JP2019082989A5 - - Google Patents

Download PDF

Info

Publication number
JP2019082989A5
JP2019082989A5 JP2018095395A JP2018095395A JP2019082989A5 JP 2019082989 A5 JP2019082989 A5 JP 2019082989A5 JP 2018095395 A JP2018095395 A JP 2018095395A JP 2018095395 A JP2018095395 A JP 2018095395A JP 2019082989 A5 JP2019082989 A5 JP 2019082989A5
Authority
JP
Japan
Prior art keywords
database
computer
attack
tag
suspicious
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2018095395A
Other languages
English (en)
Japanese (ja)
Other versions
JP2019082989A (ja
JP7084778B2 (ja
Filing date
Publication date
Priority claimed from RU2017133842A external-priority patent/RU2661533C1/ru
Priority claimed from US15/923,581 external-priority patent/US10873590B2/en
Application filed filed Critical
Publication of JP2019082989A publication Critical patent/JP2019082989A/ja
Publication of JP2019082989A5 publication Critical patent/JP2019082989A5/ja
Application granted granted Critical
Publication of JP7084778B2 publication Critical patent/JP7084778B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

JP2018095395A 2017-09-29 2018-05-17 標的型攻撃をクラウド型検出、探索および除去するシステムおよび方法 Active JP7084778B2 (ja)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
RU2017133842 2017-09-29
RU2017133842A RU2661533C1 (ru) 2017-09-29 2017-09-29 Система и способ обнаружения признаков компьютерной атаки
US201762573830P 2017-10-18 2017-10-18
US62/573,830 2017-10-18
US15/923,581 US10873590B2 (en) 2017-09-29 2018-03-16 System and method of cloud detection, investigation and elimination of targeted attacks
US15/923,581 2018-03-16

Publications (3)

Publication Number Publication Date
JP2019082989A JP2019082989A (ja) 2019-05-30
JP2019082989A5 true JP2019082989A5 (https=) 2020-11-19
JP7084778B2 JP7084778B2 (ja) 2022-06-15

Family

ID=62148273

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2018095395A Active JP7084778B2 (ja) 2017-09-29 2018-05-17 標的型攻撃をクラウド型検出、探索および除去するシステムおよび方法

Country Status (4)

Country Link
US (2) US10873590B2 (https=)
EP (1) EP3462698B1 (https=)
JP (1) JP7084778B2 (https=)
CN (1) CN109583193B (https=)

