JP2024540794A - ユーザエンティティの正規化および関連付け - Google Patents

ユーザエンティティの正規化および関連付け Download PDF

Info

Publication number
JP2024540794A
JP2024540794A JP2024505476A JP2024505476A JP2024540794A JP 2024540794 A JP2024540794 A JP 2024540794A JP 2024505476 A JP2024505476 A JP 2024505476A JP 2024505476 A JP2024505476 A JP 2024505476A JP 2024540794 A JP2024540794 A JP 2024540794A
Authority
JP
Japan
Prior art keywords
event
user
given
detecting
entity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2024505476A
Other languages
English (en)
Japanese (ja)
Other versions
JP2024540794A5 (enExample
Inventor
ライマー,ネタネル
マイヤー,アビアド
ノイマン,ヤロン
アロン,ヨナタン
Original Assignee
パロ アルト ネットワークス (イスラエル アナリティクス) リミテッド
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by パロ アルト ネットワークス (イスラエル アナリティクス) リミテッド filed Critical パロ アルト ネットワークス (イスラエル アナリティクス) リミテッド
Publication of JP2024540794A publication Critical patent/JP2024540794A/ja
Publication of JP2024540794A5 publication Critical patent/JP2024540794A5/ja
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
  • Electrically Operated Instructional Devices (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Diaphragms For Electromechanical Transducers (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
JP2024505476A 2021-10-20 2022-10-06 ユーザエンティティの正規化および関連付け Pending JP2024540794A (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US17/505,673 US12039017B2 (en) 2021-10-20 2021-10-20 User entity normalization and association
US17/505,673 2021-10-20
PCT/IB2022/059544 WO2023067425A1 (en) 2021-10-20 2022-10-06 User entity normalization and association

Publications (2)

Publication Number Publication Date
JP2024540794A true JP2024540794A (ja) 2024-11-06
JP2024540794A5 JP2024540794A5 (enExample) 2025-12-22

Family

ID=83945046

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2024505476A Pending JP2024540794A (ja) 2021-10-20 2022-10-06 ユーザエンティティの正規化および関連付け

Country Status (6)

Country Link
US (1) US12039017B2 (enExample)
EP (1) EP4420020B1 (enExample)
JP (1) JP2024540794A (enExample)
AU (1) AU2022370400B2 (enExample)
IL (1) IL309373A (enExample)
WO (1) WO2023067425A1 (enExample)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024226432A1 (en) * 2023-04-24 2024-10-31 Cisco Technology, Inc. Device identifier correlation between security events within monitored data in extended detection and response systems
US12609955B2 (en) 2023-04-24 2026-04-21 Cisco Technology, Inc. Tracking computer devices in extended detection and response systems
US12615282B2 (en) 2023-07-23 2026-04-28 Palo Alto Networks, Inc. Security incident ranking and ranking explanation

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6347374B1 (en) * 1998-06-05 2002-02-12 Intrusion.Com, Inc. Event detection
US20070073519A1 (en) * 2005-05-31 2007-03-29 Long Kurt J System and Method of Fraud and Misuse Detection Using Event Logs
JP2021523451A (ja) * 2018-05-08 2021-09-02 アップル インコーポレイテッドApple Inc. デバイスの使用管理

