JP2017143578A - 異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 - Google Patents
異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 Download PDFInfo
- Publication number
- JP2017143578A JP2017143578A JP2017088048A JP2017088048A JP2017143578A JP 2017143578 A JP2017143578 A JP 2017143578A JP 2017088048 A JP2017088048 A JP 2017088048A JP 2017088048 A JP2017088048 A JP 2017088048A JP 2017143578 A JP2017143578 A JP 2017143578A
- Authority
- JP
- Japan
- Prior art keywords
- network
- model
- edge
- graph
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/02—Knowledge representation; Symbolic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/02—Knowledge representation; Symbolic representation
- G06N5/022—Knowledge engineering; Knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/04—Inference or reasoning models
- G06N5/045—Explanation of inference; Explainable artificial intelligence [XAI]; Interpretable artificial intelligence
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/01—Probabilistic graphical models, e.g. probabilistic networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/0001—Systems modifying transmission characteristics according to link quality, e.g. power backoff
- H04L1/0015—Systems modifying transmission characteristics according to link quality, e.g. power backoff characterised by the adaptation strategy
- H04L1/0019—Systems modifying transmission characteristics according to link quality, e.g. power backoff characterised by the adaptation strategy in which mode-switching is based on a statistical approach
- H04L1/002—Algorithms with memory of the previous states, e.g. Markovian models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/144—Detection or countermeasures against botnets
Abstract
Description
function ENUMERATE(E, K):
// E = グラフを表す辺のリスト
// K = 列挙する道の整数長
for each edge A in E: // Aはグラフ内のある辺
list P[l] = A // Aが道内の最初の辺になる
RECURSE(E, P, 1, K) // 追加の辺を再帰的に付加する
function RECURS E(E, P, L, K):
// E = グラフを表す辺のリスト
// P = 道を表す辺のリスト
// L = Pの整数長
// K = 列挙する道の整数長
edge A = P[L] // Aは道内の最後の辺
for each edge B in E: // Bはグラフ内のある辺
if A[2] = B[1] then:
P[L+1] = B // Bが道内の最後の辺になる
if L+1 == K:
EMIT(P) // k縦続道が見付かった
else:
RECURSE(E, P, L+l, K) // 追加の辺を再帰的に付加
Claims (22)
- 計算システムが,正常活動レベルを決定するために網の上の各辺の基本統計モデルの過去のパラメータを決定するステップと,
前記計算システムが,前記網を表すグラフの一部として前記網内の複数のk縦続道を列挙するステップであって,前記網内の各計算システムは前記グラフ内のノードを為し,二つの計算システム間の一連のコネクションは,前記網内の有向辺を為す,ステップと,
前記計算システムが,前記グラフ内の前記複数のk縦続道に時間のスライド窓ベースで観測マルコフモデル(OMM)又は隠れマルコフモデル(HMM)を適用するステップと,
前記計算システムが,前記の適用されたOMM又はHMMに基づいて異常振舞を検出するステップと,
を有する計算機で実現される方法。 - 前記の検出された異常振舞に属するデータを利用者に表示するステップを更に有する,請求項1に記載の計算機で実現される方法。
- 前記OMM又は前記HMMは2状態モデルを有し,
「オン」状態は利用者の存在を示し,
「オフ」状態は前記利用者の不在を示す,請求項1に記載の計算機で実現される方法。 - 前記計算システムは,少なくとも二つの辺種別を考慮に入れて前記過去のパラメータを決定する,請求項1に記載の計算機で実現される方法。
- 第1辺種別は個別モデルを推定するために十分なデータを有する要素辺を有し,
第2辺種別は,要素辺であって該要素辺の個別モデルを推定するために十分なデータがない,要素辺を有する,請求項4に記載の計算機で実現される方法。 - 前記第2辺種別は,モデルが低カウント辺に過度に敏感でないことを確実にするために,平均ベクトルによってパラメータ化される,請求項5に記載の計算機で実現される方法。
- 前記計算システムが,前記網内の対応するホストによって送受信された網通信に属する複数のホストエージェントから異常に属するデータを収集するステップと,
所定の期間内の異常振舞を検出するために前記の収集したデータを分析するステップと,
を更に有する,請求項1に記載の計算機で実現される方法。 - 少なくとも一つプロセッサと,
計算機プログラム命令を記憶するメモリであって,前記命令は,前記少なくとも一つのプロセッサで実行されたとき,前記少なくとも一つのプロセッサに,
正常活動レベルを決定するために網の上の各辺の基本統計モデルの過去のパラメータを決定し,
前記網を表すグラフの一部として前記網内の複数のk縦続道を列挙し,前記網内の各計算システムは前記グラフ内のノードを為し,二つの計算システム間の一連のコネクションは,前記網内の有向辺を為し,
前記グラフ内の前記複数のk縦続道に時間のスライド窓ベースで統計モデルを適用し,
前記の適用された統計モデルに基づいて異常振舞を検出させる,
ように構成される,装置。 - 前記計算機プログラム命令は,前記少なくとも一つのプロセッサに,前記の検出された異常振舞に属するデータを利用者に表示させるように更に構成される,請求項8に記載の装置。
- 前記統計モデルは,観測マルコフモデル(OMM)又は隠れマルコフモデル(HMM)を為す,請求項8に記載の装置。
- 前記OMM又は前記HMMは2状態モデルを有し,
「オン」状態は利用者の存在を示し,
「オフ」状態は前記利用者の不在を示す,請求項10に記載の装置。 - 前記計算機プログラム命令は,前記少なくとも一つのプロセッサに,少なくとも二つの辺種別を考慮に入れて,前記過去のパラメータを決定させるように更に構成される,請求項8に記載の装置。
- 第1辺種別は個別モデルを推定するために十分なデータを有する要素辺を有し,
第2辺種別は,要素辺であって該要素辺の個別モデルを推定するために十分なデータがない,要素辺を有する,請求項12に記載の装置。 - 前記第2辺種別は,モデルが低カウント辺に過度に敏感でないことを確実にするために,平均ベクトルによってパラメータ化される,請求項13に記載の装置。
- 前記計算機プログラム命令は,前記少なくとも一つのプロセッサに,
前記網内の対応するホストによって送受信された網通信に属する複数のホストエージェントから異常に属するデータを収集し,
所定の期間内の異常を検出するために前記の収集したデータを分析させる,
ように更に構成される,請求項8に記載の装置。 - 網内の異常振舞を検出するように構成された計算機プログラム命令を記憶するメモリと,
前記の記憶された計算機プログラム命令を実行するように構成された複数の処理コアと,を備えるシステムであって,前記複数の処理コアは,
正常活動レベルを決定するために網の上の各辺の基本統計モデルの過去のパラメータを決定し,
前記網を表すグラフの一部として前記網内の複数のk縦続道を列挙し,前記網内の各計算システムは前記グラフ内のノードを為し,二つの計算システム間の一連のコネクションは,前記網内の有向辺を為し,
前記グラフ内の前記複数のk縦続道に時間のスライド窓ベースで統計モデルを適用し,
前記の適用された統計モデルに基づいて,異常振舞を検出する,
ように構成される,システム。 - 前記複数の処理コアは,前記の検出された異常振舞に属するデータを利用者に表示するように更に構成される,請求項16に記載のシステム。
- 前記統計モデルは,観測マルコフモデル(OMM)又は隠れマルコフモデル(HMM)を為す,請求項16に記載のシステム。
