ES2801273T3 - Método y aparato para reconocer el comportamiento de riesgo - Google Patents

Método y aparato para reconocer el comportamiento de riesgo Download PDF

Info

Publication number
ES2801273T3
ES2801273T3 ES16758446T ES16758446T ES2801273T3 ES 2801273 T3 ES2801273 T3 ES 2801273T3 ES 16758446 T ES16758446 T ES 16758446T ES 16758446 T ES16758446 T ES 16758446T ES 2801273 T3 ES2801273 T3 ES 2801273T3
Authority
ES
Spain
Prior art keywords
link
behavior
specific
risk
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
ES16758446T
Other languages
English (en)
Spanish (es)
Inventor
Renxin Mao
Chao Sun
Xinkai Li
Dijun He
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Application granted granted Critical
Publication of ES2801273T3 publication Critical patent/ES2801273T3/es
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
ES16758446T 2015-03-02 2016-02-24 Método y aparato para reconocer el comportamiento de riesgo Active ES2801273T3 (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510093725.4A CN105989155B (zh) 2015-03-02 2015-03-02 识别风险行为的方法及装置
PCT/CN2016/074424 WO2016138830A1 (zh) 2015-03-02 2016-02-24 识别风险行为的方法及装置

Publications (1)

Publication Number Publication Date
ES2801273T3 true ES2801273T3 (es) 2021-01-08

Family

ID=56848744

Family Applications (1)

Application Number Title Priority Date Filing Date
ES16758446T Active ES2801273T3 (es) 2015-03-02 2016-02-24 Método y aparato para reconocer el comportamiento de riesgo

Country Status (9)

Country Link
US (1) US10601850B2 (enExample)
EP (1) EP3267348B1 (enExample)
JP (1) JP6734293B2 (enExample)
KR (1) KR102125116B1 (enExample)
CN (1) CN105989155B (enExample)
ES (1) ES2801273T3 (enExample)
PL (1) PL3267348T3 (enExample)
SG (1) SG11201707032UA (enExample)
WO (1) WO2016138830A1 (enExample)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106529288A (zh) * 2016-11-16 2017-03-22 智者四海(北京)技术有限公司 一种帐号风险识别方法及装置
CN108229963B (zh) * 2016-12-12 2021-07-30 创新先进技术有限公司 用户操作行为的风险识别方法及装置
CN108427624B (zh) * 2017-02-13 2021-03-02 创新先进技术有限公司 一种系统稳定性风险的识别方法以及设备
CN108449307B (zh) * 2017-02-16 2020-12-29 上海行邑信息科技有限公司 一种用于识别风险设备的方法
US10623431B2 (en) * 2017-05-15 2020-04-14 Forcepoint Llc Discerning psychological state from correlated user behavior and contextual information
US10943019B2 (en) 2017-05-15 2021-03-09 Forcepoint, LLC Adaptive trust profile endpoint
US10129269B1 (en) 2017-05-15 2018-11-13 Forcepoint, LLC Managing blockchain access to user profile information
US9882918B1 (en) 2017-05-15 2018-01-30 Forcepoint, LLC User behavior profile in a blockchain
US10999296B2 (en) 2017-05-15 2021-05-04 Forcepoint, LLC Generating adaptive trust profiles using information derived from similarly situated organizations
US10862927B2 (en) * 2017-05-15 2020-12-08 Forcepoint, LLC Dividing events into sessions during adaptive trust profile operations
US10917423B2 (en) 2017-05-15 2021-02-09 Forcepoint, LLC Intelligently differentiating between different types of states and attributes when using an adaptive trust profile
US10999297B2 (en) 2017-05-15 2021-05-04 Forcepoint, LLC Using expected behavior of an entity when prepopulating an adaptive trust profile
US10447718B2 (en) 2017-05-15 2019-10-15 Forcepoint Llc User profile definition and management
CN107517203B (zh) * 2017-08-08 2020-07-14 奇安信科技集团股份有限公司 一种用户行为基线建立方法及装置
CN107566163B (zh) * 2017-08-10 2020-11-06 奇安信科技集团股份有限公司 一种用户行为分析关联的告警方法及装置
CN108304308A (zh) * 2018-02-07 2018-07-20 平安普惠企业管理有限公司 用户行为监控方法、装置、计算机设备和存储介质
US10997295B2 (en) 2019-04-26 2021-05-04 Forcepoint, LLC Adaptive trust profile reference architecture
US11621974B2 (en) * 2019-05-14 2023-04-04 Tenable, Inc. Managing supersedence of solutions for security issues among assets of an enterprise network
CN110457896A (zh) * 2019-07-02 2019-11-15 北京人人云图信息技术有限公司 在线访问的检测方法及检测装置
US12216791B2 (en) 2020-02-24 2025-02-04 Forcepoint Llc Re-identifying pseudonymized or de-identified data utilizing distributed ledger technology
CN111582722B (zh) * 2020-05-09 2022-06-07 拉扎斯网络科技(上海)有限公司 风险识别方法、装置、电子设备及可读存储介质
CN114764418B (zh) * 2020-12-31 2025-02-28 北京达佳互联信息技术有限公司 风险检测方法、装置、电子设备及存储介质
CN112866230B (zh) * 2021-01-13 2023-05-16 深信服科技股份有限公司 一种风险检测方法、装置及存储介质
CN112927068B (zh) * 2021-03-30 2024-08-20 善诊(上海)信息技术有限公司 业务数据风险分类门限确定方法、装置、设备及存储介质
CN113051560B (zh) * 2021-04-13 2024-05-24 北京安天网络安全技术有限公司 终端行为的安全识别方法和装置

