JP2017512329A - セキュリティに関連のあるシステムオブジェクトのタグ付け - Google Patents

セキュリティに関連のあるシステムオブジェクトのタグ付け Download PDF

Info

Publication number
JP2017512329A
JP2017512329A JP2016549102A JP2016549102A JP2017512329A JP 2017512329 A JP2017512329 A JP 2017512329A JP 2016549102 A JP2016549102 A JP 2016549102A JP 2016549102 A JP2016549102 A JP 2016549102A JP 2017512329 A JP2017512329 A JP 2017512329A
Authority
JP
Japan
Prior art keywords
tag
data object
system component
tags
tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2016549102A
Other languages
English (en)
Japanese (ja)
Other versions
JP2017512329A5 (enExample
Inventor
エフ.ディール デイビット
エフ.ディール デイビット
ラモゼ−ブラサード マキシム
ラモゼ−ブラサード マキシム
Original Assignee
クラウドストライク インコーポレイテッド
クラウドストライク インコーポレイテッド
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by クラウドストライク インコーポレイテッド, クラウドストライク インコーポレイテッド filed Critical クラウドストライク インコーポレイテッド
Publication of JP2017512329A publication Critical patent/JP2017512329A/ja
Publication of JP2017512329A5 publication Critical patent/JP2017512329A5/ja
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
JP2016549102A 2014-01-31 2015-01-29 セキュリティに関連のあるシステムオブジェクトのタグ付け Pending JP2017512329A (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/169,401 2014-01-31
US14/169,401 US20150222646A1 (en) 2014-01-31 2014-01-31 Tagging Security-Relevant System Objects
PCT/US2015/013522 WO2015116819A1 (en) 2014-01-31 2015-01-29 Tagging security-relevant system objects

Publications (2)

Publication Number Publication Date
JP2017512329A true JP2017512329A (ja) 2017-05-18
JP2017512329A5 JP2017512329A5 (enExample) 2018-03-01

Family

ID=53755819

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2016549102A Pending JP2017512329A (ja) 2014-01-31 2015-01-29 セキュリティに関連のあるシステムオブジェクトのタグ付け

Country Status (7)

Country Link
US (2) US20150222646A1 (enExample)
EP (1) EP3100202B1 (enExample)
JP (1) JP2017512329A (enExample)
AU (1) AU2015210929A1 (enExample)
CA (1) CA2935764A1 (enExample)
IL (1) IL246866A0 (enExample)
WO (1) WO2015116819A1 (enExample)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8849717B2 (en) * 2009-07-09 2014-09-30 Simon Cooper Methods and systems for upgrade and synchronization of securely installed applications on a computing device
US20150222646A1 (en) 2014-01-31 2015-08-06 Crowdstrike, Inc. Tagging Security-Relevant System Objects
US9888031B2 (en) * 2014-11-19 2018-02-06 Cyber Secdo Ltd. System and method thereof for identifying and responding to security incidents based on preemptive forensics
CN106330851B (zh) * 2015-07-10 2019-12-20 腾讯科技(深圳)有限公司 基于云服务的移动终端安全信息获取、下发方法和装置
US11386041B1 (en) 2015-12-08 2022-07-12 Amazon Technologies, Inc. Policy tag management for data migration
US10594730B1 (en) * 2015-12-08 2020-03-17 Amazon Technologies, Inc. Policy tag management
JP2019511055A (ja) 2016-03-24 2019-04-18 カーボン ブラック, インコーポレイテッド サイバーセキュリティインシデントに対する応答を誘導するためのシステムおよび技術
US20170329985A1 (en) * 2016-05-10 2017-11-16 Cyber-Ark Software Ltd. Application control
US10681059B2 (en) 2016-05-25 2020-06-09 CyberOwl Limited Relating to the monitoring of network security
WO2018144612A1 (en) * 2017-01-31 2018-08-09 Experian Information Solutions, Inc. Massive scale heterogeneous data ingestion and user resolution
US10325109B2 (en) * 2017-09-14 2019-06-18 International Business Machines Corporation Automatic and dynamic selection of cryptographic modules for different security contexts within a computer network
US10594735B2 (en) 2017-09-28 2020-03-17 At&T Intellectual Property I, L.P. Tag-based security policy creation in a distributed computing environment
US10943022B2 (en) * 2018-03-05 2021-03-09 Microsoft Technology Licensing, Llc System for automatic classification and protection unified to both cloud and on-premise environments