- 前記OMM又は前記HMMは2状態モデルを有し,
「オン」状態は利用者の存在を示し,
「オフ」状態は前記利用者の不在を示す,請求項18に記載のシステム。 - 前記複数の処理コアは,少なくとも二つの辺種別を考慮に入れて,前記過去のパラメータを決定するように更に構成され,
第1辺種別は個別モデルを推定するために十分なデータを有する要素辺を有し,
第2辺種別は,要素辺であって該要素辺の個別モデルを推定するために十分なデータがない,要素辺を有する,請求項16に記載のシステム。 - 前記第2辺種別は,モデルが低カウント辺に過度に敏感でないことを確実にするために,平均ベクトルによってパラメータ化される,請求項20に記載のシステム。
- 前記複数の処理コアは,
前記網内の対応するホストによって送受信された網通信に属する複数のホストエージェントから異常に属するデータを収集し,
所定の期間内の異常振舞を検出するために前記の収集したデータを分析する,ように更に構成される,請求項16に記載のシステム。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201261614148P | 2012-03-22 | 2012-03-22 | |
US61/614,148 | 2012-03-22 |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2015501780A Division JP6139656B2 (ja) | 2012-03-22 | 2013-03-14 | 異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2017143578A true JP2017143578A (ja) | 2017-08-17 |
JP6378395B2 JP6378395B2 (ja) | 2018-08-22 |
Family
ID=49213611
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2015501780A Expired - Fee Related JP6139656B2 (ja) | 2012-03-22 | 2013-03-14 | 異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 |
JP2015501782A Expired - Fee Related JP6148323B2 (ja) | 2012-03-22 | 2013-03-14 | 計算機ネットワークにおいて調整グループ攻撃を識別する異常検出 |
JP2017088048A Expired - Fee Related JP6378395B2 (ja) | 2012-03-22 | 2017-04-27 | 異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2015501780A Expired - Fee Related JP6139656B2 (ja) | 2012-03-22 | 2013-03-14 | 異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 |
JP2015501782A Expired - Fee Related JP6148323B2 (ja) | 2012-03-22 | 2013-03-14 | 計算機ネットワークにおいて調整グループ攻撃を識別する異常検出 |
Country Status (7)
Country | Link |
---|---|
US (11) | US9560065B2 (ja) |
EP (3) | EP2828752B1 (ja) |
JP (3) | JP6139656B2 (ja) |
CN (2) | CN104303152B (ja) |
AU (8) | AU2013272215B2 (ja) |
CA (2) | CA2868054C (ja) |
WO (2) | WO2013184206A2 (ja) |
Families Citing this family (131)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU2013272215B2 (en) | 2012-03-22 | 2017-10-12 | Imperial Innovations Limited | Anomaly detection to identify coordinated group attacks in computer networks |
US20140041032A1 (en) * | 2012-08-01 | 2014-02-06 | Opera Solutions, Llc | System and Method for Detecting Network Intrusions Using Statistical Models and a Generalized Likelihood Ratio Test |
US9813307B2 (en) * | 2013-01-28 | 2017-11-07 | Rackspace Us, Inc. | Methods and systems of monitoring failures in a distributed network system |
US9483334B2 (en) * | 2013-01-28 | 2016-11-01 | Rackspace Us, Inc. | Methods and systems of predictive monitoring of objects in a distributed network system |
US9397902B2 (en) | 2013-01-28 | 2016-07-19 | Rackspace Us, Inc. | Methods and systems of tracking and verifying records of system change events in a distributed network system |
EP2785008A1 (en) * | 2013-03-29 | 2014-10-01 | British Telecommunications public limited company | Method and apparatus for detecting a multi-stage event |
EP2785009A1 (en) * | 2013-03-29 | 2014-10-01 | British Telecommunications public limited company | Method and apparatus for detecting a multi-stage event |
US8996889B2 (en) * | 2013-03-29 | 2015-03-31 | Dropbox, Inc. | Portable computing device with methodologies for client-side analytic data collection |
US9443075B2 (en) * | 2013-06-27 | 2016-09-13 | The Mitre Corporation | Interception and policy application for malicious communications |
EP2975538B1 (en) * | 2014-01-31 | 2020-11-25 | Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. | Computer-implemented method and apparatus for determining relevance of a node in a network |
US11782995B2 (en) * | 2014-01-31 | 2023-10-10 | MAX-PLANCK-Gesellschaft zur Förderung der Wissenschaften e.V. | Computer-implemented method and apparatus for determining a relevance of a node in a network |
WO2016022705A1 (en) * | 2014-08-05 | 2016-02-11 | AttackIQ, Inc. | Cyber security posture validation platform |
US10666676B1 (en) * | 2014-08-18 | 2020-05-26 | Trend Micro Incorporated | Detection of targeted email attacks |
EP3200115B1 (en) * | 2014-10-14 | 2019-01-09 | Nippon Telegraph and Telephone Corporation | Specification device, specification method, and specification program |
PL3095034T3 (pl) | 2014-10-21 | 2019-11-29 | Ironnet Cybersecurity Inc | Układ zabezpieczeń cybernetycznych |
WO2016164050A1 (en) * | 2015-04-10 | 2016-10-13 | Hewlett Packard Enterprise Development Lp | Network anomaly detection |
US10305917B2 (en) * | 2015-04-16 | 2019-05-28 | Nec Corporation | Graph-based intrusion detection using process traces |
US10476754B2 (en) * | 2015-04-16 | 2019-11-12 | Nec Corporation | Behavior-based community detection in enterprise information networks |
