MX2019008799A - Aprendizaje continuo para la deteccion de intrusiones. - Google Patents
Aprendizaje continuo para la deteccion de intrusiones.Info
- Publication number
- MX2019008799A MX2019008799A MX2019008799A MX2019008799A MX2019008799A MX 2019008799 A MX2019008799 A MX 2019008799A MX 2019008799 A MX2019008799 A MX 2019008799A MX 2019008799 A MX2019008799 A MX 2019008799A MX 2019008799 A MX2019008799 A MX 2019008799A
- Authority
- MX
- Mexico
- Prior art keywords
- models
- data
- rolling
- window
- balancing
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/01—Probabilistic graphical models, e.g. probabilistic networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Algebra (AREA)
- Probability & Statistics with Applications (AREA)
- Data Mining & Analysis (AREA)
- Mathematical Physics (AREA)
- Computational Mathematics (AREA)
- Artificial Intelligence (AREA)
- Mathematical Analysis (AREA)
- Evolutionary Computation (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Peptides Or Proteins (AREA)
- Small-Scale Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
El equilibrio de las señales observadas usadas para entrenar modelos de detección de intrusión de red permite una distribución más exacta de recursos de cómputo para defender a la red de partes maliciosas. Los modelos se entrenan contra datos vivos definidos dentro de una ventana enrollable y datos históricos para detectar características definidas por los usuarios en los datos. Los ataques automatizados aseguran que varios tipos de ataques siempre están presentes en la ventana de entrenamiento enrollable. El conjunto de modelos constantemente se entrena para determinar qué modelo colocar en producción, para alertar a los analistas de intrusiones y/o para automáticamente desplegar contramedidas. Los modelos se actualizan continuamente a medida que las características son redefinidas y así los datos en la ventana enrollable cambian y el contenido de la ventana enrollable se equilibra para proporcionar datos suficientes de cada tipo observado mediante los cuales se entrenan los modelos. Cuando el conjunto de datos se equilibra, señales de poca población se sobreponen a las señales de alta población para equilibrar sus números relativos.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/419,933 US10397258B2 (en) | 2017-01-30 | 2017-01-30 | Continuous learning for intrusion detection |
PCT/US2018/014606 WO2018140335A1 (en) | 2017-01-30 | 2018-01-22 | Continuous learning for intrusion detection |
Publications (1)
Publication Number | Publication Date |
---|---|
MX2019008799A true MX2019008799A (es) | 2019-09-11 |
Family
ID=61163821
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
MX2019008799A MX2019008799A (es) | 2017-01-30 | 2018-01-22 | Aprendizaje continuo para la deteccion de intrusiones. |
Country Status (17)
Country | Link |
---|---|
US (2) | US10397258B2 (es) |
EP (1) | EP3574430B1 (es) |
JP (1) | JP7086972B2 (es) |
KR (1) | KR102480204B1 (es) |
CN (1) | CN110249331A (es) |
AU (1) | AU2018212470B2 (es) |
BR (1) | BR112019013603A2 (es) |
CA (1) | CA3049265A1 (es) |
CL (1) | CL2019002045A1 (es) |
CO (1) | CO2019007878A2 (es) |
IL (1) | IL268052B (es) |
MX (1) | MX2019008799A (es) |
PH (1) | PH12019550118A1 (es) |
RU (1) | RU2758041C2 (es) |
SG (1) | SG11201906575QA (es) |
WO (1) | WO2018140335A1 (es) |
ZA (1) | ZA201903697B (es) |
Families Citing this family (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106790292A (zh) * | 2017-03-13 | 2017-05-31 | 摩贝(上海)生物科技有限公司 | 基于行为特征匹配和分析的web应用层攻击检测与防御方法 |
US10186124B1 (en) | 2017-10-26 | 2019-01-22 | Scott Charles Mullins | Behavioral intrusion detection system |