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0944432A (ja) * 1995-05-24 1997-02-14 Fuji Xerox Co Ltd 情報処理方法および情報処理装置
JP2006119754A (ja) * 2004-10-19 2006-05-11 Fujitsu Ltd ネットワーク型ウィルス活動検出プログラム、処理方法およびシステム
WO2013164821A2 (en) * 2012-05-03 2013-11-07 Shine Security Ltd. Malicious threat detection, malicious threat prevention, and a learning systems and methods for malicious threat detection and prevention

Family Cites Families (72)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5721913A (en) * 1994-05-05 1998-02-24 Lucent Technologies Inc. Integrated activity management system
US20020156814A1 (en) * 1997-01-13 2002-10-24 Ho Bruce K. Method and apparatus for visual business computing
DE19747583B4 (de) * 1997-10-28 2006-04-20 Telefonaktiebolaget Lm Ericsson (Publ) Kommunikationssystem und Verfahren
US6088804A (en) 1998-01-12 2000-07-11 Motorola, Inc. Adaptive system and method for responding to computer network security attacks
US7418504B2 (en) 1998-10-30 2008-08-26 Virnetx, Inc. Agile network protocol for secure communications using secure domain names
US6925631B2 (en) * 2000-12-08 2005-08-02 Hewlett-Packard Development Company, L.P. Method, computer system and computer program product for processing extensible markup language streams
JP3842573B2 (ja) * 2001-03-30 2006-11-08 株式会社東芝 構造化文書検索方法、構造化文書管理装置及びプログラム
US7142651B2 (en) * 2001-11-29 2006-11-28 Ectel Ltd. Fraud detection in a distributed telecommunications networks
US7152242B2 (en) * 2002-09-11 2006-12-19 Enterasys Networks, Inc. Modular system for detecting, filtering and providing notice about attack events associated with network security
WO2005058018A2 (en) 2003-12-16 2005-06-30 Aerulean Plant Identification Systems, Inc. System and method for plant identification
US7831995B2 (en) * 2004-10-29 2010-11-09 CORE, SDI, Inc. Establishing and enforcing security and privacy policies in web-based applications
US7765410B2 (en) 2004-11-08 2010-07-27 Microsoft Corporation System and method of aggregating the knowledge base of antivirus software applications
US7478237B2 (en) * 2004-11-08 2009-01-13 Microsoft Corporation System and method of allowing user mode applications with access to file data
US7765400B2 (en) 2004-11-08 2010-07-27 Microsoft Corporation Aggregation of the knowledge base of antivirus software
US7958087B2 (en) * 2004-11-17 2011-06-07 Iron Mountain Incorporated Systems and methods for cross-system digital asset tag propagation
US7698744B2 (en) 2004-12-03 2010-04-13 Whitecell Software Inc. Secure system for allowing the execution of authorized computer program code
US8365293B2 (en) 2005-01-25 2013-01-29 Redphone Security, Inc. Securing computer network interactions between entities with authorization assurances
JP4660264B2 (ja) * 2005-04-22 2011-03-30 株式会社東芝 情報処理装置およびプログラム
US7874001B2 (en) 2005-07-15 2011-01-18 Microsoft Corporation Detecting user-mode rootkits
US20070094496A1 (en) 2005-10-25 2007-04-26 Michael Burtscher System and method for kernel-level pestware management
US8201243B2 (en) 2006-04-20 2012-06-12 Webroot Inc. Backwards researching activity indicative of pestware
US8127360B1 (en) * 2006-06-29 2012-02-28 Symantec Corporation Method and apparatus for detecting leakage of sensitive information
US7583187B1 (en) * 2006-07-11 2009-09-01 Mcafee, Inc. System, method and computer program product for automatically summarizing security events
US8190868B2 (en) 2006-08-07 2012-05-29 Webroot Inc. Malware management through kernel detection
US9111088B2 (en) * 2006-08-14 2015-08-18 Quantum Security, Inc. Policy-based physical security system for restricting access to computer resources and data flow through network equipment
US8321677B2 (en) 2006-09-21 2012-11-27 Google Inc. Pre-binding and tight binding of an on-line identity to a digital signature
GB0620855D0 (en) * 2006-10-19 2006-11-29 Dovetail Software Corp Ltd Data processing apparatus and method
US8181264B2 (en) * 2007-02-07 2012-05-15 Apple Inc. Method and apparatus for deferred security analysis
US8565799B2 (en) 2007-04-04 2013-10-22 Qualcomm Incorporated Methods and apparatus for flow data acquisition in a multi-frequency network
US8918717B2 (en) * 2007-05-07 2014-12-23 International Business Machines Corporation Method and sytem for providing collaborative tag sets to assist in the use and navigation of a folksonomy
US8065728B2 (en) 2007-09-10 2011-11-22 Wisconsin Alumni Research Foundation Malware prevention system monitoring kernel events
US7769767B2 (en) * 2007-09-27 2010-08-03 Domingo Enterprises, Llc System and method for filtering content on a mobile device based on contextual tagging
