IN2015DN01085A - - Google Patents
Info
- Publication number
- IN2015DN01085A IN2015DN01085A IN1085DEN2015A IN2015DN01085A IN 2015DN01085 A IN2015DN01085 A IN 2015DN01085A IN 1085DEN2015 A IN1085DEN2015 A IN 1085DEN2015A IN 2015DN01085 A IN2015DN01085 A IN 2015DN01085A
- Authority
- IN
- India
- Prior art keywords
- cluster
- host
- flow data
- network flow
- hosts
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A system and method for spammer host detection from network flow data profiles comprises constructing one or more cluster profiles and detecting spammer hosts. Construction cluster profiles comprises observing network flow data from one or more hosts; for each host representing the network flow data associated with the host as a multidimensional vector; clustering the vectors of the hosts into the plurality of cluster profiles; annotating each cluster profile using at least one of black lists and white lists; and calculating a confidence in each cluster profile annotation. Detecting spammer hosts comprises observing the network flow data from a new host; representing the network flow data associated with the new host as a multidimensional vector and placing the new multidimensional vector of the new host into one cluster profile of the one or more cluster profiles.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/547,174 US8769677B2 (en) | 2012-07-12 | 2012-07-12 | System and method for spammer host detection from network flow data profiles |
PCT/US2013/049964 WO2014011799A1 (en) | 2012-07-12 | 2013-07-10 | System and method for spammer host detection from network flow data profiles |
Publications (1)
Publication Number | Publication Date |
---|---|
IN2015DN01085A true IN2015DN01085A (en) | 2015-06-26 |
Family
ID=49915194
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
IN1085DEN2015 IN2015DN01085A (en) | 2012-07-12 | 2013-07-10 |
Country Status (5)
Country | Link |
---|---|
US (1) | US8769677B2 (en) |
EP (1) | EP2873217A4 (en) |
JP (1) | JP6053568B2 (en) |
IN (1) | IN2015DN01085A (en) |
WO (1) | WO2014011799A1 (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9959147B2 (en) | 2010-01-13 | 2018-05-01 | Vmware, Inc. | Cluster configuration through host ranking |
US8799418B2 (en) * | 2010-01-13 | 2014-08-05 | Vmware, Inc. | Cluster configuration |
US9135570B2 (en) * | 2012-02-22 | 2015-09-15 | Vencore Labs, Inc. | Active acquisition of privileged information |
US9794278B1 (en) * | 2013-12-19 | 2017-10-17 | Symantec Corporation | Network-based whitelisting approach for critical systems |
US9917751B2 (en) * | 2015-06-01 | 2018-03-13 | Lightbend, Inc. | Hierarchical service oriented application topology generation for a network |
US9954804B2 (en) | 2015-07-30 | 2018-04-24 | International Business Machines Coporation | Method and system for preemptive harvesting of spam messages |
US10397256B2 (en) | 2016-06-13 | 2019-08-27 | Microsoft Technology Licensing, Llc | Spam classification system based on network flow data |
EP3358541B1 (en) * | 2017-02-01 | 2019-07-17 | Kapsch TrafficCom AG | A method of predicting a traffic behaviour in a road system |
US10460101B2 (en) * | 2017-06-06 | 2019-10-29 | Microsoft Technology Licensing, Llc | Enriching netflow data with passive DNS data for botnet detection |
CN113556308B (en) * | 2020-04-23 | 2022-09-30 | 深信服科技股份有限公司 | Method, system, equipment and computer storage medium for detecting flow security |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060015942A1 (en) * | 2002-03-08 | 2006-01-19 | Ciphertrust, Inc. | Systems and methods for classification of messaging entities |
US7949716B2 (en) * | 2007-01-24 | 2011-05-24 | Mcafee, Inc. | Correlation and analysis of entity attributes |
