DE112021004273T5 - Adaptive Sicherheit für Einheiten mit eingeschränkten Ressourcen - Google Patents

Adaptive Sicherheit für Einheiten mit eingeschränkten Ressourcen Download PDF

Info

Publication number
DE112021004273T5
DE112021004273T5 DE112021004273.4T DE112021004273T DE112021004273T5 DE 112021004273 T5 DE112021004273 T5 DE 112021004273T5 DE 112021004273 T DE112021004273 T DE 112021004273T DE 112021004273 T5 DE112021004273 T5 DE 112021004273T5
Authority
DE
Germany
Prior art keywords
security
iocs
value
security measures
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
DE112021004273.4T
Other languages
German (de)
English (en)
Inventor
Tim Scheideler
Matthias SEUL
Arjun Udupi Raghavendra
Andrea Giovannini
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kyndryl Inc
Original Assignee
Kyndryl Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kyndryl Inc filed Critical Kyndryl Inc
Publication of DE112021004273T5 publication Critical patent/DE112021004273T5/de
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5077Logical partitioning of resources; Management or configuration of virtualized resources
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Debugging And Monitoring (AREA)
DE112021004273.4T 2020-10-28 2021-10-07 Adaptive Sicherheit für Einheiten mit eingeschränkten Ressourcen Pending DE112021004273T5 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US17/082,348 2020-10-28
US17/082,348 US11539737B2 (en) 2020-10-28 2020-10-28 Adaptive security for resource constraint devices
PCT/IB2021/059206 WO2022090840A1 (en) 2020-10-28 2021-10-07 Adaptive security for resource constraint devices

Publications (1)

Publication Number Publication Date
DE112021004273T5 true DE112021004273T5 (de) 2023-10-12

Family

ID=81257801

Family Applications (1)

Application Number Title Priority Date Filing Date
DE112021004273.4T Pending DE112021004273T5 (de) 2020-10-28 2021-10-07 Adaptive Sicherheit für Einheiten mit eingeschränkten Ressourcen

Country Status (5)

Country Link
US (1) US11539737B2 (https=)
JP (1) JP7714646B2 (https=)
DE (1) DE112021004273T5 (https=)
GB (1) GB2614962A (https=)
WO (1) WO2022090840A1 (https=)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102023132686A1 (de) * 2023-11-23 2025-05-28 Airbus Defence and Space GmbH Deterministische Zeitverwaltung und Zeitverwaltungseinheit für Mehrkernprozessoren

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12235969B2 (en) 2019-05-20 2025-02-25 Securin Inc. System and method for calculating and understanding aggregation risk and systemic risk across a population of organizations with respect to cybersecurity for purposes of damage coverage, consequence management, and disaster avoidance
US11914724B2 (en) * 2020-12-24 2024-02-27 Acronis International Gmbh Systems and methods for adjusting data protection levels based on system metadata
US12353546B2 (en) * 2022-07-21 2025-07-08 Uab 360 It Method and apparatus for creating a malware detection dataset
TWI822388B (zh) * 2022-10-12 2023-11-11 財團法人資訊工業策進會 資安防護偵測規則的標示方法及資安威脅策略、技術與攻擊流程標示裝置
US20240146749A1 (en) * 2022-10-28 2024-05-02 International Business Machines Corporation Threat relevancy based on user affinity
US12483533B2 (en) * 2022-11-16 2025-11-25 The Toronto-Dominion Bank Automatic validations and prioritizations of indicators of compromise
US12596802B2 (en) * 2024-03-29 2026-04-07 Dell Products L.P. Malware detection techniques