US20100312890A1 (en) 2008-02-11 2010-12-09 Dolby Laboratories Licensing Corporation Dynamic dns system for private networks
US20090216806A1 (en) 2008-02-24 2009-08-27 Allofme Ltd. Digital assets internet timeline aggregation and sharing platform
JP2009266034A (ja) 2008-04-25 2009-11-12 Hitachi Ltd 情報フロー制御システム
US8291494B1 (en) * 2008-07-08 2012-10-16 Mcafee, Inc. System, method, and computer program product for detecting unwanted activity associated with an object, based on an attribute associated with the object
GB0815587D0 (en) 2008-08-27 2008-10-01 Applied Neural Technologies Ltd Computer/network security application
US8401195B2 (en) 2008-09-22 2013-03-19 Motorola Solutions, Inc. Method of automatically populating a list of managed secure communications group members
US8234693B2 (en) 2008-12-05 2012-07-31 Raytheon Company Secure document management
KR20100078081A (ko) 2008-12-30 2010-07-08 (주) 세인트 시큐리티 커널 기반 시스템 행위 분석을 통한 알려지지 않은 악성코드 탐지 시스템 및 방법
KR101021708B1 (ko) 2009-01-20 2011-03-15 성균관대학교산학협력단 그룹키 분배 방법 및 이를 위한 서버 및 클라이언트
US8447969B2 (en) 2009-03-13 2013-05-21 Assa Abloy Ab Transfer device for sensitive material such as a cryptographic key
US8881173B2 (en) * 2009-07-23 2014-11-04 Nec Corporation Event processing system, distribution controller, event processing method, distribution control method, and program storage medium
US9098310B2 (en) * 2009-10-29 2015-08-04 International Business Machines Corporation Constructing and deploying patterns of flows
US8607339B2 (en) * 2009-11-02 2013-12-10 Red Hat, Inc. Systems and methods for improved identification and analysis of threats to a computing system
KR101038048B1 (ko) 2009-12-21 2011-06-01 한국인터넷진흥원 봇넷 악성행위 실시간 분석 시스템
US8739284B1 (en) * 2010-01-06 2014-05-27 Symantec Corporation Systems and methods for blocking and removing internet-traversing malware
US8621628B2 (en) 2010-02-25 2013-12-31 Microsoft Corporation Protecting user mode processes from improper tampering or termination
US9384112B2 (en) 2010-07-01 2016-07-05 Logrhythm, Inc. Log collection, structuring and processing
KR101329847B1 (ko) 2010-07-26 2013-11-14 주식회사 팬택 인체통신을 이용한 소셜 네트워크 서비스를 제공하는 휴대용 단말기 및 그 방법
US8462997B2 (en) * 2010-09-15 2013-06-11 Microsoft Corporation User-specific attribute customization
US8893300B2 (en) * 2010-09-20 2014-11-18 Georgia Tech Research Corporation Security systems and methods to reduce data leaks in enterprise networks
KR20120072266A (ko) 2010-12-23 2012-07-03 한국전자통신연구원 전역 네트워크 보안상황 제어 장치 및 방법
US8762298B1 (en) 2011-01-05 2014-06-24 Narus, Inc. Machine learning based botnet detection using real-time connectivity graph based traffic features
ES2442747T3 (es) * 2011-02-10 2014-02-13 Telefónica, S.A. Procedimiento y sistema para mejorar la detección de amenazas de seguridad en redes de comunicación
CN103189898B (zh) * 2011-03-22 2016-01-20 松下电器产业株式会社 移动体检测装置以及移动体检测方法
US20120246297A1 (en) 2011-03-25 2012-09-27 Vijaya Shanker Agent based monitoring for saas it service management
JP2014514651A (ja) 2011-03-28 2014-06-19 マカフィー, インコーポレイテッド バーチャルマシーンモニタベースのアンチマルウェアセキュリティのためのシステム及び方法
US8813227B2 (en) 2011-03-29 2014-08-19 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
US20120304247A1 (en) * 2011-05-25 2012-11-29 John Badger System and process for hierarchical tagging with permissions
US9043864B2 (en) * 2011-09-30 2015-05-26 Oracle International Corporation Constraint definition for conditional policy attachments
US8612405B1 (en) * 2011-09-30 2013-12-17 Emc Corporation System and method of dynamic data object upgrades
US8832162B2 (en) * 2012-03-25 2014-09-09 Think Computer Corporation Method and system for storing, categorizing and distributing information concerning relationships between data
US9081960B2 (en) 2012-04-27 2015-07-14 Ut-Battelle, Llc Architecture for removable media USB-ARM
US9043903B2 (en) * 2012-06-08 2015-05-26 Crowdstrike, Inc. Kernel-level security agent
US9069931B2 (en) * 2012-06-08 2015-06-30 Red Hat, Inc. Extending SELinux policy with enforcement of file name translation
US9047463B2 (en) * 2012-06-29 2015-06-02 Sri International Method and system for protecting data flow at a mobile device
US9292881B2 (en) 2012-06-29 2016-03-22 Crowdstrike, Inc. Social sharing of security information in a group
US20140115010A1 (en) * 2012-10-18 2014-04-24 Google Inc. Propagating information through networks
US9124637B2 (en) * 2013-01-18 2015-09-01 Apple Inc. Data protection for keychain syncing
US9270659B2 (en) 2013-11-12 2016-02-23 At&T Intellectual Property I, L.P. Open connection manager virtualization at system-on-chip
US20150222646A1 (en) 2014-01-31 2015-08-06 Crowdstrike, Inc. Tagging Security-Relevant System Objects

