JP2019082989A5 - - Google Patents

Download PDF

Info

Publication number
JP2019082989A5
JP2019082989A5 JP2018095395A JP2018095395A JP2019082989A5 JP 2019082989 A5 JP2019082989 A5 JP 2019082989A5 JP 2018095395 A JP2018095395 A JP 2018095395A JP 2018095395 A JP2018095395 A JP 2018095395A JP 2019082989 A5 JP2019082989 A5 JP 2019082989A5
Authority
JP
Japan
Prior art keywords
database
computer
attack
tag
suspicious
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2018095395A
Other languages
English (en)
Japanese (ja)
Other versions
JP7084778B2 (ja
JP2019082989A (ja
Filing date
Publication date
Priority claimed from RU2017133842A external-priority patent/RU2661533C1/ru
Priority claimed from US15/923,581 external-priority patent/US10873590B2/en
Application filed filed Critical
Publication of JP2019082989A publication Critical patent/JP2019082989A/ja
Publication of JP2019082989A5 publication Critical patent/JP2019082989A5/ja
Application granted granted Critical
Publication of JP7084778B2 publication Critical patent/JP7084778B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

JP2018095395A 2017-09-29 2018-05-17 標的型攻撃をクラウド型検出、探索および除去するシステムおよび方法 Active JP7084778B2 (ja)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
RU2017133842A RU2661533C1 (ru) 2017-09-29 2017-09-29 Система и способ обнаружения признаков компьютерной атаки
RU2017133842 2017-09-29
US201762573830P 2017-10-18 2017-10-18
US62/573,830 2017-10-18
US15/923,581 US10873590B2 (en) 2017-09-29 2018-03-16 System and method of cloud detection, investigation and elimination of targeted attacks
US15/923,581 2018-03-16

Publications (3)

Publication Number Publication Date
JP2019082989A JP2019082989A (ja) 2019-05-30
JP2019082989A5 true JP2019082989A5 (enExample) 2020-11-19
JP7084778B2 JP7084778B2 (ja) 2022-06-15

Family

ID=62148273

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2018095395A Active JP7084778B2 (ja) 2017-09-29 2018-05-17 標的型攻撃をクラウド型検出、探索および除去するシステムおよび方法

Country Status (4)

Country Link
US (2) US10873590B2 (enExample)
EP (1) EP3462698B1 (enExample)
JP (1) JP7084778B2 (enExample)
CN (1) CN109583193B (enExample)