US10015175B2 (en) * | 2015-04-16 | 2018-07-03 | Los Alamos National Security, Llc | Detecting anomalous behavior via user authentication graphs |
WO2016190868A1 (en) * | 2015-05-28 | 2016-12-01 | Hewlett Packard Enterprise Development Lp | Processing network data using a graph data structure |
EP3287909B1 (en) * | 2015-06-02 | 2019-07-03 | Nippon Telegraph and Telephone Corporation | Access classification device, access classification method, and access classification program |
US9779222B2 (en) * | 2015-06-25 | 2017-10-03 | Extreme Networks, Inc. | Secure management of host connections |
US10430721B2 (en) * | 2015-07-27 | 2019-10-01 | Pivotal Software, Inc. | Classifying user behavior as anomalous |
US10425447B2 (en) * | 2015-08-28 | 2019-09-24 | International Business Machines Corporation | Incident response bus for data security incidents |
US20220255926A1 (en) * | 2015-10-28 | 2022-08-11 | Qomplx, Inc. | Event-triggered reauthentication of at-risk and compromised systems and accounts |
US10673887B2 (en) * | 2015-10-28 | 2020-06-02 | Qomplx, Inc. | System and method for cybersecurity analysis and score generation for insurance purposes |
US20210281609A1 (en) * | 2015-10-28 | 2021-09-09 | Qomplx, Inc. | Rating organization cybersecurity using probe-based network reconnaissance techniques |
US20210226928A1 (en) * | 2015-10-28 | 2021-07-22 | Qomplx, Inc. | Risk analysis using port scanning for multi-factor authentication |
US11070592B2 (en) | 2015-10-28 | 2021-07-20 | Qomplx, Inc. | System and method for self-adjusting cybersecurity analysis and score generation |
US11297109B2 (en) | 2015-10-28 | 2022-04-05 | Qomplx, Inc. | System and method for cybersecurity reconnaissance, analysis, and score generation using distributed systems |
US10560483B2 (en) * | 2015-10-28 | 2020-02-11 | Qomplx, Inc. | Rating organization cybersecurity using active and passive external reconnaissance |
US11563741B2 (en) * | 2015-10-28 | 2023-01-24 | Qomplx, Inc. | Probe-based risk analysis for multi-factor authentication |
US11388198B2 (en) | 2015-10-28 | 2022-07-12 | Qomplx, Inc. | Collaborative database and reputation management in adversarial information environments |
US11468368B2 (en) * | 2015-10-28 | 2022-10-11 | Qomplx, Inc. | Parametric modeling and simulation of complex systems using large datasets and heterogeneous data structures |
US10742647B2 (en) * | 2015-10-28 | 2020-08-11 | Qomplx, Inc. | Contextual and risk-based multi-factor authentication |
US11968239B2 (en) | 2015-10-28 | 2024-04-23 | Qomplx Llc | System and method for detection and mitigation of data source compromises in adversarial information environments |
NL2015680B1 (en) * | 2015-10-29 | 2017-05-31 | Opt/Net Consulting B V | Anomaly detection in a data stream. |
CN105426764A (zh) * | 2015-11-16 | 2016-03-23 | 北京航空航天大学 | 一种基于子模优化的并行异常子图检测方法与系统 |
US10375095B1 (en) * | 2015-11-20 | 2019-08-06 | Triad National Security, Llc | Modeling behavior in a network using event logs |
US9985982B1 (en) * | 2015-12-21 | 2018-05-29 | Cisco Technology, Inc. | Method and apparatus for aggregating indicators of compromise for use in network security |
US10148690B2 (en) * | 2015-12-21 | 2018-12-04 | Symantec Corporation | Accurate real-time identification of malicious BGP hijacks |
US11868853B2 (en) * | 2016-02-26 | 2024-01-09 | Nippon Telegraph And Telephone Corporation | Analysis device, analysis method, and analysis program |
CN105824754B (zh) * | 2016-03-17 | 2018-11-13 | 广州多益网络股份有限公司 | 客户端程序的Python异常捕获和上传的方法 |
US10333815B2 (en) * | 2016-03-17 | 2019-06-25 | Nec Corporation | Real-time detection of abnormal network connections in streaming data |
US10389741B2 (en) * | 2016-03-24 | 2019-08-20 | Cisco Technology, Inc. | Edge-based detection of new and unexpected flows |
US10218727B2 (en) | 2016-03-24 | 2019-02-26 | Cisco Technology, Inc. | Sanity check of potential learned anomalies |
US10389606B2 (en) * | 2016-03-25 | 2019-08-20 | Cisco Technology, Inc. | Merging of scored records into consistent aggregated anomaly messages |
US10826933B1 (en) * | 2016-03-31 | 2020-11-03 | Fireeye, Inc. | Technique for verifying exploit/malware at malware detection appliance through correlation with endpoints |
US10893059B1 (en) | 2016-03-31 | 2021-01-12 | Fireeye, Inc. | Verification and enhancement using detection systems located at the network periphery and endpoint devices |
CN105871865A (zh) * | 2016-04-26 | 2016-08-17 | 浪潮集团有限公司 | 基于OpenFlow的IaaS云安全状态转移分析系统 |