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999023538A1 (en) 1997-10-28 1999-05-14 Georgia Tech Research Corporation Adaptive data security system and method
US7536724B1 (en) 2003-10-01 2009-05-19 Symantec Corporation Risk profiling for optimizing deployment of security measures
US7464171B2 (en) 2004-10-01 2008-12-09 Microsoft Corporation Effective protection of computer data traffic in constrained resource scenarios
JP2015130152A (ja) * 2013-12-06 2015-07-16 三菱電機株式会社 情報処理装置及びプログラム
US9565204B2 (en) 2014-07-18 2017-02-07 Empow Cyber Security Ltd. Cyber-security system and methods thereof
US9444829B1 (en) * 2014-07-30 2016-09-13 Symantec Corporation Systems and methods for protecting computing resources based on logical data models
EP3021546B1 (en) 2014-11-14 2020-04-01 Institut Mines-Telecom / Telecom Sudparis Selection of countermeasures against cyber attacks
US11282017B2 (en) 2015-07-11 2022-03-22 RiskRecon Inc. Systems and methods for monitoring information security effectiveness
US20170223030A1 (en) * 2016-01-29 2017-08-03 Splunk Inc. Detection of security transactions
US10009370B1 (en) * 2016-03-01 2018-06-26 EMC IP Holding Company LLC Detection and remediation of potentially malicious files
US10333965B2 (en) 2016-09-12 2019-06-25 Qualcomm Incorporated Methods and systems for on-device real-time adaptive security based on external threat intelligence inputs
JP6677623B2 (ja) * 2016-11-08 2020-04-08 株式会社日立製作所 セキュリティ対策立案支援システムおよび方法
US10673871B2 (en) 2017-10-04 2020-06-02 New Context Services, Inc. Autonomous edge device for monitoring and threat detection
US11146581B2 (en) 2018-12-31 2021-10-12 Radware Ltd. Techniques for defending cloud platforms against cyber-attacks
CN110191083B (zh) 2019-03-20 2020-09-25 中国科学院信息工程研究所 面向高级持续性威胁的安全防御方法、装置与电子设备
US11431734B2 (en) * 2019-04-18 2022-08-30 Kyndryl, Inc. Adaptive rule generation for security event correlation
CN111385288B (zh) 2020-02-20 2022-03-01 中国人民解放军战略支援部队信息工程大学 基于隐蔽对抗的移动目标防御时机选取方法及装置
US11997140B2 (en) * 2021-01-13 2024-05-28 Microsoft Technology Licensing, Llc Ordering security incidents using alert diversity

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102023132686A1 (de) * 2023-11-23 2025-05-28 Airbus Defence and Space GmbH Deterministische Zeitverwaltung und Zeitverwaltungseinheit für Mehrkernprozessoren

Also Published As

Publication number Publication date
US11539737B2 (en) 2022-12-27
JP2023550270A (ja) 2023-12-01
US20220131889A1 (en) 2022-04-28
JP7714646B2 (ja) 2025-07-29
GB202218403D0 (en) 2023-01-18
GB2614962A (en) 2023-07-26
WO2022090840A1 (en) 2022-05-05

Similar Documents

Publication Publication Date Title
DE112021004273T5 (de) Adaptive Sicherheit für Einheiten mit eingeschränkten Ressourcen
Aldasoro et al. The drivers of cyber risk
DE112019001121B4 (de) Auf einem computer implementiertes verfahren zum identifizieren von malware und system hierfür
US10630716B1 (en) Methods and system for tracking security risks over infrastructure
DE112010003454B4 (de) Bedrohungserkennung in einem Datenverarbeitungssystem
EP3455773B1 (en) Inferential exploit attempt detection
Alguliyev et al. Big data: big promises for information security
US9141791B2 (en) Monitoring for anomalies in a computing environment
DE112021004678T5 (de) Automatisierte risikobewertung von zustandsprüfungen von datenverarbeitungsressourcen
US10635806B2 (en) Least recently used (LRU)-based event suppression
DE112020003944T5 (de) Verfahren, System und Speichermedium für die Sicherheit von Softwarekomponenten
DE112019000327T5 (de) Ransomware-Detektion und -Verhinderung, die auf vom Anwender hinzugefügten Werten basiert
DE102023201190A1 (de) Erkennung eines bösartigen domänenerzeugungsalgorithmus (dga) im speicher einer datenverarbeitungseinheit unter verwendung von maschinenlernenden erkennungsmodellen
DE202012013609U1 (de) System zur Verteilung der Verarbeitung von Computer-Sicherheitsaufgaben
DE112021004808T5 (de) Erkennen von malware durch analyse verteilter telemetriedaten
DE112017000886T5 (de) High-Fidelity-Datenreduktion zur Systemabhängigkeitsanalyse
CN112925805A (zh) 基于网络安全的大数据智能分析应用方法
DE112020002552T5 (de) System und verfahren für eine siem-regel-sortierung und bedingte ausführung
CN107146150A (zh) 审计对象的审计方法、装置、存储介质及处理器
DE102019209349A1 (de) Untersuchung von Web-Bedrohungen mithilfe von fortschrittlichem Web-Crawling
George et al. Extending detection and response: how MXDR evolves cybersecurity
CN115587357A (zh) 一种基于大数据的威胁场景分析方法及系统
DE202024106159U1 (de) System zur Identifikation und Prävention von Advanced Persistent Threats (APT) mit Big-Data-Analyse
DE102020112592A1 (de) Anwendungsverhaltensbezogene Fingerabdrücke
Samuel et al. Intelligent malware detection system based on behavior analysis in cloud computing environment

Legal Events

Date Code Title Description
R012 Request for examination validly filed