Families Citing this family (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10902114B1 (en) * 2015-09-09 2021-01-26 ThreatQuotient, Inc. Automated cybersecurity threat detection with aggregation and analysis
US11277423B2 (en) * 2017-12-29 2022-03-15 Crowdstrike, Inc. Anomaly-based malicious-behavior detection
US11381984B2 (en) * 2018-03-27 2022-07-05 Forescout Technologies, Inc. Device classification based on rank
US11528287B2 (en) 2018-06-06 2022-12-13 Reliaquest Holdings, Llc Threat mitigation system and method
US11709946B2 (en) 2018-06-06 2023-07-25 Reliaquest Holdings, Llc Threat mitigation system and method
US11444957B2 (en) * 2018-07-31 2022-09-13 Fortinet, Inc. Automated feature extraction and artificial intelligence (AI) based detection and classification of malware
USD926809S1 (en) 2019-06-05 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926810S1 (en) 2019-06-05 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926200S1 (en) 2019-06-06 2021-07-27 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926782S1 (en) 2019-06-06 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
USD926811S1 (en) 2019-06-06 2021-08-03 Reliaquest Holdings, Llc Display screen or portion thereof with a graphical user interface
US11533323B2 (en) * 2019-10-10 2022-12-20 Target Brands, Inc. Computer security system for ingesting and analyzing network traffic
CN111079144B (zh) * 2019-11-25 2022-07-01 杭州迪普科技股份有限公司 一种病毒传播行为检测方法及装置
US11438373B2 (en) * 2020-01-09 2022-09-06 Cymulate Ltd. Monitoring for security threats from lateral movements
WO2021144978A1 (ja) * 2020-01-17 2021-07-22 三菱電機株式会社 攻撃推定装置、攻撃推定方法及び攻撃推定プログラム
CN112287339B (zh) * 2020-03-06 2024-06-04 杭州奇盾信息技术有限公司 Apt入侵检测方法、装置以及计算机设备
CN111475818B (zh) * 2020-04-17 2023-08-11 北京墨云科技有限公司 一种基于ai的自动化渗透测试系统的渗透攻击方法
US11847214B2 (en) * 2020-04-21 2023-12-19 Bitdefender IPR Management Ltd. Machine learning systems and methods for reducing the false positive malware detection rate
US20220075871A1 (en) * 2020-09-09 2022-03-10 Microsoft Technology Licensing, Llc Detecting hacker tools by learning network signatures
CN112269316B (zh) * 2020-10-28 2022-06-07 中国科学院信息工程研究所 一种基于图神经网络的高鲁棒性威胁狩猎系统与方法
US20240137382A1 (en) 2021-07-16 2024-04-25 Wiz, Inc. Techniques for cybersecurity identity risk detection utilizing disk cloning and unified identity mapping
US12278840B1 (en) 2021-07-16 2025-04-15 Wiz, Inc. Efficient representation of multiple cloud computing environments through unified identity mapping
US12278819B1 (en) 2021-07-16 2025-04-15 Wiz, Inc. Cybersecurity threat detection utilizing unified identity mapping and permission detection
US12505200B2 (en) 2022-05-23 2025-12-23 Wiz, Inc. Techniques for improved virtual instance inspection utilizing disk cloning
US12579251B2 (en) 2021-11-24 2026-03-17 Wiz, Inc. System and method for detecting excessive permissions in identity and access management
US12019730B2 (en) * 2021-09-28 2024-06-25 Red Hat, Inc. Systems and methods for identifying computing devices
US12489781B2 (en) 2021-11-24 2025-12-02 Wiz, Inc. Techniques for lateral movement detection in a cloud computing environment
US12524550B2 (en) 2021-11-24 2026-01-13 Wiz, Inc. System and method for recursive inspection of workloads from configuration code to production environments
US12063228B2 (en) * 2021-12-22 2024-08-13 Cisco Technology, Inc. Mitigating security threats in daisy chained serverless FaaS functions
US12219048B1 (en) 2021-12-27 2025-02-04 Wiz, Inc. Techniques for encrypted disk cybersecurity inspection utilizing disk cloning
US11936785B1 (en) 2021-12-27 2024-03-19 Wiz, Inc. System and method for encrypted disk inspection utilizing disk cloning techniques
US12081656B1 (en) 2021-12-27 2024-09-03 Wiz, Inc. Techniques for circumventing provider-imposed limitations in snapshot inspection of disks for cybersecurity
US11841945B1 (en) 2022-01-31 2023-12-12 Wiz, Inc. System and method for cybersecurity threat detection utilizing static and runtime data
US12531881B2 (en) 2022-01-31 2026-01-20 Wiz, Inc. Detection of cybersecurity threats utilizing established baselines
WO2023144805A1 (en) * 2022-01-31 2023-08-03 Wiz, Inc. Techniques for cloud detection and response from cloud logs utilizing a security graph
US12267326B2 (en) 2022-04-13 2025-04-01 Wiz, Inc. Techniques for detecting resources without authentication using exposure analysis
US12395488B2 (en) 2022-04-13 2025-08-19 Wiz, Inc. Techniques for analyzing external exposure in cloud environments
US12443720B2 (en) 2022-08-10 2025-10-14 Wiz, Inc. Techniques for detecting applications paths utilizing exposure analysis
US12244627B2 (en) 2022-04-13 2025-03-04 Wiz, Inc. Techniques for active inspection of vulnerability exploitation using exposure
US11936693B2 (en) 2022-04-13 2024-03-19 Wiz, Inc. System and method for applying a policy on a network path
CN114844691B (zh) * 2022-04-20 2023-07-14 安天科技集团股份有限公司 一种数据处理方法、装置、电子设备及存储介质
US12212586B2 (en) 2022-05-23 2025-01-28 Wiz, Inc. Techniques for cybersecurity inspection based on runtime data and static analysis from cloned resources
US12079328B1 (en) 2022-05-23 2024-09-03 Wiz, Inc. Techniques for inspecting running virtualizations for cybersecurity risks
US12506755B2 (en) 2022-05-23 2025-12-23 Wiz, Inc. Technology discovery techniques in cloud computing environments utilizing disk cloning
US12287899B2 (en) 2022-05-23 2025-04-29 Wiz, Inc. Techniques for detecting sensitive data in cloud computing environments utilizing cloning
US12217079B2 (en) 2022-05-23 2025-02-04 Wiz, Inc. Detecting security exceptions across multiple compute environments
US12061719B2 (en) 2022-09-28 2024-08-13 Wiz, Inc. System and method for agentless detection of sensitive data in computing environments
US12061925B1 (en) 2022-05-26 2024-08-13 Wiz, Inc. Techniques for inspecting managed workloads deployed in a cloud computing environment
EP4544433A1 (en) 2022-06-24 2025-04-30 Binalyze Yazlim A.S. Systems and methods for detection of advanced persistent threats in an information network
US20250384127A1 (en) * 2022-07-15 2025-12-18 Bluevoyant Llc Devices, systems, and methods for utilizing a networked, computer-assisted, threat hunting platform to enhance network security
CN117792745B (zh) * 2023-12-28 2025-02-11 北京江民新科技术有限公司 基于att&ck模型的apt攻击检测方法及系统
CN118890214B (zh) * 2024-09-27 2024-12-06 奇安星城网络安全技术(湖南)有限公司 一种针对apt攻击的检测和防御方法

