JP4808703B2 - 改良型侵入検出監査およびインテリジェント・セキュリティ分析の比較を使用して関連するネットワーク・セキュリティの脅威を識別するための方法およびシステム - Google Patents
改良型侵入検出監査およびインテリジェント・セキュリティ分析の比較を使用して関連するネットワーク・セキュリティの脅威を識別するための方法およびシステム Download PDFInfo
- Publication number
- JP4808703B2 JP4808703B2 JP2007507357A JP2007507357A JP4808703B2 JP 4808703 B2 JP4808703 B2 JP 4808703B2 JP 2007507357 A JP2007507357 A JP 2007507357A JP 2007507357 A JP2007507357 A JP 2007507357A JP 4808703 B2 JP4808703 B2 JP 4808703B2
- Authority
- JP
- Japan
- Prior art keywords
- intrusion
- threats
- detector
- network
- security threats
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
- Investigating Or Analyzing Materials By The Use Of Electric Means (AREA)
- Measurement Of Resistance Or Impedance (AREA)
Description
Claims (1)
- 少なくとも1つの可能性のある侵入(ネットワークからのアクセスがあったときにそれが侵入である可能性があるもの)を特定するために少なくとも1つのタクソノミを利用する、ネットワーク・スキャナと、
少なくとも1つの実際の侵入を検出する、侵入検出器と、
前記少なくとも1つのタクソノミを更新するために、前記少なくとも1つの可能性のある侵入と前記少なくとも1つの実際の侵入とを比較する、偽陽性/真陽性(FPTP)検出器とを備え、
前記FPTP検出器が、前記少なくとも1つの可能性のある侵入を、良性である場合に偽陽性に分類し、実際の侵入である場合に真陽性に分類する、情報技術(IT)インフラストラクチャに結合された、コンピュータ・セキュリティの脅威を特定するための装置。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/821,042 | 2004-04-08 | ||
US10/821,042 US7406606B2 (en) | 2004-04-08 | 2004-04-08 | Method and system for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis |
PCT/US2005/010358 WO2005101720A2 (en) | 2004-04-08 | 2005-03-29 | Method and system for distinguishing network threats from false positives |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2007533001A JP2007533001A (ja) | 2007-11-15 |
JP2007533001A5 JP2007533001A5 (ja) | 2011-04-14 |
JP4808703B2 true JP4808703B2 (ja) | 2011-11-02 |
Family
ID=35062061
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2007507357A Active JP4808703B2 (ja) | 2004-04-08 | 2005-03-29 | 改良型侵入検出監査およびインテリジェント・セキュリティ分析の比較を使用して関連するネットワーク・セキュリティの脅威を識別するための方法およびシステム |
Country Status (10)
Country | Link |
---|---|
US (1) | US7406606B2 (ja) |
EP (1) | EP1741223B1 (ja) |
JP (1) | JP4808703B2 (ja) |
KR (1) | KR101013264B1 (ja) |
CN (1) | CN100456258C (ja) |
AT (1) | ATE470301T1 (ja) |
CA (1) | CA2562358C (ja) |
DE (1) | DE602005021630D1 (ja) |
TW (1) | TWI335504B (ja) |
WO (1) | WO2005101720A2 (ja) |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060101516A1 (en) * | 2004-10-12 | 2006-05-11 | Sushanthan Sudaharan | Honeynet farms as an early warning system for production networks |
KR100891329B1 (ko) | 2007-01-26 | 2009-03-31 | 삼성전자주식회사 | 반도체 소자 및 그 제조 방법 |
FR2918813B1 (fr) * | 2007-07-12 | 2012-11-16 | Augier S A | "systeme de gestion d'un reseau d'eclairage" |
EP2040435B1 (en) * | 2007-09-19 | 2013-11-06 | Alcatel Lucent | Intrusion detection method and system |
US20090297043A1 (en) * | 2008-05-28 | 2009-12-03 | International Business Machines Corporation | Pattern scanner and editor for security audit systems |
KR101394591B1 (ko) * | 2012-11-23 | 2014-05-12 | 건국대학교 산학협력단 | 네트워크의 침입을 탐지하는 방법, 시스템 및 컴퓨터 판독 가능한 기록 매체 |
SG11201703164RA (en) | 2014-10-21 | 2017-05-30 | Ironnet Cybersecurity Inc | Cybersecurity system |
US10476947B1 (en) | 2015-03-02 | 2019-11-12 | F5 Networks, Inc | Methods for managing web applications and devices thereof |
US11616806B1 (en) | 2015-05-08 | 2023-03-28 | F5, Inc. | Methods for protecting web based resources from D/DoS attacks and devices thereof |
US9923910B2 (en) | 2015-10-05 | 2018-03-20 | Cisco Technology, Inc. | Dynamic installation of behavioral white labels |
US10834110B1 (en) * | 2015-12-18 | 2020-11-10 | F5 Networks, Inc. | Methods for preventing DDoS attack based on adaptive self learning of session and transport layers and devices thereof |