US11212297B2 (en) | 2016-06-17 | 2021-12-28 | Nippon Telegraph And Telephone Corporation | Access classification device, access classification method, and recording medium |
ES2728337T3 (es) | 2016-07-14 | 2019-10-23 | Ironnet Cybersecurity Inc | Simulación y realidad virtual basada en sistemas de comportamiento cibernético |
EP3507725A4 (en) * | 2016-08-31 | 2020-05-06 | 3M Innovative Properties Company | SYSTEMS AND METHODS FOR MODELING, ANALYZING, DETECTING AND MONITORING FLUID NETWORKS |
EP3291120B1 (en) | 2016-09-06 | 2021-04-21 | Accenture Global Solutions Limited | Graph database analysis for network anomaly detection systems |
US10476896B2 (en) * | 2016-09-13 | 2019-11-12 | Accenture Global Solutions Limited | Malicious threat detection through time series graph analysis |
US10129274B2 (en) * | 2016-09-22 | 2018-11-13 | Adobe Systems Incorporated | Identifying significant anomalous segments of a metrics dataset |
TWI648650B (zh) * | 2017-07-20 | 2019-01-21 | 中華電信股份有限公司 | 閘道裝置、其惡意網域與受駭主機的偵測方法及非暫態電腦可讀取媒體 |
CN107483438A (zh) * | 2017-08-15 | 2017-12-15 | 山东华诺网络科技有限公司 | 一种基于大数据的网络安全态势感知预警系统和方法 |
US11122066B2 (en) * | 2017-09-26 | 2021-09-14 | Jpmorgan Chase Bank, N.A. | Cyber security enhanced monitoring |
BR112020007076B1 (pt) * | 2017-11-08 | 2021-02-23 | Tetra Laval Holdings & Finance S.A | método para determinar um nível de risco microbiológico em um lote de alimentos, mídia legível por computador, e, sistema para determinar um nível de risco microbiológico em um lote de alimentos |
US11184369B2 (en) * | 2017-11-13 | 2021-11-23 | Vectra Networks, Inc. | Malicious relay and jump-system detection using behavioral indicators of actors |
US10567156B2 (en) | 2017-11-30 | 2020-02-18 | Bank Of America Corporation | Blockchain-based unexpected data detection |
CN108234492B (zh) * | 2018-01-02 | 2020-05-22 | 国网四川省电力公司信息通信公司 | 考虑负荷数据虚假注入的电力信息物理协同攻击分析方法 |
AT520746B1 (de) * | 2018-02-20 | 2019-07-15 | Ait Austrian Inst Tech Gmbh | Verfahren zur Erkennung von anormalen Betriebszuständen |
US11296960B2 (en) | 2018-03-08 | 2022-04-05 | Nicira, Inc. | Monitoring distributed applications |
DE102018206737A1 (de) * | 2018-05-02 | 2019-11-07 | Robert Bosch Gmbh | Verfahren und Vorrichtung zur Kalibrierung eines Systems zur Erkennung von Eindringversuchen in einem Rechnernetzwerk |
CN108990089B (zh) * | 2018-06-21 | 2022-02-22 | 中国铁道科学研究院集团有限公司通信信号研究所 | 移动通信网络多探测窗口联合检测分析方法 |
RU2697958C1 (ru) * | 2018-06-29 | 2019-08-21 | Акционерное общество "Лаборатория Касперского" | Система и способ обнаружения вредоносной активности на компьютерной системе |
AU2019319155A1 (en) * | 2018-08-07 | 2021-03-18 | Triad National Security, Llc | Modeling anomalousness of new subgraphs observed locally in a dynamic graph based on subgraph attributes |
US11122065B2 (en) | 2018-08-14 | 2021-09-14 | Vmware, Inc. | Adaptive anomaly detection for computer systems |
US10684909B1 (en) * | 2018-08-21 | 2020-06-16 | United States Of America As Represented By Secretary Of The Navy | Anomaly detection for preserving the availability of virtualized cloud services |
US11005868B2 (en) * | 2018-09-21 | 2021-05-11 | Mcafee, Llc | Methods, systems, and media for detecting anomalous network activity |
US11171975B2 (en) * | 2018-09-25 | 2021-11-09 | Cisco Technology, Inc. | Dynamic inspection of networking dependencies to enhance anomaly detection models in a network assurance service |
US11228603B1 (en) * | 2018-09-27 | 2022-01-18 | Juniper Networks, Inc. | Learning driven dynamic threat treatment for a software defined networking environment |
US11941054B2 (en) * | 2018-10-12 | 2024-03-26 | International Business Machines Corporation | Iterative constraint solving in abstract graph matching for cyber incident reasoning |
US11184374B2 (en) | 2018-10-12 | 2021-11-23 | International Business Machines Corporation | Endpoint inter-process activity extraction and pattern matching |
US10956566B2 (en) | 2018-10-12 | 2021-03-23 | International Business Machines Corporation | Multi-point causality tracking in cyber incident reasoning |
US11194910B2 (en) * | 2018-11-02 | 2021-12-07 | Microsoft Technology Licensing, Llc | Intelligent system for detecting multistage attacks |
CN109302418B (zh) * | 2018-11-15 | 2021-11-12 | 东信和平科技股份有限公司 | 一种基于深度学习的恶意域名检测方法及装置 |
EP3663951B1 (en) | 2018-12-03 | 2021-09-15 | British Telecommunications public limited company | Multi factor network anomaly detection |
WO2020114922A1 (en) | 2018-12-03 | 2020-06-11 | British Telecommunications Public Limited Company | Detecting anomalies in computer networks |