Family Cites Families (276)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991881A (en) 1996-11-08 1999-11-23 Harris Corporation Network surveillance system
US7003790B1 (en) 1998-01-31 2006-02-21 Sony Corporation Broadcast-program selection history information acquisition apparatus and its method
US6282175B1 (en) 1998-04-23 2001-08-28 Hewlett-Packard Company Method for tracking configuration changes in networks of computer systems through historical monitoring of configuration status of devices on the network.
US6321338B1 (en) 1998-11-09 2001-11-20 Sri International Network surveillance
US7007301B2 (en) 2000-06-12 2006-02-28 Hewlett-Packard Development Company, L.P. Computer architecture for an intrusion detection system
US7181769B1 (en) 2000-08-25 2007-02-20 Ncircle Network Security, Inc. Network security system having a device profiler communicatively coupled to a traffic monitor
AU2001295016A1 (en) 2000-09-01 2002-03-13 Sri International, Inc. Probabilistic alert correlation
US9525696B2 (en) 2000-09-25 2016-12-20 Blue Coat Systems, Inc. Systems and methods for processing data flows
US20020133586A1 (en) 2001-01-16 2002-09-19 Carter Shanklin Method and device for monitoring data traffic and preventing unauthorized access to a network
US7603709B2 (en) 2001-05-03 2009-10-13 Computer Associates Think, Inc. Method and apparatus for predicting and preventing attacks in communications networks
US6988124B2 (en) 2001-06-06 2006-01-17 Microsoft Corporation Locating potentially identical objects across multiple computers based on stochastic partitioning of workload
US7561517B2 (en) 2001-11-02 2009-07-14 Internap Network Services Corporation Passive route control of data networks
US7543056B2 (en) 2002-01-15 2009-06-02 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7257630B2 (en) 2002-01-15 2007-08-14 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7178164B1 (en) 2002-02-01 2007-02-13 Consul Risk Management System and method for ensuring proper implementation of computer security policies
JP2004032679A (ja) 2002-02-28 2004-01-29 Matsushita Electric Ind Co Ltd 通信装置及び通信システム
WO2003083660A1 (en) 2002-03-29 2003-10-09 Global Dataguard, Inc. Adaptive behavioral intrusion detection systems and methods
US7373666B2 (en) 2002-07-01 2008-05-13 Microsoft Corporation Distributed threat management
US7752665B1 (en) 2002-07-12 2010-07-06 TCS Commercial, Inc. Detecting probes and scans over high-bandwidth, long-term, incomplete network traffic information using limited memory
US20040117658A1 (en) 2002-09-27 2004-06-17 Andrea Klaes Security monitoring and intrusion detection system
US9009084B2 (en) 2002-10-21 2015-04-14 Rockwell Automation Technologies, Inc. System and methodology providing automation security analysis and network intrusion protection in an industrial environment
US7716737B2 (en) 2002-11-04 2010-05-11 Riverbed Technology, Inc. Connection based detection of scanning attacks
US8327442B2 (en) 2002-12-24 2012-12-04 Herz Frederick S M System and method for a distributed application and network security system (SDI-SCAM)
US7716736B2 (en) 2003-04-17 2010-05-11 Cybersoft, Inc. Apparatus, methods and articles of manufacture for computer virus testing
JP2004318552A (ja) 2003-04-17 2004-11-11 Kddi Corp Idsログ分析支援装置、idsログ分析支援方法及びidsログ分析支援プログラム
US7246156B2 (en) 2003-06-09 2007-07-17 Industrial Defender, Inc. Method and computer program product for monitoring an industrial network
US7496959B2 (en) 2003-06-23 2009-02-24 Architecture Technology Corporation Remote collection of computer forensic evidence
WO2005017690A2 (en) 2003-08-11 2005-02-24 Chorus Systems, Inc. Systems and methods for creation and use of an adaptive reference model
US20050060295A1 (en) 2003-09-12 2005-03-17 Sensory Networks, Inc. Statistical classification of high-speed network data through content inspection
US7613300B2 (en) 2003-09-26 2009-11-03 Genesis Microchip Inc. Content-protected digital link over a single signal line
US7634090B2 (en) 2003-09-26 2009-12-15 Genesis Microchip Inc. Packet based high definition high-bandwidth digital content protection
US7684568B2 (en) 2003-11-24 2010-03-23 Intellon Corporation Encrypting data in a communication network
US7002943B2 (en) 2003-12-08 2006-02-21 Airtight Networks, Inc. Method and system for monitoring a selected region of an airspace associated with local area networks of computing devices
US20050183120A1 (en) 2004-01-13 2005-08-18 Saurabh Jain Multi-user personalized digital multimedia distribution methods and systems
US7669059B2 (en) 2004-03-23 2010-02-23 Network Equipment Technologies, Inc. Method and apparatus for detection of hostile software
US8171553B2 (en) 2004-04-01 2012-05-01 Fireeye, Inc. Heuristic based capture with replay to virtual machine
US8375444B2 (en) 2006-04-20 2013-02-12 Fireeye, Inc. Dynamic signature creation and enforcement
US7225468B2 (en) 2004-05-07 2007-05-29 Digital Security Networks, Llc Methods and apparatus for computer network security using intrusion detection and prevention
US7761919B2 (en) 2004-05-20 2010-07-20 Computer Associates Think, Inc. Intrusion detection with automatic signature generation
US20050268112A1 (en) 2004-05-28 2005-12-01 Microsoft Corporation Managing spyware and unwanted software through auto-start extensibility points
US7694150B1 (en) 2004-06-22 2010-04-06 Cisco Technology, Inc System and methods for integration of behavioral and signature based security
US7929534B2 (en) 2004-06-28 2011-04-19 Riverbed Technology, Inc. Flow logging for connection-based anomaly detection
US7748040B2 (en) 2004-07-12 2010-06-29 Architecture Technology Corporation Attack correlation using marked information
US9154511B1 (en) 2004-07-13 2015-10-06 Dell Software Inc. Time zero detection of infectious messages
US7904956B2 (en) 2004-10-01 2011-03-08 Microsoft Corporation Access authorization with anomaly detection
