GB2563280B - Anomaly detection in computer networks - Google Patents

Anomaly detection in computer networks Download PDF

Info

Publication number
GB2563280B
GB2563280B GB1709228.9A GB201709228A GB2563280B GB 2563280 B GB2563280 B GB 2563280B GB 201709228 A GB201709228 A GB 201709228A GB 2563280 B GB2563280 B GB 2563280B
Authority
GB
United Kingdom
Prior art keywords
computer networks
anomaly detection
anomaly
detection
networks
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
GB1709228.9A
Other versions
GB2563280A (en
GB201709228D0 (en
Inventor
Servajean Maximilien
Cheng Yipeng
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
British Telecommunications PLC
Original Assignee
British Telecommunications PLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by British Telecommunications PLC filed Critical British Telecommunications PLC
Priority to GB1709228.9A priority Critical patent/GB2563280B/en
Publication of GB201709228D0 publication Critical patent/GB201709228D0/en
Publication of GB2563280A publication Critical patent/GB2563280A/en
Application granted granted Critical
Publication of GB2563280B publication Critical patent/GB2563280B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/047Probabilistic or stochastic networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/084Backpropagation, e.g. using gradient descent
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N7/00Computing arrangements based on specific mathematical models
    • G06N7/01Probabilistic graphical models, e.g. probabilistic networks
GB1709228.9A 2017-06-09 2017-06-09 Anomaly detection in computer networks Active GB2563280B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1709228.9A GB2563280B (en) 2017-06-09 2017-06-09 Anomaly detection in computer networks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1709228.9A GB2563280B (en) 2017-06-09 2017-06-09 Anomaly detection in computer networks

Publications (3)

Publication Number Publication Date
GB201709228D0 GB201709228D0 (en) 2017-07-26
GB2563280A GB2563280A (en) 2018-12-12
GB2563280B true GB2563280B (en) 2021-05-26

Family

ID=59358165

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1709228.9A Active GB2563280B (en) 2017-06-09 2017-06-09 Anomaly detection in computer networks

Country Status (1)

Country Link
GB (1) GB2563280B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3919996A1 (en) 2020-06-02 2021-12-08 Siemens Aktiengesellschaft Method and apparatus for monitoring of industrial devices

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2833594A1 (en) * 2013-07-31 2015-02-04 Siemens Aktiengesellschaft Feature based three stage neural networks intrusion detection method and system
US20160127405A1 (en) * 2014-10-29 2016-05-05 Ricoh Company, Ltd. Information processing system, information processing apparatus, and information processing method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2833594A1 (en) * 2013-07-31 2015-02-04 Siemens Aktiengesellschaft Feature based three stage neural networks intrusion detection method and system
US20160127405A1 (en) * 2014-10-29 2016-05-05 Ricoh Company, Ltd. Information processing system, information processing apparatus, and information processing method

Also Published As

Publication number Publication date
GB2563280A (en) 2018-12-12
GB201709228D0 (en) 2017-07-26

Similar Documents

Publication Publication Date Title
IL272764B2 (en) Improved anomaly detection
EP3731489B8 (en) Improved network anomaly detection
GB2537457B (en) Anomaly detection in industrial communications networks
HK1245886A1 (en) Detection device and detection method
SG11201803568VA (en) Anomaly detection in a data stream
ZA201606180B (en) FAULT PROCESSING METHOD, RELATED apparatus ,AND COMPUTER
IL253523B (en) Proactive emerging threat detection
EP3144839A4 (en) Detection device, detection method and detection program
EP3159823A4 (en) Vulnerability detection device, vulnerability detection method, and vulnerability detection program
EP3101436A4 (en) Interface insertion anomaly detection circuit and method
GB201419814D0 (en) Data traffic processing and analysis
EP3369382A4 (en) Elasticity detection method and device
GB201418499D0 (en) Malware detection method
EP3401789C0 (en) Anomaly detection in time series
HK1204192A1 (en) Small cell system, related equipment and data processing method
GB201713977D0 (en) Anomaly detection
EP3176724A4 (en) Tag detection program, equipment inspection device and equipment inspection method
EP3306318A4 (en) Detection method and detection device
EP3255452A4 (en) Detection device and detection method
GB201316143D0 (en) Network anomaly detection
EP3144845A4 (en) Detection device, detection method, and detection program
EP3159693A4 (en) Detection device and method, and program
EP3312575A4 (en) Photon detection device and photon detection method
EP3376468A4 (en) Object detection device and object detection method
EP3321688A4 (en) Detection device and detection method