EP3891637A1 (en) | 2018-12-03 | 2021-10-13 | British Telecommunications public limited company | Detecting vulnerability change in software systems |
CN109753797B (zh) * | 2018-12-10 | 2020-11-03 | 中国科学院计算技术研究所 | 针对流式图的密集子图检测方法及系统 |
EP3681124B8 (en) * | 2019-01-09 | 2022-02-16 | British Telecommunications public limited company | Anomalous network node behaviour identification using deterministic path walking |
US11095540B2 (en) * | 2019-01-23 | 2021-08-17 | Servicenow, Inc. | Hybrid anomaly detection for response-time-based events in a managed network |
CN109889515B (zh) * | 2019-02-13 | 2020-08-28 | 北京航空航天大学 | 一种基于非参数统计的僵尸网络发现方法 |
US11436320B2 (en) | 2019-03-27 | 2022-09-06 | British Telecommunications Public Limited Company | Adaptive computer security |
US11449604B2 (en) * | 2019-03-27 | 2022-09-20 | British Telecommunications Public Limited Company | Computer security |
US11477225B2 (en) * | 2019-03-27 | 2022-10-18 | British Telecommunications Public Limited Company | Pre-emptive computer security |
CN110149421B (zh) * | 2019-05-30 | 2021-11-26 | 世纪龙信息网络有限责任公司 | 域名系统的异常监测方法、系统、装置和计算机设备 |
US11719563B2 (en) | 2019-07-03 | 2023-08-08 | Red Hat, Inc. | Distributed anomaly detection using combinable measurement value summaries |
CN110247932A (zh) * | 2019-07-04 | 2019-09-17 | 北京润通丰华科技有限公司 | 一种实现dns服务防御的检测系统和方法 |
US11188570B2 (en) | 2019-07-23 | 2021-11-30 | Vmware, Inc. | Using keys to aggregate flow attributes at host |
US11140090B2 (en) | 2019-07-23 | 2021-10-05 | Vmware, Inc. | Analyzing flow group attributes using configuration tags |
US11743135B2 (en) | 2019-07-23 | 2023-08-29 | Vmware, Inc. | Presenting data regarding grouped flows |
US11436075B2 (en) | 2019-07-23 | 2022-09-06 | Vmware, Inc. | Offloading anomaly detection from server to host |
US10911335B1 (en) * | 2019-07-23 | 2021-02-02 | Vmware, Inc. | Anomaly detection on groups of flows |
US11398987B2 (en) | 2019-07-23 | 2022-07-26 | Vmware, Inc. | Host-based flow aggregation |
US11288256B2 (en) | 2019-07-23 | 2022-03-29 | Vmware, Inc. | Dynamically providing keys to host for flow aggregation |
US11349876B2 (en) | 2019-07-23 | 2022-05-31 | Vmware, Inc. | Security policy recommendation generation |
US11340931B2 (en) | 2019-07-23 | 2022-05-24 | Vmware, Inc. | Recommendation generation based on selection of selectable elements of visual representation |
US11176157B2 (en) | 2019-07-23 | 2021-11-16 | Vmware, Inc. | Using keys to aggregate flows at appliance |
CN110460658B (zh) * | 2019-08-05 | 2022-05-10 | 上海红阵信息科技有限公司 | 一种基于拟态构造的分布式存储构建方法 |
TWI717831B (zh) * | 2019-09-11 | 2021-02-01 | 財團法人資訊工業策進會 | 攻擊路徑偵測方法、攻擊路徑偵測系統及非暫態電腦可讀取媒體 |
CN110602101B (zh) * | 2019-09-16 | 2021-01-01 | 北京三快在线科技有限公司 | 网络异常群组的确定方法、装置、设备及存储介质 |
US11418526B2 (en) | 2019-12-20 | 2022-08-16 | Microsoft Technology Licensing, Llc | Detecting anomalous network activity |
US11425150B1 (en) | 2020-01-10 | 2022-08-23 | Bank Of America Corporation | Lateral movement visualization for intrusion detection and remediation |
US11321213B2 (en) | 2020-01-16 | 2022-05-03 | Vmware, Inc. | Correlation key used to correlate flow and con text data |
US11503054B2 (en) * | 2020-03-05 | 2022-11-15 | Aetna Inc. | Systems and methods for identifying access anomalies using network graphs |
CN111526119B (zh) * | 2020-03-19 | 2022-06-14 | 北京三快在线科技有限公司 | 异常流量检测方法、装置、电子设备和计算机可读介质 |
US11677775B2 (en) * | 2020-04-10 | 2023-06-13 | AttackIQ, Inc. | System and method for emulating a multi-stage attack on a node within a target network |
US20210336947A1 (en) * | 2020-04-27 | 2021-10-28 | Microsoft Technology Licensing, Llc | Rogue certificate detection |
CN113628124B (zh) * | 2020-05-08 | 2024-01-16 | 深圳清华大学研究院 | Isp与视觉任务联合优化方法、系统、介质和电子设备 |
US11831664B2 (en) | 2020-06-03 | 2023-11-28 | Netskope, Inc. | Systems and methods for anomaly detection |
US11556636B2 (en) | 2020-06-30 | 2023-01-17 | Microsoft Technology Licensing, Llc | Malicious enterprise behavior detection tool |
EP3945708A1 (de) * | 2020-07-29 | 2022-02-02 | Siemens Aktiengesellschaft | Dynamisches vorhalten von kontextabhängigen rechnergestützten funktionalitäten in mobilen, verteilten edge clouds |
US20220091572A1 (en) * | 2020-09-22 | 2022-03-24 | Rockwell Automation Technologies, Inc. | Integrating container orchestration systems with operational technology devices |
CN112187833B (zh) * | 2020-11-09 | 2021-12-17 | 浙江大学 | 一种拟态waf中的ai+正则双匹配检测方法 |
US20220167171A1 (en) * | 2020-11-20 | 2022-05-26 | At&T Intellectual Property I, L.P. | Security anomaly detection for internet of things devices |