US7287279B2 (en) 2004-10-01 2007-10-23 Webroot Software, Inc. System and method for locating malware
US8181219B2 (en) 2004-10-01 2012-05-15 Microsoft Corporation Access authorization having embedded policies
KR100612452B1 (ko) 2004-11-08 2006-08-16 삼성전자주식회사 악성 코드 탐지 장치 및 그 방법
US20060242694A1 (en) 2004-11-08 2006-10-26 Jeffrey Gold Mitigation and mitigation management of attacks in networked systems
US7540025B2 (en) 2004-11-18 2009-05-26 Cisco Technology, Inc. Mitigating network attacks using automatic signature generation
US8117659B2 (en) 2005-12-28 2012-02-14 Microsoft Corporation Malicious code infection cause-and-effect analysis
US7409719B2 (en) 2004-12-21 2008-08-05 Microsoft Corporation Computer security management, such as in a virtual machine or hardened operating system
US7607170B2 (en) 2004-12-22 2009-10-20 Radware Ltd. Stateful attack protection
US7703138B2 (en) 2004-12-29 2010-04-20 Intel Corporation Use of application signature to identify trusted traffic
US7571474B2 (en) 2004-12-30 2009-08-04 Intel Corporation System security event notification aggregation and non-repudiation
US20060149848A1 (en) 2005-01-04 2006-07-06 Trusted Network Technologies, Inc. System, apparatuses, and method for linking and advising of network events related to resource access
US7546471B2 (en) 2005-01-14 2009-06-09 Microsoft Corporation Method and system for virus detection using pattern matching techniques
US7784099B2 (en) 2005-02-18 2010-08-24 Pace University System for intrusion detection and vulnerability assessment in a computer network using simulation and machine learning
US7653869B2 (en) 2005-02-18 2010-01-26 Sony Corporation System and method for error correction in high definition TV signal
US7809013B2 (en) 2005-03-24 2010-10-05 Intel Corporation Channel scanning
US20060259967A1 (en) 2005-05-13 2006-11-16 Microsoft Corporation Proactively protecting computers in a networking environment from malware
TW200644495A (en) 2005-06-10 2006-12-16 D Link Corp Regional joint detecting and guarding system for security of network information
US7979368B2 (en) 2005-07-01 2011-07-12 Crossbeam Systems, Inc. Systems and methods for processing data flows
US7908655B1 (en) 2005-08-16 2011-03-15 Sprint Communications Company L.P. Connectionless port scan detection on a network
CN1917426B (zh) 2005-08-17 2010-12-08 国际商业机器公司 端口扫描方法与设备及其检测方法与设备、端口扫描系统
US20070072661A1 (en) 2005-09-27 2007-03-29 Alexander Lototski Windows message protection
KR100724825B1 (ko) 2005-11-17 2007-06-04 삼성전자주식회사 스케일러블 비디오 코딩에서 다차원 스케일러빌리티에 따른 조건적 접근제어를 위한 스케일러블 비디오 비트스트림 암복호화 방법 및 암복호화 시스템
US8112513B2 (en) 2005-11-30 2012-02-07 Microsoft Corporation Multi-user display proxy server
US8516573B1 (en) 2005-12-22 2013-08-20 At&T Intellectual Property Ii, L.P. Method and apparatus for port scan detection in a network
CA2531410A1 (en) 2005-12-23 2007-06-23 Snipe Network Security Corporation Behavioural-based network anomaly detection based on user and group profiling
US7712134B1 (en) 2006-01-06 2010-05-04 Narus, Inc. Method and apparatus for worm detection and containment in the internet core
US8397284B2 (en) 2006-01-17 2013-03-12 University Of Maryland Detection of distributed denial of service attacks in autonomous system domains
US8429177B2 (en) 2006-02-08 2013-04-23 Yahoo! Inc. Using exceptional changes in webgraph snapshots over time for internet entity marking
JP2007235323A (ja) 2006-02-28 2007-09-13 Toshiba Corp 高度機密情報の保存/記録方法、高度機密情報を利用する再生装置および高度機密情報を格納するメモリ
JP2007235324A (ja) 2006-02-28 2007-09-13 Toshiba Corp 復号または暗号化を行う情報処理装置および情報処理方法
US20070218874A1 (en) 2006-03-17 2007-09-20 Airdefense, Inc. Systems and Methods For Wireless Network Forensics
US7530105B2 (en) 2006-03-21 2009-05-05 21St Century Technologies, Inc. Tactical and strategic attack detection and prediction
US8006306B2 (en) 2006-03-21 2011-08-23 Riverbed Technology, Inc. Exploit-based worm propagation mitigation
US8966630B2 (en) 2006-04-27 2015-02-24 The Invention Science Fund I, Llc Generating and distributing a malware countermeasure
US20140373144A9 (en) 2006-05-22 2014-12-18 Alen Capalik System and method for analyzing unauthorized intrusion into a computer network
US20070283166A1 (en) 2006-06-05 2007-12-06 Kabushiki Kaisha Toshiba System and method for state transition intrusion detection
US20080016339A1 (en) 2006-06-29 2008-01-17 Jayant Shukla Application Sandbox to Detect, Remove, and Prevent Malware
US8490190B1 (en) 2006-06-30 2013-07-16 Symantec Corporation Use of interactive messaging channels to verify endpoints
US9824107B2 (en) 2006-10-25 2017-11-21 Entit Software Llc Tracking changing state data to assist in computer network security
US7877795B2 (en) 2006-10-30 2011-01-25 At&T Intellectual Property I, Lp Methods, systems, and computer program products for automatically configuring firewalls
US20100071063A1 (en) 2006-11-29 2010-03-18 Wisconsin Alumni Research Foundation System for automatic detection of spyware
US20080134296A1 (en) 2006-11-30 2008-06-05 Ofer Amitai System and method of network authorization by scoring
US7523016B1 (en) 2006-12-29 2009-04-21 Google Inc. Detecting anomalies
US7847687B2 (en) 2007-02-16 2010-12-07 Accenture Global Services Limited Context-sensitive alerts
US7894358B2 (en) 2007-03-15 2011-02-22 Cisco Technology, Inc. Detection of heavy users of network resources
US8429713B2 (en) 2007-04-02 2013-04-23 Sony Corporation Method and apparatus to speed transmission of CEC commands
US8131745B1 (en) 2007-04-09 2012-03-06 Rapleaf, Inc. Associating user identities with different unique identifiers
US8707431B2 (en) 2007-04-24 2014-04-22 The Mitre Corporation Insider threat detection
US7882217B2 (en) 2007-05-17 2011-02-01 Verint Systems Inc. Network identity clustering
US8285206B2 (en) * 2007-06-01 2012-10-09 Research In Motion Limited Proximity-dependent events