US20090089244A1 (en) | 2007-09-27 | 2009-04-02 | Yahoo! Inc. | Method of detecting spam hosts based on clustering the host graph |
US20090089285A1 (en) | 2007-09-28 | 2009-04-02 | Yahoo! Inc. | Method of detecting spam hosts based on propagating prediction labels |
US20090089373A1 (en) | 2007-09-28 | 2009-04-02 | Yahoo! Inc. | System and method for identifying spam hosts using stacked graphical learning |
US8745731B2 (en) | 2008-04-03 | 2014-06-03 | Microsoft Corporation | Clustering botnet behavior using parameterized models |
JP2009302823A (en) * | 2008-06-12 | 2009-12-24 | Nec Biglobe Ltd | E-mail system, e-mail transfer method and program |
US8170966B1 (en) * | 2008-11-04 | 2012-05-01 | Bitdefender IPR Management Ltd. | Dynamic streaming message clustering for rapid spam-wave detection |
US8438638B2 (en) * | 2010-04-08 | 2013-05-07 | At&T Intellectual Property I, L.P. | Bot-network detection based on simple mail transfer protocol (SMTP) characteristics of e-mail senders within IP address aggregates |
-
2012
- 2012-07-12 US US13/547,174 patent/US8769677B2/en active Active
-
2013
- 2013-02-26 JP JP2013035868A patent/JP6053568B2/en not_active Expired - Fee Related
- 2013-07-10 EP EP13816019.7A patent/EP2873217A4/en not_active Withdrawn
- 2013-07-10 WO PCT/US2013/049964 patent/WO2014011799A1/en active Application Filing
- 2013-07-10 IN IN1085DEN2015 patent/IN2015DN01085A/en unknown
Also Published As
Publication number | Publication date |
---|---|
JP2014023144A (en) | 2014-02-03 |
EP2873217A1 (en) | 2015-05-20 |
US8769677B2 (en) | 2014-07-01 |
JP6053568B2 (en) | 2016-12-27 |
US20140020066A1 (en) | 2014-01-16 |
WO2014011799A1 (en) | 2014-01-16 |
EP2873217A4 (en) | 2016-03-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
IN2015DN01085A (en) | ||
WO2016178088A3 (en) | Systems and methods for detecting and reacting to malicious activity in computer networks | |
WO2013084068A3 (en) | System and method for identifying related events in a resource network monitoring system | |
GB2509036A (en) | Providing a network-accessible malware analysis | |
GB2529774A (en) | Methods and systems for improved document comparison | |
MX348693B (en) | Method and system for tagging information about image, apparatus and computer-readable recording medium thereof. | |
WO2013172898A3 (en) | System for detecting, analyzing, and controlling infiltration of computer and network systems | |
WO2013077987A3 (en) | Management of privacy settings for a user device | |
GB2485121A (en) | Dynamically managing a social network | |
PH12014502159A1 (en) | Method, system, and apparatus for exchanging data between client devices | |
WO2013108043A3 (en) | Improved positioning system | |
MX342021B (en) | System for automatic structure footprint detection from oblique imagery. | |
MX343875B (en) | Method and system for determining image similarity. | |
GB201109873D0 (en) | Object detection metadata | |
WO2014047465A3 (en) | Collision prediction | |
WO2014146086A3 (en) | Computer-based method and system of analyzing, editing and improving content | |
MX352127B (en) | Real-world view of location-associated social data. | |
NZ629509A (en) | Family networks | |
WO2011156799A8 (en) | Detecting state estimation network model data errors | |
PH12016501476A1 (en) | Method and apparatus for social relation analysis and management | |
EP2811417A3 (en) | Systems and methods for synchronizing geographic information system (GIS) network models | |
PH12016501255A1 (en) | Improved molecular breeding methods | |
IN2014DN05680A (en) | ||
EP2685695A4 (en) | Method, system and computer storage medium for displaying microblog wall | |
MY187577A (en) | Method and system for recognizing faces |