CN112769595B (zh) * | 2020-12-22 | 2023-05-09 | 阿波罗智联(北京)科技有限公司 | 异常检测方法、装置、电子设备及可读存储介质 |
US20220229903A1 (en) * | 2021-01-21 | 2022-07-21 | Intuit Inc. | Feature extraction and time series anomaly detection over dynamic graphs |
US11785032B2 (en) | 2021-01-22 | 2023-10-10 | Vmware, Inc. | Security threat detection based on network flow analysis |
US11765195B2 (en) | 2021-02-16 | 2023-09-19 | Icf International | Distributed network-level probabilistic attack graph generation |
JP2022168612A (ja) * | 2021-04-26 | 2022-11-08 | シャープ株式会社 | 機器管理システム、機器管理方法、及び機器管理プログラム |
US11831667B2 (en) | 2021-07-09 | 2023-11-28 | Vmware, Inc. | Identification of time-ordered sets of connections to identify threats to a datacenter |
CN113254674B (zh) * | 2021-07-12 | 2021-11-30 | 深圳市永达电子信息股份有限公司 | 一种网络安全设备知识推理方法、装置、系统及存储介质 |
US11949701B2 (en) | 2021-08-04 | 2024-04-02 | Microsoft Technology Licensing, Llc | Network access anomaly detection via graph embedding |
US11792151B2 (en) | 2021-10-21 | 2023-10-17 | Vmware, Inc. | Detection of threats based on responses to name resolution requests |
CN114884688B (zh) * | 2022-03-28 | 2023-07-04 | 天津大学 | 一种跨多属性网络的联邦异常检测方法 |
US20240012802A1 (en) * | 2022-07-08 | 2024-01-11 | Salesforce, Inc. | Mechanisms for serializing triples of a database store |
CN117851959A (zh) * | 2024-03-07 | 2024-04-09 | 中国人民解放军国防科技大学 | 基于fhgs的动态网络子图异常检测方法、装置和设备 |
Family Cites Families (56)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6671811B1 (en) | 1999-10-25 | 2003-12-30 | Visa Internation Service Association | Features generation for use in computer network intrusion detection |
US7113988B2 (en) | 2000-06-29 | 2006-09-26 | International Business Machines Corporation | Proactive on-line diagnostics in a manageable network |
CA2430571C (en) | 2000-11-30 | 2011-07-12 | Lancope, Inc. | Flow-based detection of network intrusions |
US7168093B2 (en) | 2001-01-25 | 2007-01-23 | Solutionary, Inc. | Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures |
US7228566B2 (en) | 2001-07-10 | 2007-06-05 | Core Sdi, Incorporated | Automated computer system security compromise |
US6647975B2 (en) * | 2001-12-05 | 2003-11-18 | Terry Whitfield | Convertible ball projecting apparatus having a replaceable fork assembly |
ATE374493T1 (de) | 2002-03-29 | 2007-10-15 | Global Dataguard Inc | Adaptive verhaltensbezogene eindringdetektion |
US7603711B2 (en) * | 2002-10-31 | 2009-10-13 | Secnap Networks Security, LLC | Intrusion detection system |
US20040122803A1 (en) | 2002-12-19 | 2004-06-24 | Dom Byron E. | Detect and qualify relationships between people and find the best path through the resulting social network |
US7483972B2 (en) | 2003-01-08 | 2009-01-27 | Cisco Technology, Inc. | Network security monitoring system |
US8386377B1 (en) | 2003-05-12 | 2013-02-26 | Id Analytics, Inc. | System and method for credit scoring using an identity network connectivity |
JP3922375B2 (ja) | 2004-01-30 | 2007-05-30 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 異常検出システム及びその方法 |
US20050203881A1 (en) * | 2004-03-09 | 2005-09-15 | Akio Sakamoto | Database user behavior monitor system and method |
EP1589716A1 (en) * | 2004-04-20 | 2005-10-26 | Ecole Polytechnique Fédérale de Lausanne (EPFL) | Method of detecting anomalous behaviour in a computer network |
US20060053136A1 (en) | 2004-08-09 | 2006-03-09 | Amir Ashiri | Method and system for analyzing multidimensional data |
US7941856B2 (en) * | 2004-12-06 | 2011-05-10 | Wisconsin Alumni Research Foundation | Systems and methods for testing and evaluating an intrusion detection system |
WO2006069495A1 (en) | 2004-12-31 | 2006-07-06 | Intel Corporation | Data partitioning and critical section reduction for bayesian network structure learning |
US7627900B1 (en) | 2005-03-10 | 2009-12-01 | George Mason Intellectual Properties, Inc. | Attack graph aggregation |
US8077718B2 (en) | 2005-08-12 | 2011-12-13 | Microsoft Corporation | Distributed network management |
US8271412B2 (en) * | 2005-12-21 | 2012-09-18 | University Of South Carolina | Methods and systems for determining entropy metrics for networks |
US7624448B2 (en) * | 2006-03-04 | 2009-11-24 | 21St Century Technologies, Inc. | Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data |
US7530105B2 (en) * | 2006-03-21 | 2009-05-05 | 21St Century Technologies, Inc. | Tactical and strategic attack detection and prediction |
US7971252B2 (en) | 2006-06-09 | 2011-06-28 | Massachusetts Institute Of Technology | Generating a multiple-prerequisite attack graph |