US20090007100A1 (en) 2007-06-28 2009-01-01 Microsoft Corporation Suspending a Running Operating System to Enable Security Scanning
US8522344B2 (en) 2007-06-29 2013-08-27 Verizon Patent And Licensing Inc. Theft of service architectural integrity validation tools for session initiation protocol (SIP)-based systems
KR100922582B1 (ko) 2007-07-20 2009-10-21 한국전자통신연구원 중심점 분할 기법을 이용한 로그 기반의 역추적 시스템 및방법
EP2201720B1 (en) 2007-10-23 2014-02-26 Unify Inc. Method and system for multicast statistic collection
EP2056559B1 (en) 2007-11-02 2017-05-17 Deutsche Telekom AG Method and system for network simulation
US8624733B2 (en) 2007-11-05 2014-01-07 Francis John Cusack, JR. Device for electronic access control with integrated surveillance
US8434140B2 (en) 2007-11-06 2013-04-30 Barracuda Networks, Inc. Port hopping and seek you peer to peer traffic control method and system
KR20090065267A (ko) 2007-12-17 2009-06-22 한국전자통신연구원 침입 탐지 기법을 이용한 웹 서버 로그 분석 장치 및 방법
WO2009085239A2 (en) 2007-12-20 2009-07-09 E-Fense, Inc. Computer forensics, e-discovery and incident response methods and systems
US20100268818A1 (en) 2007-12-20 2010-10-21 Richmond Alfred R Systems and methods for forensic analysis of network behavior
EP2227889B1 (en) 2007-12-31 2011-07-13 Telecom Italia S.p.A. Method of detecting anomalies in a communication system using symbolic packet features
CA2619092C (en) 2008-01-29 2015-05-19 Solutioninc Limited Method of and system for support of user devices roaming between routing realms by a single network server
US8429180B1 (en) 2008-03-31 2013-04-23 Symantec Corporation Cooperative identification of malicious remote objects
WO2009132047A2 (en) 2008-04-21 2009-10-29 Zytron Corp. Collaborative and proactive defense of networks and information systems
US8745703B2 (en) 2008-06-24 2014-06-03 Microsoft Corporation Identifying exploitation of vulnerabilities using error report
US8781003B2 (en) 2008-07-17 2014-07-15 Cisco Technology, Inc. Splicing of encrypted video/audio content
US8769681B1 (en) 2008-08-11 2014-07-01 F5 Networks, Inc. Methods and system for DMA based distributed denial of service protection
US8023504B2 (en) 2008-08-27 2011-09-20 Cisco Technology, Inc. Integrating security server policies with optimized routing control
US20100107257A1 (en) 2008-10-29 2010-04-29 International Business Machines Corporation System, method and program product for detecting presence of malicious software running on a computer system
US8135964B2 (en) 2008-12-09 2012-03-13 Nvidia Corporation Apparatus, system, method, and computer program product for executing a program utilizing a processor to generate keys for decrypting content
US8868925B2 (en) 2008-12-09 2014-10-21 Nvidia Corporation Method and apparatus for the secure processing of confidential content within a virtual machine of a processor
US8266448B2 (en) 2008-12-09 2012-09-11 Nvidia Corporation Apparatus, system, method, and computer program product for generating and securing a program capable of being executed utilizing a processor to decrypt content
GB0822619D0 (en) 2008-12-11 2009-01-21 Scansafe Ltd Malware detection
US8321509B2 (en) 2009-02-02 2012-11-27 Waldeck Technology, Llc Handling crowd requests for large geographic areas
US20100235915A1 (en) 2009-03-12 2010-09-16 Nasir Memon Using host symptoms, host roles, and/or host reputation for detection of host infection
US9736251B1 (en) 2009-04-17 2017-08-15 Ca, Inc. Capture and replay of RDP session packets
US8762288B2 (en) 2009-04-22 2014-06-24 The Western Union Company Methods and systems for establishing an identity confidence database
US8385542B2 (en) 2009-04-27 2013-02-26 Nagrastar L.L.C. Methods and apparatus for securing communications between a decryption device and a television receiver
US8213326B2 (en) 2009-04-30 2012-07-03 Alcatel Lucent Method and apparatus for the classification of ports on a data communication network node
US8156055B2 (en) 2009-05-04 2012-04-10 ThinkEco, Inc. System and method for utility usage, monitoring and management
US20100299430A1 (en) 2009-05-22 2010-11-25 Architecture Technology Corporation Automated acquisition of volatile forensic evidence from network devices
US9270542B2 (en) 2009-07-31 2016-02-23 Ixia Apparatus and methods for forwarding data packets captured from a network
WO2011056952A2 (en) 2009-11-04 2011-05-12 Aware, Inc. Forensic diagnostic capability including g.inp
US20110125770A1 (en) 2009-11-25 2011-05-26 Nokia Corporation Method and apparatus for facilitating identity resolution
JP5723888B2 (ja) 2009-12-04 2015-05-27 ソニック アイピー, インコーポレイテッド 基本ビットストリーム暗号材料伝送システムおよび方法
US20110138463A1 (en) 2009-12-07 2011-06-09 Electronics And Telecommunications Research Institute Method and system for ddos traffic detection and traffic mitigation using flow statistics
US20110153748A1 (en) 2009-12-18 2011-06-23 Electronics And Telecommunications Research Institute Remote forensics system based on network
US8438270B2 (en) 2010-01-26 2013-05-07 Tenable Network Security, Inc. System and method for correlating network identities and addresses
WO2011094312A1 (en) 2010-01-26 2011-08-04 Silver Tail Systems, Inc. System and method for network security including detection of man-in-the-browser attacks
SG183332A1 (en) 2010-03-01 2012-09-27 Silver Tail Systems System and method for network security including detection of attacks through partner websites
US8756684B2 (en) 2010-03-01 2014-06-17 Emc Corporation System and method for network security including detection of attacks through partner websites
US8707427B2 (en) 2010-04-06 2014-04-22 Triumfant, Inc. Automated malware detection and remediation
US8578345B1 (en) 2010-04-15 2013-11-05 Symantec Corporation Malware detection efficacy by identifying installation and uninstallation scenarios
US9530166B2 (en) 2010-04-21 2016-12-27 Facebook, Inc. Social graph that includes web pages outside of a social networking system