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9703950B2 (en) 2012-03-30 2017-07-11 Irdeto B.V. Method and system for preventing and detecting security threats
US9088606B2 (en) * 2012-07-05 2015-07-21 Tenable Network Security, Inc. System and method for strategic anti-malware monitoring
RU141239U1 (ru) 2013-06-04 2014-05-27 Федеральное государственное казенное военное образовательное учреждение высшего профессионального образования "ВОЕННАЯ АКАДЕМИЯ СВЯЗИ имени Маршала Советского Союза С.М. Буденного" Министерства обороны Российской Федерации Устройство для обнаружения компьютерных атак на информационно-телекоммуникационные сети военного назначения
RU2538292C1 (ru) 2013-07-24 2015-01-10 Открытое Акционерное Общество "Информационные Технологии И Коммуникационные Системы" Способ обнаружения компьютерных атак на сетевую компьютерную систему
US10089461B1 (en) * 2013-09-30 2018-10-02 Fireeye, Inc. Page replacement code injection
WO2015066604A1 (en) 2013-11-04 2015-05-07 Crypteia Networks S.A. Systems and methods for identifying infected network infrastructure
RU2587426C2 (ru) 2013-12-27 2016-06-20 Закрытое акционерное общество "Лаборатория Касперского" Система и способ обнаружения направленных атак на корпоративную инфраструктуру
US20150326592A1 (en) * 2014-05-07 2015-11-12 Attivo Networks Inc. Emulating shellcode attacks
US9754106B2 (en) 2014-10-14 2017-09-05 Symantec Corporation Systems and methods for classifying security events as targeted attacks
US9507946B2 (en) 2015-04-07 2016-11-29 Bank Of America Corporation Program vulnerability identification
RU2624552C2 (ru) 2015-06-30 2017-07-04 Закрытое акционерное общество "Лаборатория Касперского" Способ обнаружения вредоносных файлов, исполняемых с помощью стековой виртуальной машины
CN106888196A (zh) * 2015-12-16 2017-06-23 国家电网公司 一种未知威胁检测的协同防御系统
US9530016B1 (en) 2016-01-29 2016-12-27 International Business Machines Corporation Using source taint analysis to reduce false positives in an advanced persistent threat (APT) protection solution
CN107046543A (zh) * 2017-04-26 2017-08-15 国家电网公司 一种面向攻击溯源的威胁情报分析系统

Similar Documents

Publication Publication Date Title
JP2019082989A5 (https=)
US10505986B1 (en) Sensor based rules for responding to malicious activity
CN108040493B (zh) 基于低置信度安全事件来检测安全事故的方法和装置
CN108259449B (zh) 一种防御apt攻击的方法和系统
US10601848B1 (en) Cyber-security system and method for weak indicator detection and correlation to generate strong indicators
JP6104149B2 (ja) ログ分析装置及びログ分析方法及びログ分析プログラム
US8839435B1 (en) Event-based attack detection
US20140053267A1 (en) Method for identifying malicious executables
US8370942B1 (en) Proactively analyzing binary files from suspicious sources
US20110252476A1 (en) Early detection of potential malware
CN107046535B (zh) 一种异常感知和追踪方法及系统
Wang et al. NetSpy: Automatic generation of spyware signatures for NIDS
CN113660224A (zh) 基于网络漏洞扫描的态势感知防御方法、装置及系统
CN113711559B (zh) 检测异常的系统和方法
CN107733699B (zh) 互联网资产安全管理方法、系统、设备及可读存储介质
US20170318037A1 (en) Distributed anomaly management
US20250133110A1 (en) A top-down cyber security system and method
CN113411297A (zh) 基于属性访问控制的态势感知防御方法及系统
CN111183620A (zh) 入侵调查
CN113660115B (zh) 基于告警的网络安全数据处理方法、装置及系统
US11763004B1 (en) System and method for bootkit detection
JP2017167695A (ja) 攻撃対策判定システム、攻撃対策判定方法及び攻撃対策判定プログラム
CN119301593B (zh) 用于在数据格式未知的备份数据中进行勒索软件检测的设备和方法
Bo et al. Tom: A threat operating model for early warning of cyber security threats
Huayu et al. Research on fog computing based active anti-theft technology