US10673895B2 (en) | 2017-12-01 | 2020-06-02 | KnowBe4, Inc. | Systems and methods for AIDA based grouping |
US11315030B2 (en) * | 2018-03-06 | 2022-04-26 | Tazi AI Systems, Inc. | Continuously learning, stable and robust online machine learning system |
US10733287B2 (en) * | 2018-05-14 | 2020-08-04 | International Business Machines Corporation | Resiliency of machine learning models |
US11372893B2 (en) | 2018-06-01 | 2022-06-28 | Ntt Security Holdings Corporation | Ensemble-based data curation pipeline for efficient label propagation |
US11132445B2 (en) * | 2018-06-04 | 2021-09-28 | Hal A Aldridge | Combined analytical tools for electronic warfare and cybersecurity testing in embedded systems |
US10817604B1 (en) | 2018-06-19 | 2020-10-27 | Architecture Technology Corporation | Systems and methods for processing source codes to detect non-malicious faults |
US10749890B1 (en) | 2018-06-19 | 2020-08-18 | Architecture Technology Corporation | Systems and methods for improving the ranking and prioritization of attack-related events |
US11227047B1 (en) * | 2018-06-29 | 2022-01-18 | Fireeye Security Holdings Us Llc | System and method for improved end-to-end cybersecurity machine learning and deployment |
US11356440B2 (en) * | 2018-11-30 | 2022-06-07 | International Business Machines Corporation | Automated IoT device registration |
US11237713B2 (en) * | 2019-01-21 | 2022-02-01 | International Business Machines Corporation | Graphical user interface based feature extraction application for machine learning and cognitive models |
US11429713B1 (en) * | 2019-01-24 | 2022-08-30 | Architecture Technology Corporation | Artificial intelligence modeling for cyber-attack simulation protocols |
US11128654B1 (en) | 2019-02-04 | 2021-09-21 | Architecture Technology Corporation | Systems and methods for unified hierarchical cybersecurity |
SG10201901110RA (en) * | 2019-02-08 | 2020-09-29 | Accenture Global Solutions Ltd | Method and system for detecting and preventing malware execution in a target system |
US11252185B2 (en) | 2019-03-28 | 2022-02-15 | NTT Security Corporation | Graph stream mining pipeline for efficient subgraph detection |
US11875252B2 (en) | 2019-05-17 | 2024-01-16 | Robert Bosch Gmbh | Neural network including a neural network projection layer configured for a summing parameter |
US11403405B1 (en) | 2019-06-27 | 2022-08-02 | Architecture Technology Corporation | Portable vulnerability identification tool for embedded non-IP devices |
US11954602B1 (en) * | 2019-07-10 | 2024-04-09 | Optum, Inc. | Hybrid-input predictive data analysis |
US11303653B2 (en) | 2019-08-12 | 2022-04-12 | Bank Of America Corporation | Network threat detection and information security using machine learning |
CN110837644B (zh) * | 2019-10-15 | 2021-07-30 | 深圳开源互联网安全技术有限公司 | 一种系统渗透测试方法、装置及终端设备 |
US11444974B1 (en) | 2019-10-23 | 2022-09-13 | Architecture Technology Corporation | Systems and methods for cyber-physical threat modeling |
CN110969186B (zh) * | 2019-10-28 | 2023-04-07 | 浙江工业大学 | 基于通道检测的面向无线信号识别的对抗攻击防御方法与装置 |
US11750634B1 (en) * | 2019-12-12 | 2023-09-05 | Amazon Technologies, Inc. | Threat detection model development for network-based systems |
US11503075B1 (en) | 2020-01-14 | 2022-11-15 | Architecture Technology Corporation | Systems and methods for continuous compliance of nodes |
US11323473B2 (en) | 2020-01-31 | 2022-05-03 | Bank Of America Corporation | Network threat prevention and information security using machine learning |
CN111478913B (zh) * | 2020-04-13 | 2022-01-21 | 广东电网有限责任公司东莞供电局 | 配用电通信网络的网络入侵检测方法、装置及存储介质 |