KR101122650B1 (ko) 2010-04-28 2012-03-09 한국전자통신연구원 정상 프로세스에 위장 삽입된 악성코드 탐지 장치, 시스템 및 방법
US20110270957A1 (en) 2010-04-30 2011-11-03 The Phan Method and system for logging trace events of a network device
US20110317770A1 (en) 2010-06-24 2011-12-29 Worldplay (Barbados) Inc. Decoder for multiple independent video stream decoding
US9147071B2 (en) 2010-07-20 2015-09-29 Mcafee, Inc. System and method for proactive detection of malware device drivers via kernel forensic behavioral monitoring and a back-end reputation system
US8607353B2 (en) 2010-07-29 2013-12-10 Accenture Global Services Gmbh System and method for performing threat assessments using situational awareness
US8990380B2 (en) 2010-08-12 2015-03-24 Citrix Systems, Inc. Systems and methods for quality of service of ICA published applications
US9245114B2 (en) 2010-08-26 2016-01-26 Verisign, Inc. Method and system for automatic detection and analysis of malware
US20120136802A1 (en) 2010-11-30 2012-05-31 Zonar Systems, Inc. System and method for vehicle maintenance including remote diagnosis and reverse auction for identified repairs
US8875286B2 (en) 2010-12-01 2014-10-28 Cisco Technology, Inc. Method and apparatus for detecting malicious software using machine learning techniques
US20120143650A1 (en) 2010-12-06 2012-06-07 Thomas Crowley Method and system of assessing and managing risk associated with compromised network assets
WO2012103236A1 (en) 2011-01-26 2012-08-02 Viaforensics, Llc Systems, methods, apparatuses, and computer program products for forensic monitoring
KR20120096983A (ko) 2011-02-24 2012-09-03 삼성전자주식회사 악성 프로그램 검출 방법 및 이를 구현하는 휴대 단말기
US9026644B2 (en) 2011-03-10 2015-05-05 Verizon Patent And Licensing Inc. Anomaly detection and identification using traffic steering and real-time analytics
US8966625B1 (en) 2011-05-24 2015-02-24 Palo Alto Networks, Inc. Identification of malware sites using unknown URL sites and newly registered DNS addresses
US8555388B1 (en) 2011-05-24 2013-10-08 Palo Alto Networks, Inc. Heuristic botnet detection
US20120308008A1 (en) 2011-05-31 2012-12-06 Broadcom Corporation Wireless Transmission of Protected Content
US10356106B2 (en) 2011-07-26 2019-07-16 Palo Alto Networks (Israel Analytics) Ltd. Detecting anomaly action within a computer network
EP2737404A4 (en) 2011-07-26 2015-04-29 Light Cyber Ltd METHOD FOR DETECTING AN ANALYSIS ACTION WITHIN A COMPUTER NETWORK
US8984581B2 (en) 2011-07-27 2015-03-17 Seven Networks, Inc. Monitoring mobile application activities for malicious traffic on a mobile device
US20150304346A1 (en) 2011-08-19 2015-10-22 Korea University Research And Business Foundation Apparatus and method for detecting anomaly of network
US8909922B2 (en) 2011-09-01 2014-12-09 Sonic Ip, Inc. Systems and methods for playing back alternative streams of protected content protected using common cryptographic information
ES2755780T3 (es) 2011-09-16 2020-04-23 Veracode Inc Análisis estático y de comportamiento automatizado mediante la utilización de un espacio aislado instrumentado y clasificación de aprendizaje automático para seguridad móvil
US20130083700A1 (en) 2011-10-04 2013-04-04 Juniper Networks, Inc. Methods and apparatus for centralized management of access and aggregation network infrastructure
US8677487B2 (en) 2011-10-18 2014-03-18 Mcafee, Inc. System and method for detecting a malicious command and control channel
US8909930B2 (en) 2011-10-31 2014-12-09 L-3 Communications Corporation External reference monitor
JP5454960B2 (ja) 2011-11-09 2014-03-26 株式会社東芝 再暗号化システム、再暗号化装置及びプログラム
CN102497362B (zh) 2011-12-07 2018-01-05 北京润通丰华科技有限公司 异常网络流量的攻击源追踪方法及装置
US8851929B2 (en) 2012-02-01 2014-10-07 Rad Data Communications Ltd. SFP functionality extender
US9092616B2 (en) 2012-05-01 2015-07-28 Taasera, Inc. Systems and methods for threat identification and remediation
US8898782B2 (en) 2012-05-01 2014-11-25 Harris Corporation Systems and methods for spontaneously configuring a computer network
US20130333041A1 (en) 2012-06-12 2013-12-12 International Business Machines Corporation Method and Apparatus for Automatic Identification of Affected Network Resources After a Computer Intrusion
JP5856015B2 (ja) 2012-06-15 2016-02-09 日立マクセル株式会社 コンテンツ送信装置
US9038178B1 (en) 2012-06-25 2015-05-19 Emc Corporation Detection of malware beaconing activities
US20140010367A1 (en) 2012-07-05 2014-01-09 Changliang Wang Systems and methods for providing content to a wireless display screen
US9088606B2 (en) 2012-07-05 2015-07-21 Tenable Network Security, Inc. System and method for strategic anti-malware monitoring
US11126720B2 (en) 2012-09-26 2021-09-21 Bluvector, Inc. System and method for automated machine-learning, zero-day malware detection
EP2725512B1 (en) 2012-10-23 2019-03-27 Verint Systems Ltd. System and method for malware detection using multi-dimensional feature clustering
US9531736B1 (en) 2012-12-24 2016-12-27 Narus, Inc. Detecting malicious HTTP redirections using user browsing activity trees
US9378361B1 (en) 2012-12-31 2016-06-28 Emc Corporation Anomaly sensor framework for detecting advanced persistent threat attacks
WO2014111863A1 (en) 2013-01-16 2014-07-24 Light Cyber Ltd. Automated forensics of computer systems using behavioral intelligence
US9078021B2 (en) 2013-01-16 2015-07-07 Kabushiki Kaisha Toshiba Information processing apparatus, content transmission method and storage medium
US9363151B2 (en) 2013-01-17 2016-06-07 International Business Machines Corporation Dynamically determining packet sampling rates
US9860278B2 (en) 2013-01-30 2018-01-02 Nippon Telegraph And Telephone Corporation Log analyzing device, information processing method, and program
WO2014160062A1 (en) 2013-03-14 2014-10-02 TechGuard Security, L.L.C. Internet protocol threat prevention