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0944432A (ja) * 1995-05-24 1997-02-14 Fuji Xerox Co Ltd 情報処理方法および情報処理装置
JP2006119754A (ja) * 2004-10-19 2006-05-11 Fujitsu Ltd ネットワーク型ウィルス活動検出プログラム、処理方法およびシステム
WO2013164821A2 (en) * 2012-05-03 2013-11-07 Shine Security Ltd. Malicious threat detection, malicious threat prevention, and a learning systems and methods for malicious threat detection and prevention

Also Published As

Publication number Publication date
US20170163686A1 (en) 2017-06-08
AU2015210929A1 (en) 2016-07-14
US10015199B2 (en) 2018-07-03
US20150222646A1 (en) 2015-08-06
EP3100202B1 (en) 2020-05-06
WO2015116819A1 (en) 2015-08-06
EP3100202A4 (en) 2017-10-04
IL246866A0 (en) 2016-08-31
CA2935764A1 (en) 2015-08-06
EP3100202A1 (en) 2016-12-07

Similar Documents

Publication Publication Date Title
US10015199B2 (en) Processing security-relevant events using tagged trees
US11397808B1 (en) Attack detection based on graph edge context
US10924347B1 (en) Networking device configuration value persistence
Mirza et al. CloudIntell: An intelligent malware detection system
JP6916112B2 (ja) ネットワークデータ特性評価のシステムと方法
US10614233B2 (en) Managing access to documents with a file monitor
US9798882B2 (en) Real-time model of states of monitored devices
US10630716B1 (en) Methods and system for tracking security risks over infrastructure
CN114761953A (zh) 用于对抗网络攻击的攻击活动智能和可视化
EP2939173B1 (en) Real-time representation of security-relevant system state
US10630715B1 (en) Methods and system for characterizing infrastructure security-related events
US20250117485A1 (en) Artificial intelligence (ai)-based system for detecting malware in endpoint devices using a multi-source data fusion and method thereof
US11533182B2 (en) Identity-based security platform and methods
WO2021016517A1 (en) Methods and system for identifying infrastructure attack progressions
US12470600B2 (en) Cyber twin of NGFW for security posture management
US12222928B2 (en) Pre-fetch engine for mesh data network having date micro silos
US20230229717A1 (en) Optimized real-time streaming graph queries in a distributed digital security system
US20240296224A1 (en) Pre-fetch engine with outside source security for mesh data network
US11811896B1 (en) Pre-fetch engine with security access controls for mesh data network
US12326836B2 (en) Pre-fetch engine with data expiration functionality for mesh data network
US20250254188A1 (en) Temporal profile graph for cyber behaviors (tpg)
US12464020B2 (en) AI-generated virtual file honeypots for computing systems behavior-based protection against ransomware attacks
US20250193215A1 (en) Method for threat detection in a threat detection system and a threat detection system
Sharma et al. Machine Learning-Based Detection of API Security Attacks
Calapaqui et al. Monitoring, Detecting, and Preventing Ransomware Attacks in Controlled Virtual Network Environments Using a File Scanner

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20180117

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20180117

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20181017

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20181023

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20190528