CN112052245B (zh) * | 2020-09-11 | 2022-10-21 | 中国人民解放军战略支援部队信息工程大学 | 网络安全训练中攻击行为的评判方法和装置 |
US11514173B2 (en) | 2020-12-02 | 2022-11-29 | International Business Machines Corporation | Predicting software security exploits by monitoring software events |
KR102229613B1 (ko) * | 2021-01-11 | 2021-03-18 | 펜타시큐리티시스템 주식회사 | 머신러닝 자가점검 기능을 이용하는 비대면 인증 기반 웹방화벽 유지보수 방법 및 장치 |
US11740618B2 (en) | 2021-04-23 | 2023-08-29 | General Electric Company | Systems and methods for global cyber-attack or fault detection model |
US11483322B1 (en) * | 2021-09-30 | 2022-10-25 | Atlassian Pty Ltd | Proactive suspicious activity monitoring for a software application framework |
CN114615052A (zh) * | 2022-03-10 | 2022-06-10 | 南京理工大学 | 一种基于知识编译的入侵检测方法及系统 |
EP4329243A1 (de) * | 2022-08-25 | 2024-02-28 | DGC Switzerland AG | Computerimplementiertes verfahren zum automatisierten absichern eines rechnersystems |
CN116886448B (zh) * | 2023-09-07 | 2023-12-01 | 卓望数码技术(深圳)有限公司 | 一种基于半监督学习的DDoS攻击告警研判方法以及装置 |
Family Cites Families (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
OA12153A (fr) | 1999-08-30 | 2006-05-08 | Nagracard Sa | Méthode d'encryptage multi-modules. |
US6769066B1 (en) * | 1999-10-25 | 2004-07-27 | Visa International Service Association | Method and apparatus for training a neural network model for use in computer network intrusion detection |
US7072876B1 (en) * | 2000-09-19 | 2006-07-04 | Cigital | System and method for mining execution traces with finite automata |
US6944616B2 (en) * | 2001-11-28 | 2005-09-13 | Pavilion Technologies, Inc. | System and method for historical database training of support vector machines |
US9306966B2 (en) * | 2001-12-14 | 2016-04-05 | The Trustees Of Columbia University In The City Of New York | Methods of unsupervised anomaly detection using a geometric framework |
US7225343B1 (en) | 2002-01-25 | 2007-05-29 | The Trustees Of Columbia University In The City Of New York | System and methods for adaptive model generation for detecting intrusions in computer systems |
US20030188189A1 (en) | 2002-03-27 | 2003-10-02 | Desai Anish P. | Multi-level and multi-platform intrusion detection and response system |
US7454499B2 (en) | 2002-11-07 | 2008-11-18 | Tippingpoint Technologies, Inc. | Active network defense system and method |
FR2847360B1 (fr) | 2002-11-14 | 2005-02-04 | Eads Defence & Security Ntwk | Procede et dispositif d'analyse de la securite d'un systeme d'information |
JP2004312083A (ja) | 2003-04-02 | 2004-11-04 | Kddi Corp | 学習データ作成装置、侵入検知システムおよびプログラム |
US8528086B1 (en) * | 2004-04-01 | 2013-09-03 | Fireeye, Inc. | System and method of detecting computer worms |
US7610375B2 (en) | 2004-10-28 | 2009-10-27 | Cisco Technology, Inc. | Intrusion detection in a data center environment |
US7725735B2 (en) * | 2005-03-29 | 2010-05-25 | International Business Machines Corporation | Source code management method for malicious code detection |
US7690037B1 (en) | 2005-07-13 | 2010-03-30 | Symantec Corporation | Filtering training data for machine learning |
US8789172B2 (en) * | 2006-09-18 | 2014-07-22 | The Trustees Of Columbia University In The City Of New York | Methods, media, and systems for detecting attack on a digital processing device |
US20080083029A1 (en) * | 2006-09-29 | 2008-04-03 | Alcatel | Intelligence Network Anomaly Detection Using A Type II Fuzzy Neural Network |
US7941382B2 (en) | 2007-10-12 | 2011-05-10 | Microsoft Corporation | Method of classifying and active learning that ranks entries based on multiple scores, presents entries to human analysts, and detects and/or prevents malicious behavior |