US9438501B2 (en) | 2006-08-21 | 2016-09-06 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Multi-scale network traffic generator |
JP2008113409A (ja) | 2006-10-04 | 2008-05-15 | Alaxala Networks Corp | トラフィック制御システム及び管理サーバ |
US9680693B2 (en) | 2006-11-29 | 2017-06-13 | Wisconsin Alumni Research Foundation | Method and apparatus for network anomaly detection |
JPWO2008084729A1 (ja) | 2006-12-28 | 2010-04-30 | 日本電気株式会社 | アプリケーション連鎖性ウイルス及びdns攻撃発信元検知装置、その方法及びそのプログラム |
WO2009038818A2 (en) | 2007-04-12 | 2009-03-26 | Core Sdi, Incorporated | System and method for providing network penetration testing |
WO2009003126A1 (en) | 2007-06-26 | 2008-12-31 | Core Sdi, Incorporated | System and method for simulating computer network attacks |
EP2056559B1 (en) | 2007-11-02 | 2017-05-17 | Deutsche Telekom AG | Method and system for network simulation |
CN101547445B (zh) * | 2008-03-25 | 2011-06-01 | 上海摩波彼克半导体有限公司 | 移动通信网络中基于移动性进行入侵异常检测的系统和方法 |
US8844033B2 (en) * | 2008-05-27 | 2014-09-23 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for detecting network anomalies using a trained probabilistic model |
US20090319906A1 (en) | 2008-06-18 | 2009-12-24 | Eads Na Defense Security And Systems Solutions Inc | Systems and methods for reconstitution of network elements in a simulated network |
US8650630B2 (en) | 2008-09-18 | 2014-02-11 | Alcatel Lucent | System and method for exposing malicious sources using mobile IP messages |
CN101655787A (zh) * | 2009-02-24 | 2010-02-24 | 天津大学 | 加入攻击路径形式化分析的威胁建模方法 |
US20110030059A1 (en) * | 2009-07-30 | 2011-02-03 | Greenwald Lloyd G | Method for testing the security posture of a system |
US8490193B2 (en) | 2009-09-08 | 2013-07-16 | Core Security Technologies | System and method for probabilistic attack planning |
US8397298B2 (en) * | 2009-12-08 | 2013-03-12 | At&T Intellectual Property I, L.P. | Method and system for content distribution network security |
KR20110067264A (ko) | 2009-12-14 | 2011-06-22 | 성균관대학교산학협력단 | 네트워크 이상징후 탐지장치 및 방법 |
US8375255B2 (en) * | 2009-12-23 | 2013-02-12 | At&T Intellectual Property I, Lp | Device and method for detecting and diagnosing correlated network anomalies |
CN101778112B (zh) * | 2010-01-29 | 2013-01-23 | 中国科学院软件研究所 | 一种网络攻击检测方法 |
JP5532241B2 (ja) | 2010-07-15 | 2014-06-25 | 日本電信電話株式会社 | 高パケットレートフロー検出装置及び高パケットレートフロー検出方法 |
US8762298B1 (en) | 2011-01-05 | 2014-06-24 | Narus, Inc. | Machine learning based botnet detection using real-time connectivity graph based traffic features |
US8621618B1 (en) | 2011-02-07 | 2013-12-31 | Dell Products, Lp | System and method for assessing whether a communication contains an attack |
US8434150B2 (en) | 2011-03-24 | 2013-04-30 | Microsoft Corporation | Using social graphs to combat malicious attacks |
US8627473B2 (en) * | 2011-06-08 | 2014-01-07 | At&T Intellectual Property I, L.P. | Peer-to-peer (P2P) botnet tracking at backbone level |
US8955133B2 (en) | 2011-06-09 | 2015-02-10 | Microsoft Corporation | Applying antimalware logic without revealing the antimalware logic to adversaries |
EP2737404A4 (en) | 2011-07-26 | 2015-04-29 | Light Cyber Ltd | METHOD FOR DETECTING AN ANALYSIS ACTION WITHIN A COMPUTER NETWORK |
US9792430B2 (en) | 2011-11-03 | 2017-10-17 | Cyphort Inc. | Systems and methods for virtualized malware detection |
US9450973B2 (en) | 2011-11-21 | 2016-09-20 | At&T Intellectual Property I, L.P. | Method and apparatus for machine to machine network security monitoring in a communications network |
US8588764B1 (en) | 2012-01-26 | 2013-11-19 | Sprint Communications Company L.P. | Wireless network edge guardian |
AU2013272215B2 (en) | 2012-03-22 | 2017-10-12 | Imperial Innovations Limited | Anomaly detection to identify coordinated group attacks in computer networks |
US8863293B2 (en) | 2012-05-23 | 2014-10-14 | International Business Machines Corporation | Predicting attacks based on probabilistic game-theory |
US9710646B1 (en) | 2013-02-26 | 2017-07-18 | Palo Alto Networks, Inc. | Malware detection using clustering with malware source information |
US9185124B2 (en) | 2013-02-27 | 2015-11-10 | Sayan Chakraborty | Cyber defense systems and methods |
US9680855B2 (en) | 2014-06-30 | 2017-06-13 | Neo Prime, LLC | Probabilistic model for cyber risk forecasting |
-
2013
- 2013-03-14 AU AU2013272215A patent/AU2013272215B2/en not_active Ceased
- 2013-03-14 AU AU2013272211A patent/AU2013272211B2/en not_active Ceased
- 2013-03-14 EP EP13800081.5A patent/EP2828752B1/en active Active
- 2013-03-14 US US14/382,992 patent/US9560065B2/en active Active