US10397250B1 (en) | 2016-01-21 | 2019-08-27 | F5 Networks, Inc. | Methods for detecting remote access trojan malware and devices thereof |
EP3338205B1 (en) | 2016-07-14 | 2019-05-01 | Ironnet Cybersecurity, Inc. | Simulation and virtual reality based cyber behavioral system |
US10432652B1 (en) | 2016-09-20 | 2019-10-01 | F5 Networks, Inc. | Methods for detecting and mitigating malicious network behavior and devices thereof |
US11038869B1 (en) | 2017-05-12 | 2021-06-15 | F5 Networks, Inc. | Methods for managing a federated identity environment based on application availability and devices thereof |
US10931691B1 (en) | 2017-10-09 | 2021-02-23 | F5 Networks, Inc. | Methods for detecting and mitigating brute force credential stuffing attacks and devices thereof |
US11539740B1 (en) | 2018-02-02 | 2022-12-27 | F5, Inc. | Methods for protecting CPU during DDoS attack and devices thereof |
US11349981B1 (en) | 2019-10-30 | 2022-05-31 | F5, Inc. | Methods for optimizing multimedia communication and devices thereof |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001084270A2 (en) * | 2000-04-28 | 2001-11-08 | Internet Security Systems, Inc. | Method and system for intrusion detection in a computer network |
JP2003283572A (ja) * | 2002-03-22 | 2003-10-03 | Nippon Telegr & Teleph Corp <Ntt> | 分散型サービス不能攻撃防止方法及びゲート装置、通信装置ならびにプログラム |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6088804A (en) * | 1998-01-12 | 2000-07-11 | Motorola, Inc. | Adaptive system and method for responding to computer network security attacks |
US6282546B1 (en) * | 1998-06-30 | 2001-08-28 | Cisco Technology, Inc. | System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment |
EP1305688A2 (en) * | 2000-05-28 | 2003-05-02 | Yaron Mayer | System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages |
US7437762B2 (en) * | 2001-11-29 | 2008-10-14 | International Business Machines Corporation | Method, computer program element and a system for processing alarms triggered by a monitoring system |
EP1512075A1 (en) * | 2002-05-22 | 2005-03-09 | Lucid Security Corporation | Adaptive intrusion detection system |
-
2004
- 2004-04-08 US US10/821,042 patent/US7406606B2/en active Active
-
2005
- 2005-03-29 AT AT05730339T patent/ATE470301T1/de not_active IP Right Cessation
- 2005-03-29 KR KR1020067020202A patent/KR101013264B1/ko not_active IP Right Cessation
- 2005-03-29 CN CNB200580010457XA patent/CN100456258C/zh active Active
- 2005-03-29 WO PCT/US2005/010358 patent/WO2005101720A2/en active Application Filing
- 2005-03-29 JP JP2007507357A patent/JP4808703B2/ja active Active
- 2005-03-29 DE DE602005021630T patent/DE602005021630D1/de active Active
- 2005-03-29 EP EP05730339A patent/EP1741223B1/en active Active
- 2005-03-29 CA CA2562358A patent/CA2562358C/en active Active
- 2005-04-04 TW TW094110749A patent/TWI335504B/zh not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001084270A2 (en) * | 2000-04-28 | 2001-11-08 | Internet Security Systems, Inc. | Method and system for intrusion detection in a computer network |
JP2003283572A (ja) * | 2002-03-22 | 2003-10-03 | Nippon Telegr & Teleph Corp <Ntt> | 分散型サービス不能攻撃防止方法及びゲート装置、通信装置ならびにプログラム |
Also Published As
Publication number | Publication date |
---|---|
TW200613969A (en) | 2006-05-01 |
WO2005101720A3 (en) | 2006-12-21 |
WO2005101720A2 (en) | 2005-10-27 |
CA2562358C (en) | 2014-03-25 |
US20050229253A1 (en) | 2005-10-13 |
TWI335504B (en) | 2011-01-01 |
EP1741223A2 (en) | 2007-01-10 |
EP1741223A4 (en) | 2008-07-23 |
KR20070008611A (ko) | 2007-01-17 |
CN1961323A (zh) | 2007-05-09 |
EP1741223B1 (en) | 2010-06-02 |
DE602005021630D1 (de) | 2010-07-15 |
KR101013264B1 (ko) | 2011-02-11 |
JP2007533001A (ja) | 2007-11-15 |
CA2562358A1 (en) | 2005-10-27 |