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7953814B1 (en) * 2005-02-28 2011-05-31 Mcafee, Inc. Stopping and remediating outbound messaging abuse
US7574382B1 (en) * 2004-08-03 2009-08-11 Amazon Technologies, Inc. Automated detection of anomalous user activity associated with specific items in an electronic catalog
CA2531410A1 (en) * 2005-12-23 2007-06-23 Snipe Network Security Corporation Behavioural-based network anomaly detection based on user and group profiling
US7574832B1 (en) 2007-01-24 2009-08-18 Lieberman Phillip L Portable telescoping tower assembly
JP2010108469A (ja) * 2008-10-01 2010-05-13 Sky Co Ltd 操作監視システム及び操作監視プログラム
US8356001B2 (en) * 2009-05-19 2013-01-15 Xybersecure, Inc. Systems and methods for application-level security
US8566956B2 (en) 2010-06-23 2013-10-22 Salesforce.Com, Inc. Monitoring and reporting of data access behavior of authorized database users
US9058486B2 (en) * 2011-10-18 2015-06-16 Mcafee, Inc. User behavioral risk assessment
CN104956373A (zh) * 2012-12-04 2015-09-30 惠普发展公司,有限责任合伙企业 确定异常网络行为的可疑根本原因
US8850517B2 (en) 2013-01-15 2014-09-30 Taasera, Inc. Runtime risk detection based on user, application, and system action sequence correlation
CN103297267B (zh) * 2013-05-10 2016-05-11 中华通信系统有限责任公司河北分公司 一种网络行为的风险评估方法和系统
US20140359777A1 (en) * 2013-05-31 2014-12-04 Fixmo, Inc. Context-aware risk measurement mobile device management system
US20150039513A1 (en) * 2014-02-14 2015-02-05 Brighterion, Inc. User device profiling in transaction authentications
CN104376266B (zh) * 2014-11-21 2017-09-15 工业和信息化部电信研究院 应用软件安全级别的确定方法及装置
US10075474B2 (en) * 2015-02-06 2018-09-11 Honeywell International Inc. Notification subsystem for generating consolidated, filtered, and relevant security risk-based notifications

Also Published As

Publication number Publication date
US10601850B2 (en) 2020-03-24
PL3267348T3 (pl) 2020-11-16
KR102125116B1 (ko) 2020-06-22
EP3267348B1 (en) 2020-04-08
CN105989155B (zh) 2019-10-25
WO2016138830A1 (zh) 2016-09-09
KR20170125864A (ko) 2017-11-15
JP2018510422A (ja) 2018-04-12
EP3267348A1 (en) 2018-01-10
US20180013780A1 (en) 2018-01-11
SG11201707032UA (en) 2017-09-28
CN105989155A (zh) 2016-10-05
EP3267348A4 (en) 2018-10-31
JP6734293B2 (ja) 2020-08-05

Similar Documents

Publication Publication Date Title
ES2801273T3 (es) Método y aparato para reconocer el comportamiento de riesgo
Zafar et al. The value of the CIO in the top management team on performance in the case of information security breaches
US10491697B2 (en) System and method for bot detection
CN105516130B (zh) 一种数据处理方法和装置
US20050278786A1 (en) System and method for assessing risk to a collection of information resources
US11457024B2 (en) Systems and methods for monitoring security of an organization based on a normalized risk score
US20140215618A1 (en) Method and apparatus for computer intrusion detection
Isaac Hope, hype, and fear: the promise and potential pitfalls of artificial intelligence in criminal justice
Hall et al. Can we calculate drought risk… and do we need to?
Kurogome et al. EIGER: automated IOC generation for accurate and interpretable endpoint malware detection
TWI710922B (zh) 行為標記模型訓練系統及方法
CN109450956A (zh) 网络安全性评估方法、系统、介质和计算设备
CN107920062A (zh) 一种业务逻辑攻击检测模型的构建方法和计算设备
Heim et al. Training compute thresholds: Features and functions in AI regulation
Sarabi et al. Prioritizing Security Spending: A Quantitative Analysis of Risk Distributions for Different Business Profiles.
Taylor et al. Rapid ransomware detection through side channel exploitation
KR102590081B1 (ko) 보안 규제 준수 자동화 장치
US11232202B2 (en) System and method for identifying activity in a computer system
US20240031378A1 (en) Anomaly detection using embedding space representation of system states
CN106790211B (zh) 一种预测恶意软件感染的统计预测系统和方法
CN105868991B (zh) 识别机器辅助作弊的方法和装置
CN105912927A (zh) 用于生成应用控制规则的系统和方法
EP4599342A1 (en) Smart contract behavior classification
CN117972686B (zh) 一种数据治理方法以及相关装置
Goethals et al. Insider attack metrics for cybersecurity: investigating various research options