WO2009097610A1 (en) | 2008-02-01 | 2009-08-06 | Northeastern University | A vmm-based intrusion detection system |
IL191744A0 (en) * | 2008-05-27 | 2009-02-11 | Yuval Elovici | Unknown malcode detection using classifiers with optimal training sets |
US8635171B1 (en) | 2009-08-17 | 2014-01-21 | Symantec Corporation | Systems and methods for reducing false positives produced by heuristics |
US8521667B2 (en) * | 2010-12-15 | 2013-08-27 | Microsoft Corporation | Detection and categorization of malicious URLs |
US8762298B1 (en) | 2011-01-05 | 2014-06-24 | Narus, Inc. | Machine learning based botnet detection using real-time connectivity graph based traffic features |
CN102158486A (zh) * | 2011-04-02 | 2011-08-17 | 华北电力大学 | 一种网络入侵快速检测方法 |
RU2523114C2 (ru) * | 2012-04-06 | 2014-07-20 | Закрытое акционерное общество "Лаборатория Касперского" | Способ анализа вредоносной активности в сети интернет, выявления вредоносных узлов сети и ближайших узлов-посредников |
KR101587959B1 (ko) | 2012-06-05 | 2016-01-25 | 엠파이어 테크놀로지 디벨롭먼트 엘엘씨 | 서버측 멀티 타깃 침입을 검출하기 위한 크로스 사용자 상관관계 |
KR101868893B1 (ko) * | 2012-07-09 | 2018-06-19 | 한국전자통신연구원 | 네트워크 보안 상황 시각화 방법 및 그 장치 |
US9386030B2 (en) * | 2012-09-18 | 2016-07-05 | Vencore Labs, Inc. | System and method for correlating historical attacks with diverse indicators to generate indicator profiles for detecting and predicting future network attacks |
US8955138B1 (en) * | 2013-07-11 | 2015-02-10 | Symantec Corporation | Systems and methods for reevaluating apparently benign behavior on computing devices |
US9306962B1 (en) * | 2013-07-25 | 2016-04-05 | Niddel Corp | Systems and methods for classifying malicious network events |
US9497204B2 (en) * | 2013-08-30 | 2016-11-15 | Ut-Battelle, Llc | In-situ trainable intrusion detection system |
US9485263B2 (en) | 2014-07-16 | 2016-11-01 | Microsoft Technology Licensing, Llc | Volatility-based classifier for security solutions |
US11122058B2 (en) | 2014-07-23 | 2021-09-14 | Seclytics, Inc. | System and method for the automated detection and prediction of online threats |
US9591006B2 (en) | 2014-09-18 | 2017-03-07 | Microsoft Technology Licensing, Llc | Lateral movement detection |
US9985984B1 (en) * | 2014-10-27 | 2018-05-29 | National Technology & Engineering Solutions Of Sandia, Llc | Dynamic defense and network randomization for computer systems |
US9043894B1 (en) | 2014-11-06 | 2015-05-26 | Palantir Technologies Inc. | Malicious software detection in a computing system |
US20160308725A1 (en) | 2015-04-16 | 2016-10-20 | Nec Laboratories America, Inc. | Integrated Community And Role Discovery In Enterprise Networks |
US9723016B2 (en) | 2015-05-14 | 2017-08-01 | International Business Machines Corporation | Detecting web exploit kits by tree-based structural similarity search |
US9959407B1 (en) * | 2016-03-15 | 2018-05-01 | Symantec Corporation | Systems and methods for identifying potentially malicious singleton files |
US20170372224A1 (en) * | 2016-06-28 | 2017-12-28 | General Electric Company | Deep learning for imputation of industrial multivariate time-series |
CN106357618B (zh) * | 2016-08-26 | 2020-10-16 | 北京奇虎科技有限公司 | 一种Web异常检测方法和装置 |
-
2017
- 2017-01-30 US US15/419,933 patent/US10397258B2/en active Active
-
2018
- 2018-01-22 AU AU2018212470A patent/AU2018212470B2/en active Active
- 2018-01-22 CA CA3049265A patent/CA3049265A1/en active Pending
- 2018-01-22 RU RU2019126640A patent/RU2758041C2/ru active
- 2018-01-22 WO PCT/US2018/014606 patent/WO2018140335A1/en unknown
- 2018-01-22 JP JP2019541304A patent/JP7086972B2/ja active Active
- 2018-01-22 MX MX2019008799A patent/MX2019008799A/es unknown
- 2018-01-22 CN CN201880008704.XA patent/CN110249331A/zh active Pending