Families Citing this family (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10902114B1 (en) * 2015-09-09 2021-01-26 ThreatQuotient, Inc. Automated cybersecurity threat detection with aggregation and analysis
US11277423B2 (en) * 2017-12-29 2022-03-15 Crowdstrike, Inc. Anomaly-based malicious-behavior detection
US11381984B2 (en) * 2018-03-27 2022-07-05 Forescout Technologies, Inc. Device classification based on rank
US11265338B2 (en) 2018-06-06 2022-03-01 Reliaquest Holdings, Llc Threat mitigation system and method
US11709946B2 (en) 2018-06-06 2023-07-25 Reliaquest Holdings, Llc Threat mitigation system and method
US11444957B2 (en) * 2018-07-31 2022-09-13 Fortinet, Inc. Automated feature extraction and artificial intelligence (AI) based detection and classification of malware
USD926809S1 (en) 2019-06-05 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926810S1 (en) 2019-06-05 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926811S1 (en) 2019-06-06 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926200S1 (en) 2019-06-06 2021-07-27 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926782S1 (en) 2019-06-06 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
US11533323B2 (en) * 2019-10-10 2022-12-20 Target Brands, Inc. Computer security system for ingesting and analyzing network traffic
CN111079144B (zh) * 2019-11-25 2022-07-01 杭州迪普科技股份有限公司 一种病毒传播行为检测方法及装置
US11438373B2 (en) 2020-01-09 2022-09-06 Cymulate Ltd. Monitoring for security threats from lateral movements
WO2021144978A1 (ja) * 2020-01-17 2021-07-22 三菱電機株式会社 攻撃推定装置、攻撃推定方法及び攻撃推定プログラム
CN112287339B (zh) * 2020-03-06 2024-06-04 杭州奇盾信息技术有限公司 Apt入侵检测方法、装置以及计算机设备
CN111475818B (zh) * 2020-04-17 2023-08-11 北京墨云科技有限公司 一种基于ai的自动化渗透测试系统的渗透攻击方法
US11847214B2 (en) * 2020-04-21 2023-12-19 Bitdefender IPR Management Ltd. Machine learning systems and methods for reducing the false positive malware detection rate
US20220075871A1 (en) * 2020-09-09 2022-03-10 Microsoft Technology Licensing, Llc Detecting hacker tools by learning network signatures
CN112269316B (zh) * 2020-10-28 2022-06-07 中国科学院信息工程研究所 一种基于图神经网络的高鲁棒性威胁狩猎系统与方法
US12505200B2 (en) 2022-05-23 2025-12-23 Wiz, Inc. Techniques for improved virtual instance inspection utilizing disk cloning
US12579251B2 (en) 2021-11-24 2026-03-17 Wiz, Inc. System and method for detecting excessive permissions in identity and access management
US12278819B1 (en) 2021-07-16 2025-04-15 Wiz, Inc. Cybersecurity threat detection utilizing unified identity mapping and permission detection
US20240137382A1 (en) 2021-07-16 2024-04-25 Wiz, Inc. Techniques for cybersecurity identity risk detection utilizing disk cloning and unified identity mapping
US12278840B1 (en) 2021-07-16 2025-04-15 Wiz, Inc. Efficient representation of multiple cloud computing environments through unified identity mapping
US12019730B2 (en) * 2021-09-28 2024-06-25 Red Hat, Inc. Systems and methods for identifying computing devices
US20230161869A1 (en) 2021-11-24 2023-05-25 Wiz, Inc. Generating an enrichment layer and populating a security graph based on configuration code of a cloud computing environment
US12489781B2 (en) 2021-11-24 2025-12-02 Wiz, Inc. Techniques for lateral movement detection in a cloud computing environment
US12063228B2 (en) * 2021-12-22 2024-08-13 Cisco Technology, Inc. Mitigating security threats in daisy chained serverless FaaS functions
US11936785B1 (en) 2021-12-27 2024-03-19 Wiz, Inc. System and method for encrypted disk inspection utilizing disk cloning techniques
US12219048B1 (en) 2021-12-27 2025-02-04 Wiz, Inc. Techniques for encrypted disk cybersecurity inspection utilizing disk cloning
US12081656B1 (en) 2021-12-27 2024-09-03 Wiz, Inc. Techniques for circumventing provider-imposed limitations in snapshot inspection of disks for cybersecurity
US11841945B1 (en) 2022-01-31 2023-12-12 Wiz, Inc. System and method for cybersecurity threat detection utilizing static and runtime data
US12531881B2 (en) 2022-01-31 2026-01-20 Wiz, Inc. Detection of cybersecurity threats utilizing established baselines
CN118975199A (zh) * 2022-01-31 2024-11-15 微兹公司 利用安全图从云日志中进行云检测和响应的技术
US12267326B2 (en) 2022-04-13 2025-04-01 Wiz, Inc. Techniques for detecting resources without authentication using exposure analysis
US12443720B2 (en) 2022-08-10 2025-10-14 Wiz, Inc. Techniques for detecting applications paths utilizing exposure analysis
US11936693B2 (en) 2022-04-13 2024-03-19 Wiz, Inc. System and method for applying a policy on a network path
US12244627B2 (en) 2022-04-13 2025-03-04 Wiz, Inc. Techniques for active inspection of vulnerability exploitation using exposure
US12395488B2 (en) 2022-04-13 2025-08-19 Wiz, Inc. Techniques for analyzing external exposure in cloud environments
CN114844691B (zh) * 2022-04-20 2023-07-14 安天科技集团股份有限公司 一种数据处理方法、装置、电子设备及存储介质
US12061719B2 (en) 2022-09-28 2024-08-13 Wiz, Inc. System and method for agentless detection of sensitive data in computing environments
US12217079B2 (en) 2022-05-23 2025-02-04 Wiz, Inc. Detecting security exceptions across multiple compute environments
US12287899B2 (en) 2022-05-23 2025-04-29 Wiz, Inc. Techniques for detecting sensitive data in cloud computing environments utilizing cloning
US12506755B2 (en) 2022-05-23 2025-12-23 Wiz, Inc. Technology discovery techniques in cloud computing environments utilizing disk cloning
US12212586B2 (en) 2022-05-23 2025-01-28 Wiz, Inc. Techniques for cybersecurity inspection based on runtime data and static analysis from cloned resources
US12079328B1 (en) 2022-05-23 2024-09-03 Wiz, Inc. Techniques for inspecting running virtualizations for cybersecurity risks
US12061925B1 (en) 2022-05-26 2024-08-13 Wiz, Inc. Techniques for inspecting managed workloads deployed in a cloud computing environment
US20250378158A1 (en) 2022-06-24 2025-12-11 Binalyze Yazilim A.S. Systems and methods for detection of advanced persistent threats in an information network
JP7812491B2 (ja) * 2022-07-15 2026-02-09 ブルーボヤント エルエルシー ネットワークセキュリティを強化するために、ネットワーク化されたコンピュータ支援脅威ハンティングプラットフォームを利用するデバイス、システム、および方法
CN117792745B (zh) * 2023-12-28 2025-02-11 北京江民新科技术有限公司 基于att&ck模型的apt攻击检测方法及系统
CN118890214B (zh) * 2024-09-27 2024-12-06 奇安星城网络安全技术(湖南)有限公司 一种针对apt攻击的检测和防御方法