US9264442B2 (en) 2013-04-26 2016-02-16 Palo Alto Research Center Incorporated Detecting anomalies in work practice data by combining multiple domains of information
GB2516894A (en) 2013-08-05 2015-02-11 Ibm User evaluation
US20150047032A1 (en) 2013-08-07 2015-02-12 Front Porch Communications, Inc. System and method for computer security
CN103561048B (zh) 2013-09-02 2016-08-31 北京东土科技股份有限公司 一种确定tcp端口扫描的方法及装置
US9491727B2 (en) 2013-09-10 2016-11-08 Anue Systems, Inc. System and method for monitoring network synchronization
US10123063B1 (en) * 2013-09-23 2018-11-06 Comscore, Inc. Protecting user privacy during collection of demographics census data
US9319421B2 (en) 2013-10-14 2016-04-19 Ut-Battelle, Llc Real-time detection and classification of anomalous events in streaming data
WO2015056170A1 (en) 2013-10-16 2015-04-23 Implisit Insights Ltd. Automatic crm data entry
US9438620B2 (en) 2013-10-22 2016-09-06 Mcafee, Inc. Control flow graph representation and classification
US20150121461A1 (en) 2013-10-24 2015-04-30 Cyber-Ark Software Ltd. Method and system for detecting unauthorized access to and use of network resources with targeted analytics
US9231962B1 (en) 2013-11-12 2016-01-05 Emc Corporation Identifying suspicious user logins in enterprise networks
US9910718B2 (en) 2014-01-20 2018-03-06 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Selective locking of operations on joint and disjoint sets
US11405410B2 (en) 2014-02-24 2022-08-02 Cyphort Inc. System and method for detecting lateral movement and data exfiltration
US9407647B2 (en) 2014-03-11 2016-08-02 Vectra Networks, Inc. Method and system for detecting external control of compromised hosts
US9509669B2 (en) 2014-04-14 2016-11-29 Lattice Semiconductor Corporation Efficient routing of streams encrypted using point-to-point authentication protocol
KR101761737B1 (ko) 2014-05-20 2017-07-26 한국전자통신연구원 제어 시스템의 이상행위 탐지 시스템 및 방법
US10652240B2 (en) 2014-05-29 2020-05-12 Entersekt International Limited Method and system for determining a compromise risk associated with a unique device identifier
US9721212B2 (en) 2014-06-04 2017-08-01 Qualcomm Incorporated Efficient on-device binary analysis for auto-generated behavioral models
US10038703B2 (en) 2014-07-18 2018-07-31 The Regents Of The University Of Michigan Rating network security posture and comparing network maliciousness
US9280661B2 (en) 2014-08-08 2016-03-08 Brighterion, Inc. System administrator behavior analysis
US9773112B1 (en) 2014-09-29 2017-09-26 Fireeye, Inc. Exploit detection of malware and malware families
US9948661B2 (en) 2014-10-29 2018-04-17 At&T Intellectual Property I, L.P. Method and apparatus for detecting port scans in a network
US20160142746A1 (en) 2014-11-14 2016-05-19 Thales Avionics, Inc. Method of encrypting, streaming, and displaying video content using selective encryption
US9118582B1 (en) 2014-12-10 2015-08-25 Iboss, Inc. Network traffic management using port number redirection
US9690933B1 (en) 2014-12-22 2017-06-27 Fireeye, Inc. Framework for classifying an object as malicious with machine learning for deploying updated predictive models
TWI541662B (zh) 2014-12-31 2016-07-11 中原大學 估計熵值之方法與系統
US10140453B1 (en) 2015-03-16 2018-11-27 Amazon Technologies, Inc. Vulnerability management using taxonomy-based normalization
US9596249B2 (en) 2015-04-23 2017-03-14 Dell Software, Inc. Detecting shared or compromised credentials through analysis of simultaneous actions
US10728281B2 (en) 2015-04-28 2020-07-28 Nippon Telegraph And Telephone Corporation Connection control apparatus, connection control method, and connection control program
US9749340B2 (en) 2015-04-28 2017-08-29 Arbor Networks, Inc. System and method to detect and mitigate TCP window attacks
US10075461B2 (en) 2015-05-31 2018-09-11 Palo Alto Networks (Israel Analytics) Ltd. Detection of anomalous administrative actions
US9923915B2 (en) 2015-06-02 2018-03-20 C3 Iot, Inc. Systems and methods for providing cybersecurity analysis based on operational technologies and information technologies
JP2017018176A (ja) * 2015-07-07 2017-01-26 富士通株式会社 出力装置、出力方法及び出力プログラム
US10476891B2 (en) 2015-07-21 2019-11-12 Attivo Networks Inc. Monitoring access of network darkspace
US10757136B2 (en) 2015-08-28 2020-08-25 Verizon Patent And Licensing Inc. Botnet beaconing detection and mitigation
JP6641819B2 (ja) 2015-09-15 2020-02-05 富士通株式会社 ネットワーク監視装置、ネットワーク監視方法及びネットワーク監視プログラム
US10237875B1 (en) 2015-09-25 2019-03-19 Amazon Technologies, Inc. Routing-aware network limiter
US10742664B2 (en) 2015-10-20 2020-08-11 International Business Machines Corporation Probabilistically detecting low-intensity, multi-modal threats using synthetic events
US9531614B1 (en) 2015-10-30 2016-12-27 AppDynamics, Inc. Network aware distributed business transaction anomaly detection
US10291634B2 (en) 2015-12-09 2019-05-14 Checkpoint Software Technologies Ltd. System and method for determining summary events of an attack
GB2562423B (en) 2016-02-25 2020-04-29 Sas Inst Inc Cybersecurity system
US10230749B1 (en) 2016-02-29 2019-03-12 Palo Alto Networks, Inc. Automatically grouping malware based on artifacts
US10027694B1 (en) 2016-03-28 2018-07-17 Amazon Technologies, Inc. Detecting denial of service attacks on communication networks
US10003606B2 (en) 2016-03-30 2018-06-19 Symantec Corporation Systems and methods for detecting security threats
US9836952B2 (en) 2016-04-06 2017-12-05 Alcatel-Lucent Usa Inc. Alarm causality templates for network function virtualization
US10372910B2 (en) 2016-06-20 2019-08-06 Jask Labs Inc. Method for predicting and characterizing cyber attacks
US10257214B2 (en) 2016-06-23 2019-04-09 Cisco Technology, Inc. Using a machine learning classifier to assign a data retention priority for network forensics and retrospective detection
US10616184B2 (en) 2016-06-30 2020-04-07 Intel Corporation Wireless display streaming of protected content
