12-19 International Business Machines Corporation Managing software patch installations
US20140351934A1 (en) * 2013-05-21 2014-11-27 Samsung Electronics Co., Ltd. Method and apparatus for detecting malware and recording medium thereof

Family Cites Families (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7313822B2 (en) * 2001-03-16 2007-12-25 Protegrity Corporation Application-layer security method and system
CN1610887A (zh) * 2001-12-31 2005-04-27 大本营安全软件公司 计算机脆弱性自动解决方案系统
US9047582B2 (en) * 2002-06-18 2015-06-02 Ca, Inc. Methods and systems for managing enterprise assets
KR100599451B1 (ko) * 2004-07-23 2006-07-12 한국전자통신연구원 이동형 저장장치를 이용한 인터넷 웜 치료 및 시스템 패치장치 및 그 방법
US9325728B1 (en) * 2005-01-27 2016-04-26 Leidos, Inc. Systems and methods for implementing and scoring computer network defense exercises
JP2006350543A (ja) * 2005-06-14 2006-12-28 Mitsubishi Electric Corp ログ分析装置
US7647637B2 (en) 2005-08-19 2010-01-12 Sun Microsystems, Inc. Computer security technique employing patch with detection and/or characterization mechanism for exploit of patched vulnerability
US7712137B2 (en) * 2006-02-27 2010-05-04 Microsoft Corporation Configuring and organizing server security information
WO2007117574A2 (en) * 2006-04-06 2007-10-18 Smobile Systems Inc. Non-signature malware detection system and method for mobile platforms
US8307444B1 (en) * 2006-06-12 2012-11-06 Redseal Networks, Inc. Methods and apparatus for determining network risk based upon incomplete network configuration data
US7900259B2 (en) * 2007-03-16 2011-03-01 Prevari Predictive assessment of network risks
US8689330B2 (en) * 2007-09-05 2014-04-01 Yahoo! Inc. Instant messaging malware protection
US8839225B2 (en) 2008-01-23 2014-09-16 International Business Machines Corporation Generating and applying patches to a computer program code concurrently with its execution
US20090282457A1 (en) * 2008-05-06 2009-11-12 Sudhakar Govindavajhala Common representation for different protection architectures (crpa)
JP5148442B2 (ja) * 2008-09-30 2013-02-20 株式会社東芝 脆弱性対応優先度表示装置及びプログラム
US8769683B1 (en) * 2009-07-07 2014-07-01 Trend Micro Incorporated Apparatus and methods for remote classification of unknown malware
US9317692B2 (en) * 2009-12-21 2016-04-19 Symantec Corporation System and method for vulnerability risk analysis
US8793681B2 (en) * 2011-06-24 2014-07-29 International Business Machines Corporation Determining best practices for applying computer software patches
CN102404715A (zh) 2011-11-18 2012-04-04 广东步步高电子工业有限公司 基于良性蠕虫的手机蠕虫病毒对抗方法
US20140025796A1 (en) 2012-07-19 2014-01-23 Commvault Systems, Inc. Automated grouping of computing devices in a networked data storage system
US9083689B2 (en) * 2012-12-28 2015-07-14 Nok Nok Labs, Inc. System and method for implementing privacy classes within an authentication framework
US20150066575A1 (en) * 2013-08-28 2015-03-05 Bank Of America Corporation Enterprise risk assessment
US10489861B1 (en) * 2013-12-23 2019-11-26 Massachusetts Mutual Life Insurance Company Methods and systems for improving the underwriting process
WO2015105486A1 (en) 2014-01-08 2015-07-16 Hewlett-Packard Development Company, L.P. Dynamically applying a software patch to a computer program
WO2015141628A1 (ja) * 2014-03-19 2015-09-24 日本電信電話株式会社 Url選定方法、url選定システム、url選定装置及びurl選定プログラム
US10445505B2 (en) * 2014-09-22 2019-10-15 Mcafee, Llc Process vulnerability assessment
WO2016049376A1 (en) 2014-09-24 2016-03-31 Oracle International Corporation System and method for supporting patching in a multitenant application server environment
US9430219B2 (en) 2014-12-16 2016-08-30 Sap Se Revision safe upgrade in a hybrid cloud landscape
US9521160B2 (en) 2014-12-29 2016-12-13 Cyence Inc. Inferential analysis using feedback for extracting and combining cyber risk information
US9699209B2 (en) 2014-12-29 2017-07-04 Cyence Inc. Cyber vulnerability scan analyses with actionable feedback
US9923912B2 (en) * 2015-08-28 2018-03-20 Cisco Technology, Inc. Learning detector of malicious network traffic from weak labels
US10084811B1 (en) * 2015-09-09 2018-09-25 United Services Automobile Association (Usaa) Systems and methods for adaptive security protocols in a managed system
US10021120B1 (en) * 2015-11-09 2018-07-10 8X8, Inc. Delayed replication for protection of replicated databases
US10142362B2 (en) * 2016-06-02 2018-11-27 Zscaler, Inc. Cloud based systems and methods for determining security risks of users and groups
US10728261B2 (en) * 2017-03-02 2020-07-28 ResponSight Pty Ltd System and method for cyber security threat detection
US11436113B2 (en) * 2018-06-28 2022-09-06 Twitter, Inc. Method and system for maintaining storage device failure tolerance in a composable infrastructure
US10853046B2 (en) * 2018-12-13 2020-12-01 Salesforce.Com, Inc. Deployment of software applications on server clusters