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013142948A1 (en) 2012-03-30 2013-10-03 Irdeto Canada Corporation Method and system for preventing and detecting security threats
US9088606B2 (en) * 2012-07-05 2015-07-21 Tenable Network Security, Inc. System and method for strategic anti-malware monitoring
RU141239U1 (ru) 2013-06-04 2014-05-27 Федеральное государственное казенное военное образовательное учреждение высшего профессионального образования "ВОЕННАЯ АКАДЕМИЯ СВЯЗИ имени Маршала Советского Союза С.М. Буденного" Министерства обороны Российской Федерации Устройство для обнаружения компьютерных атак на информационно-телекоммуникационные сети военного назначения
RU2538292C1 (ru) 2013-07-24 2015-01-10 Открытое Акционерное Общество "Информационные Технологии И Коммуникационные Системы" Способ обнаружения компьютерных атак на сетевую компьютерную систему
US10089461B1 (en) * 2013-09-30 2018-10-02 Fireeye, Inc. Page replacement code injection
WO2015066604A1 (en) 2013-11-04 2015-05-07 Crypteia Networks S.A. Systems and methods for identifying infected network infrastructure
RU2587426C2 (ru) 2013-12-27 2016-06-20 Закрытое акционерное общество "Лаборатория Касперского" Система и способ обнаружения направленных атак на корпоративную инфраструктуру
US20150326592A1 (en) * 2014-05-07 2015-11-12 Attivo Networks Inc. Emulating shellcode attacks
US9754106B2 (en) * 2014-10-14 2017-09-05 Symantec Corporation Systems and methods for classifying security events as targeted attacks
US9507946B2 (en) 2015-04-07 2016-11-29 Bank Of America Corporation Program vulnerability identification
RU2624552C2 (ru) 2015-06-30 2017-07-04 Закрытое акционерное общество "Лаборатория Касперского" Способ обнаружения вредоносных файлов, исполняемых с помощью стековой виртуальной машины
CN106888196A (zh) * 2015-12-16 2017-06-23 国家电网公司 一种未知威胁检测的协同防御系统
US9530016B1 (en) 2016-01-29 2016-12-27 International Business Machines Corporation Using source taint analysis to reduce false positives in an advanced persistent threat (APT) protection solution
CN107046543A (zh) * 2017-04-26 2017-08-15 国家电网公司 一种面向攻击溯源的威胁情报分析系统

Similar Documents

Publication Publication Date Title
JP2019082989A5 (enExample)
US10505986B1 (en) Sensor based rules for responding to malicious activity
US11146581B2 (en) Techniques for defending cloud platforms against cyber-attacks
CN108040493B (zh) 基于低置信度安全事件来检测安全事故的方法和装置
CN108259449B (zh) 一种防御apt攻击的方法和系统
JP6104149B2 (ja) ログ分析装置及びログ分析方法及びログ分析プログラム
US8839435B1 (en) Event-based attack detection
US20140053267A1 (en) Method for identifying malicious executables
US8627475B2 (en) Early detection of potential malware
US8370942B1 (en) Proactively analyzing binary files from suspicious sources
CN107046535B (zh) 一种异常感知和追踪方法及系统
WO2019006412A1 (en) CYBER SECURITY SYSTEM AND METHOD FOR DETECTING AND CORRELATING LOW INDICATORS FOR GENERATING STRONG INDICATORS
EP3531324B1 (en) Identification process for suspicious activity patterns based on ancestry relationship
CN113660224A (zh) 基于网络漏洞扫描的态势感知防御方法、装置及系统
CN113711559B (zh) 检测异常的系统和方法
CN107733699B (zh) 互联网资产安全管理方法、系统、设备及可读存储介质
US20170318037A1 (en) Distributed anomaly management
CN113411297A (zh) 基于属性访问控制的态势感知防御方法及系统
US20250133110A1 (en) A top-down cyber security system and method
CN111183620A (zh) 入侵调查
JP2017167695A (ja) 攻撃対策判定システム、攻撃対策判定方法及び攻撃対策判定プログラム
CN119301593B (zh) 用于在数据格式未知的备份数据中进行勒索软件检测的设备和方法
US11763004B1 (en) System and method for bootkit detection
Bo et al. Tom: A threat operating model for early warning of cyber security threats
Huayu et al. Research on fog computing based active anti-theft technology