US10313365B2 (en) 2016-08-15 2019-06-04 International Business Machines Corporation Cognitive offense analysis using enriched graphs
US10706144B1 (en) 2016-09-09 2020-07-07 Bluerisc, Inc. Cyber defense with graph theoretical approach
US10567415B2 (en) 2016-09-15 2020-02-18 Arbor Networks, Inc. Visualization of network threat monitoring
CN106506556B (zh) 2016-12-29 2019-11-19 北京神州绿盟信息安全科技股份有限公司 一种网络流量异常检测方法及装置
US10356115B2 (en) 2017-03-31 2019-07-16 Level 3 Communications, Llc Creating aggregate network flow time series in network anomaly detection systems
RU2651196C1 (ru) 2017-06-16 2018-04-18 Акционерное общество "Лаборатория Касперского" Способ обнаружения аномальных событий по популярности свертки события
US20180373820A1 (en) 2017-06-26 2018-12-27 Akselos S.A. Methods and Systems for Constructing and Analyzing Component-Based Models of Engineering Systems Having Linear and Nonlinear Regions
US10181032B1 (en) * 2017-07-17 2019-01-15 Sift Science, Inc. System and methods for digital account threat detection
US10560487B2 (en) 2017-07-26 2020-02-11 International Business Machines Corporation Intrusion detection and mitigation in data processing
US11611574B2 (en) 2017-08-02 2023-03-21 Code42 Software, Inc. User behavior analytics for insider threat detection
CA3011936A1 (en) * 2017-08-03 2019-02-03 Interset Software, Inc. Systems and methods for discriminating between human and non-human interactions with computing devices on a computer network
US10530787B2 (en) 2017-08-30 2020-01-07 International Business Machines Corporation Detecting malware attacks using extracted behavioral features
US20190207966A1 (en) 2017-12-28 2019-07-04 Fireeye, Inc. Platform and Method for Enhanced Cyber-Attack Detection and Response Employing a Global Data Store
US10904277B1 (en) 2018-02-27 2021-01-26 Amazon Technologies, Inc. Threat intelligence system measuring network threat levels
US10999304B2 (en) 2018-04-11 2021-05-04 Palo Alto Networks (Israel Analytics) Ltd. Bind shell attack detection
US10762444B2 (en) 2018-09-06 2020-09-01 Quickpath, Inc. Real-time drift detection in machine learning systems and applications
US10880319B2 (en) 2018-04-26 2020-12-29 Micro Focus Llc Determining potentially malware generated domain names
US11212299B2 (en) * 2018-05-01 2021-12-28 Royal Bank Of Canada System and method for monitoring security attack chains
US10360367B1 (en) * 2018-06-07 2019-07-23 Capital One Services, Llc Multi-factor authentication devices
US11100199B2 (en) * 2018-08-30 2021-08-24 Servicenow, Inc. Automatically detecting misuse of licensed software
US10742481B2 (en) * 2018-10-31 2020-08-11 Microsoft Technology Licensing, Llc Near real time analytics
TWI729320B (zh) 2018-11-01 2021-06-01 財團法人資訊工業策進會 可疑封包偵測裝置及其可疑封包偵測方法
WO2020102696A1 (en) * 2018-11-15 2020-05-22 Airside Mobile, Inc. Methods and apparatus for encrypting, storing, and/or sharing sensitive data
US10958677B2 (en) 2018-12-18 2021-03-23 At&T Intellectual Property I, L.P. Risk identification for unlabeled threats in network traffic
US11184376B2 (en) 2019-01-30 2021-11-23 Palo Alto Networks (Israel Analytics) Ltd. Port scan detection using destination profiles
US11070569B2 (en) 2019-01-30 2021-07-20 Palo Alto Networks (Israel Analytics) Ltd. Detecting outlier pairs of scanned ports
US11316872B2 (en) 2019-01-30 2022-04-26 Palo Alto Networks (Israel Analytics) Ltd. Malicious port scan detection using port profiles
US11184377B2 (en) 2019-01-30 2021-11-23 Palo Alto Networks (Israel Analytics) Ltd. Malicious port scan detection using source profiles
US11501261B1 (en) * 2019-01-31 2022-11-15 Slack Technologies, Llc Aggregating an event occurrence feedback report within a group-based communication system
US11310257B2 (en) 2019-02-27 2022-04-19 Microsoft Technology Licensing, Llc Anomaly scoring using collaborative filtering
US11106789B2 (en) 2019-03-05 2021-08-31 Microsoft Technology Licensing, Llc Dynamic cybersecurity detection of sequence anomalies
US11531908B2 (en) 2019-03-12 2022-12-20 Ebay Inc. Enhancement of machine learning-based anomaly detection using knowledge graphs
US11126711B2 (en) 2019-04-09 2021-09-21 Jpmorgan Chase Bank, N.A. System and method for implementing a log source value tool for security information event management
US11899786B2 (en) 2019-04-15 2024-02-13 Crowdstrike, Inc. Detecting security-violation-associated event data
US12056922B2 (en) * 2019-04-26 2024-08-06 Samsara Inc. Event notification system
US11943237B2 (en) 2019-05-24 2024-03-26 International Business Machines Corporation Malicious peer identification for database block sequence
US11238154B2 (en) 2019-07-05 2022-02-01 Mcafee, Llc Multi-lateral process trees for malware remediation
US11477214B2 (en) 2019-12-10 2022-10-18 Fortinet, Inc. Cloud-based orchestration of incident response using multi-feed security event classifications with machine learning
US20210182387A1 (en) 2019-12-12 2021-06-17 International Business Machines Corporation Automated semantic modeling of system events
US11550902B2 (en) * 2020-01-02 2023-01-10 Microsoft Technology Licensing, Llc Using security event correlation to describe an authentication process
US20210224676A1 (en) 2020-01-17 2021-07-22 Microsoft Technology Licensing, Llc Systems and methods for distributed incident classification and routing
US11775639B2 (en) 2020-10-23 2023-10-03 Sophos Limited File integrity monitoring
US20220138856A1 (en) * 2020-11-04 2022-05-05 Td Ameritrade Ip Company, Inc. Recommendation System For Generating Personalized And Themed Recommendations On A User Interface Based On User Similarity
US11943235B2 (en) 2021-01-04 2024-03-26 Saudi Arabian Oil Company Detecting suspicious user logins in private networks using machine learning
US12238081B2 (en) 2021-12-01 2025-02-25 Paypal, Inc. Edge device representation learning