- 2013-03-14 US US13/826,995 patent/US9038180B2/en active Active
- 2013-03-14 EP EP13800730.7A patent/EP2828753B1/en active Active
- 2013-03-14 US US13/826,736 patent/US9374380B2/en active Active
- 2013-03-14 CN CN201380026043.0A patent/CN104303152B/zh not_active Expired - Fee Related
- 2013-03-14 CA CA2868054A patent/CA2868054C/en not_active Expired - Fee Related
- 2013-03-14 CN CN201380026239.XA patent/CN104303153B/zh not_active Expired - Fee Related
- 2013-03-14 JP JP2015501780A patent/JP6139656B2/ja not_active Expired - Fee Related
- 2013-03-14 JP JP2015501782A patent/JP6148323B2/ja not_active Expired - Fee Related
- 2013-03-14 WO PCT/US2013/031402 patent/WO2013184206A2/en active Application Filing
- 2013-03-14 WO PCT/US2013/031463 patent/WO2013184211A2/en active Application Filing
- 2013-03-14 CA CA2868076A patent/CA2868076C/en not_active Expired - Fee Related
- 2013-03-14 EP EP19165350.0A patent/EP3522492A1/en not_active Withdrawn
-
2015
- 2015-01-30 US US14/609,836 patent/US9699206B2/en active Active
-
2016
- 2016-05-26 US US15/165,036 patent/US10122741B2/en active Active
- 2016-09-30 AU AU2016234999A patent/AU2016234999B2/en not_active Ceased
-
2017
- 2017-01-30 US US15/419,673 patent/US9825979B2/en active Active
- 2017-02-13 AU AU2017200969A patent/AU2017200969B2/en not_active Ceased
- 2017-04-27 JP JP2017088048A patent/JP6378395B2/ja not_active Expired - Fee Related
- 2017-06-29 US US15/637,475 patent/US10015183B1/en active Active
- 2017-10-30 AU AU2017254815A patent/AU2017254815B2/en not_active Ceased
- 2017-11-10 US US15/809,297 patent/US10243984B2/en active Active
-
2018
- 2018-05-15 AU AU2018203393A patent/AU2018203393B2/en not_active Ceased
- 2018-06-07 US US16/002,870 patent/US10728270B2/en active Active
- 2018-10-24 US US16/168,956 patent/US10530799B1/en not_active Expired - Fee Related
-
2019
- 2019-02-18 US US16/278,225 patent/US20190182281A1/en not_active Abandoned
- 2019-07-29 AU AU2019210493A patent/AU2019210493B2/en not_active Ceased
- 2019-08-15 AU AU2019216687A patent/AU2019216687B2/en not_active Ceased
Non-Patent Citations (1)
Title |
---|
"ホスト間通信関係構造の時系列変化に基づく異常検出", コンピュータセキュリティシンポジウム2007論文集, JPN6016040254, 31 October 2007 (2007-10-31) * |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6378395B2 (ja) | 異常部分グラフの検出のための道探査及び異常/変更検出及び網状況認知のためのdns要求及びホストエージェントの使用 | |
Kumar et al. | A Distributed framework for detecting DDoS attacks in smart contract‐based Blockchain‐IoT Systems by leveraging Fog computing | |
US10091218B2 (en) | System and method to detect attacks on mobile wireless networks based on network controllability analysis | |
US20230080471A1 (en) | Endpoint agent and system | |
Di Mauro et al. | Improving SIEM capabilities through an enhanced probe for encrypted Skype traffic detection | |
Zhan et al. | A characterization of cybersecurity posture from network telescope data | |
Thakur et al. | Detection and Prevention of Botnets and malware in an enterprise network | |
Noor et al. | An intelligent context-aware threat detection and response model for smart cyber-physical systems | |
Frankowski et al. | Application of the Complex Event Processing system for anomaly detection and network monitoring | |
Abushwereb et al. | Attack based DoS attack detection using multiple classifier | |
CN107251519B (zh) | 用于检测通信网络上的假信息的攻击的系统、方法和介质 | |
Lyu et al. | PEDDA: Practical and Effective Detection of Distributed Attacks on enterprise networks via progressive multi-stage inference | |
Nazir et al. | Combinatorial optimization based feature selection method: A study on network intrusion detection | |
Kadiravan et al. | Dynamic Network Intrusion Detection System for Virtual Machine Environment | |
Chukkayapally | DETECTION OF UDP FLOOD ATTACKS IN WIRELESS SENSOR NETWORKS BY VISUALIZATION ON PARALLEL COORDINATE PLOT | |
Mouta et al. | SPATIO: end-uSer Protection Against ioT IntrusiOns | |
Bashurov et al. | Anomaly detection in network traffic using entropy-based methods: application to various types of cyberattacks. | |
Javed | Design and Development of Intelligent Security Management Systems: Threat Detection and Response in Cyber-Based Infrastructures | |
Prashanthi et al. | Machine Learning for IoT Security: Random Forest Model for DDoS Attack Detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20180626 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20180726 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 6378395 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
LAPS | Cancellation because of no payment of annual fees |