ATE470301T1 (de) | 2010-06-15 |
CN100456258C (zh) | 2009-01-28 |
US7406606B2 (en) | 2008-07-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4808703B2 (ja) | 改良型侵入検出監査およびインテリジェント・セキュリティ分析の比較を使用して関連するネットワーク・セキュリティの脅威を識別するための方法およびシステム | |
US20200389495A1 (en) | Secure policy-controlled processing and auditing on regulated data sets | |
US11271955B2 (en) | Platform and method for retroactive reclassification employing a cybersecurity-based global data store | |
US10601848B1 (en) | Cyber-security system and method for weak indicator detection and correlation to generate strong indicators | |
US11949692B1 (en) | Method and system for efficient cybersecurity analysis of endpoint events | |
US9832214B2 (en) | Method and apparatus for classifying and combining computer attack information | |
US11218510B2 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
US20180248902A1 (en) | Malicious activity detection on a computer network and network metadata normalisation | |
Bryant et al. | Improving SIEM alert metadata aggregation with a novel kill-chain based classification model | |
US9900335B2 (en) | Systems and methods for prioritizing indicators of compromise | |
Xiao et al. | From patching delays to infection symptoms: Using risk profiles for an early discovery of vulnerabilities exploited in the wild | |
US20220210202A1 (en) | Advanced cybersecurity threat mitigation using software supply chain analysis | |
CN113168469B (zh) | 用于行为威胁检测的系统及方法 | |
Avalappampatty Sivasamy et al. | A dynamic intrusion detection system based on multivariate Hotelling’s T2 statistics approach for network environments | |
EP3660719A1 (en) | Method for detecting intrusions in an audit log | |
Li et al. | Operational security log analytics for enterprise breach detection | |
EP3414683B1 (en) | Comparison of behavioral populations for security and compliance monitoring | |
US11258806B1 (en) | System and method for automatically associating cybersecurity intelligence to cyberthreat actors | |
US11336534B2 (en) | Network operation | |
Kim | Potential risk analysis method for malware distribution networks | |
Magán-Carrión et al. | Multivariate statistical network monitoring–sensor: an effective tool for real-time monitoring and anomaly detection in complex networks and systems | |
US11863577B1 (en) | Data collection and analytics pipeline for cybersecurity | |
Ponnusamy et al. | Investigation on iot intrusion detection in wireless environment | |
US20210288986A1 (en) | Data exfiltration detector | |
Diaz-Honrubia et al. | A trusted platform module-based, pre-emptive and dynamic asset discovery tool |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20080208 |
|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20080208 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20101124 |
|
A524 | Written submission of copy of amendment under article 19 pct |
Free format text: JAPANESE INTERMEDIATE CODE: A524 Effective date: 20110222 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110223 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20110322 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110720 |
|
A911 | Transfer to examiner for re-examination before appeal (zenchi) |
Free format text: JAPANESE INTERMEDIATE CODE: A911 Effective date: 20110725 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20110809 |
|
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20110817 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140826 Year of fee payment: 3 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 4808703 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 Free format text: JAPANESE INTERMEDIATE CODE: R150 |