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6347374B1 (en) * 1998-06-05 2002-02-12 Intrusion.Com, Inc. Event detection
US20070073519A1 (en) * 2005-05-31 2007-03-29 Long Kurt J System and Method of Fraud and Misuse Detection Using Event Logs
JP2021523451A (ja) * 2018-05-08 2021-09-02 アップル インコーポレイテッドApple Inc. デバイスの使用管理

Also Published As

Publication number Publication date
EP4420020A1 (en) 2024-08-28
EP4420020B1 (en) 2026-04-01
US20230117268A1 (en) 2023-04-20
IL309373A (en) 2024-02-01
AU2022370400A1 (en) 2023-12-07
US12039017B2 (en) 2024-07-16
AU2022370400B2 (en) 2024-09-12
WO2023067425A1 (en) 2023-04-27

Similar Documents

Publication Publication Date Title
US11647043B2 (en) Identifying security actions based on computing asset relationship data
US20240089121A1 (en) Systems and methods for digital certificate security
EP4420020B1 (en) User entity normalization and association
US9503468B1 (en) Detecting suspicious web traffic from an enterprise network
US6708170B1 (en) Method and system for usage of non-local data within a lightweight directory access protocol directory environment
US8782748B2 (en) Online service access controls using scale out directory features
CN112714093B (zh) 一种账号异常检测方法、装置、系统及存储介质
EP1653710B1 (en) Securing LDAP (lightweight directory access protocol) traffic
US8739290B1 (en) Generating alerts in event management systems
EP2884715A1 (en) Correlation based security risk identification
US20090328215A1 (en) Semantic networks for intrusion detection
JP6490502B2 (ja) サイバー攻撃対策範囲優先度付けシステム、サイバー攻撃対策範囲優先度付け方法
US11770388B1 (en) Network infrastructure detection
US10326731B2 (en) Domain name service information propagation
US11630895B2 (en) System and method of changing the password of an account record under a threat of unlawful access to user data
US20080016563A1 (en) Systems and methods for measuring cyber based risks in an enterprise organization
US10333778B2 (en) Multiuser device staging
US20170118194A1 (en) Selective Password Synchronization
US20060092948A1 (en) Securing lightweight directory access protocol traffic
AU2022441431B2 (en) Agent prevention augmentation based on organizational learning
US11425156B2 (en) Dynamic gathering of attack symptoms
EP3674933A1 (en) System and method of changing the password of an account record under a threat of unlawful access to user data

Legal Events

Date Code Title Description
A711 Notification of change in applicant

Free format text: JAPANESE INTERMEDIATE CODE: A711

Effective date: 20250722

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20251006

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20251006

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20251006

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20251120

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20260203

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20260424