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050015760A1 (en) * 2003-07-16 2005-01-20 Oleg Ivanov Automatic detection and patching of vulnerable files
US20130340074A1 (en) * 2012-06-13 2013-12-19 International Business Machines Corporation Managing software patch installations
US20140351934A1 (en) * 2013-05-21 2014-11-27 Samsung Electronics Co., Ltd. Method and apparatus for detecting malware and recording medium thereof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Common Vulnerability Scoring System. In: Wikipedia, the free encyclopedia. Bearbeitungsstand: 11.07.2017. URL: https://en.wikipedia.org/w/index.php?title=Common_Vulnerability_Scoring_System&oldid=790056625 [abgerufen am 02.07.2024] *

Also Published As

Publication number Publication date
US10977366B2 (en) 2021-04-13
GB2582460B (en) 2021-01-20
US11620381B2 (en) 2023-04-04
JP7129474B2 (ja) 2022-09-01
US10540496B2 (en) 2020-01-21
GB202006140D0 (en) 2020-06-10
US20200110877A1 (en) 2020-04-09
US20210150029A1 (en) 2021-05-20
DE112018004284T5 (de) 2020-05-14
CN111164597A (zh) 2020-05-15
US20190102548A1 (en) 2019-04-04
CN111164597B (zh) 2024-08-23
WO2019064176A1 (en) 2019-04-04
JP2020535515A (ja) 2020-12-03
GB2582460A (en) 2020-09-23

Similar Documents

Publication Publication Date Title
DE112018004284B4 (de) Dynamisches neuzusammenstellen von patch-gruppen unter verwendung von stream-clustering
DE112019003431B4 (de) REGELERZEUGUNG MITHILFE VON KÜNSTLICHER INTELLIGENZ - Verfahren, System und Computerprogrammprodukt
DE112016001742B4 (de) Integrierte Gemeinschafts- und Rollenentdeckung in Unternehmensnetzwerken
DE112019003042B4 (de) Erkennung von verdächtigen aktivitäten in computernetzwerken
DE112021004689T5 (de) Kontextbasierte risikobeurteilung einer schwachstelle in datenverarbeitungsressourcen
DE112021001566T5 (de) Ermitteln von abhängigkeiten multivariater zeitreihendaten
DE112018002984T5 (de) Konformitätsbewusste Laufzeiterzeugung auf Grundlage von Anwendungsmustern und Risikobeurteilung
DE112020003820T5 (de) Erkennung von Anomalien und Abweichungen unter Verwendung eines domänenindizierten Einschränkungs-Repository
DE112020002110T5 (de) Ressourcenarme entitätsauflösung mit transfer learning
DE112019001121T5 (de) Erkennen von malware
DE112021004808T5 (de) Erkennen von malware durch analyse verteilter telemetriedaten
DE112021000689T5 (de) Attestierung von neuronalen abläufen
DE112021005569T5 (de) Kontradiktorisches, halbüberwachtes one-shot-lernen
DE102021125859A1 (de) Konfidenzberechnungen auf datenqualitätsgrundlage für aus zeitreihendaten abgeleitete kpis
DE112021004115B4 (de) Sicherheitssystem für eine Segmentierung von Computerdatei-Metadaten
DE102016204698A1 (de) Verbessern des Erkennens von Steganographie am Perimeter
DE112022004894T5 (de) Erweiterung von trainingsdaten über programmvereinfachung
DE112020005700T5 (de) Unterstützen und automatisieren von arbeitsabläufen unter verwendung von strukturierten protokollereignissen
DE112023000325T5 (de) Auswahl der sicherheitsrichtlinie auf der grundlage der berechneten unsicherheit und des vorhergesagten ressourcenverbrauchs
DE112021005891T5 (de) Teilen von einblicken zwischen vor- und nachbereitstellung, um eine cloud-arbeitslastsicherheit zu verbessern
DE112021001492T5 (de) Verfahren und systeme zur graphdatenverarbeitung mit hybridem schlussfolgern
DE112021003506T5 (de) Hybrides ensemble-modell, das edge- und serverseitige inferenzen nutzt
DE112020004688T5 (de) Debuggen und erstellen von profilen von maschinenlernmodelltraining
DE112022005940T5 (de) Identifizierung von zielen für indirekte funktionsaufrufe in software
DE112020003555B4 (de) Verwaltung von sicherheits-berechtigungsnachweisen für client-anwendungen

Legal Events

Date Code Title Description
R012 Request for examination validly filed
R082 Change of representative

Representative=s name: RICHARDT PATENTANWAELTE PARTG MBB, DE

R081 Change of applicant/patentee

Owner name: KYNDRYL, INC., NEW YORK, US

Free format text: FORMER OWNER: INTERNATIONAL BUSINESS MACHINES CORPORATION, ARMONK, NY, US

R016 Response to examination communication
R016 Response to examination communication
R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: G06F0021000000

Ipc: G06F0021500000

R018 Grant decision by examination section/examining division
R020 Patent grant now final