- 2018-01-22 BR BR112019013603-7A patent/BR112019013603A2/pt unknown
- 2018-01-22 KR KR1020197022466A patent/KR102480204B1/ko active IP Right Grant
- 2018-01-22 SG SG11201906575QA patent/SG11201906575QA/en unknown
- 2018-01-22 EP EP18703428.5A patent/EP3574430B1/en active Active
-
2019
- 2019-06-10 ZA ZA2019/03697A patent/ZA201903697B/en unknown
- 2019-06-28 PH PH12019550118A patent/PH12019550118A1/en unknown
- 2019-07-14 IL IL268052A patent/IL268052B/en unknown
- 2019-07-17 US US16/514,729 patent/US11689549B2/en active Active
- 2019-07-22 CO CONC2019/0007878A patent/CO2019007878A2/es unknown
- 2019-07-22 CL CL2019002045A patent/CL2019002045A1/es unknown
Also Published As
Publication number | Publication date |
---|---|
RU2758041C2 (ru) | 2021-10-25 |
EP3574430A1 (en) | 2019-12-04 |
KR102480204B1 (ko) | 2022-12-21 |
BR112019013603A2 (pt) | 2020-01-07 |
PH12019550118A1 (en) | 2019-12-02 |
AU2018212470A1 (en) | 2019-07-04 |
RU2019126640A3 (es) | 2021-05-04 |
ZA201903697B (en) | 2020-10-28 |
SG11201906575QA (en) | 2019-08-27 |
CO2019007878A2 (es) | 2019-07-31 |
AU2018212470B2 (en) | 2022-01-20 |
JP7086972B2 (ja) | 2022-06-20 |
IL268052A (en) | 2019-09-26 |
RU2019126640A (ru) | 2021-03-01 |
WO2018140335A1 (en) | 2018-08-02 |
US11689549B2 (en) | 2023-06-27 |
EP3574430B1 (en) | 2021-02-24 |
CA3049265A1 (en) | 2018-08-02 |
CL2019002045A1 (es) | 2019-12-13 |
US10397258B2 (en) | 2019-08-27 |
CN110249331A (zh) | 2019-09-17 |
KR20190109427A (ko) | 2019-09-25 |
NZ754552A (en) | 2023-10-27 |
US20190342319A1 (en) | 2019-11-07 |
IL268052B (en) | 2022-03-01 |
JP2020505707A (ja) | 2020-02-20 |
US20180219887A1 (en) | 2018-08-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
PH12019550118A1 (en) | Continuous learning for intrusion detection | |
WO2018231708A3 (en) | LEARNING ROBUST MACHINE ANTI-CONTRADICTORY | |
WO2020040803A3 (en) | Multi-layer data model for security analytics | |
AU2016202184B1 (en) | Event correlation across heterogeneous operations | |
AU2015200905B9 (en) | Method and system for providing an efficient vulnerability management and verification service | |
CN102724199B (zh) | 基于贝叶斯网络推理的攻击意图识别方法 | |
WO2018107048A3 (en) | Prevention of malicious automation attacks on a web service | |
CN104811452A (zh) | 一种基于数据挖掘的自学习分级预警入侵检测系统 | |
GB2548270A (en) | A Method and system for network access control based on traffic monitoring and vulnerability detection using process related information | |
WO2013188611A3 (en) | Real-time reporting of anomalous internet protocol attacks | |
WO2014145076A3 (en) | Crowdsourcing domain specific intelligence | |
WO2013067461A3 (en) | Identifying associations in data | |
WO2010088550A3 (en) | A method and apparatus for excessive access rate detection | |
WO2013164821A3 (en) | Detection and prevention for malicious threats | |
WO2019018033A3 (en) | METHODS, SYSTEMS AND MEDIA FOR TESTING INTERNAL THREAT DETECTION SYSTEMS | |
WO2020009881A8 (en) | Analyzing and correcting vulnerabilities in neural networks | |
WO2013175194A3 (en) | Detection of intermodulation products | |
WO2015187754A3 (en) | User location interest inferences | |
MX2018001483A (es) | Sistemas y metodos para detectar tornados. | |
WO2014117064A3 (en) | System and method for detecting a compromised computing system | |
SA518391755B1 (ar) | بروتوكول اتصال من طبقات متشابكة واعي بالبيئة في خزانات النفط الجوفية | |
GB2557487A (en) | System for financial information reporting | |
WO2015127170A3 (en) | Method and system for providing a robust and efficient virtual asset vulnerability management and verification service | |
IL253987B (en) | A system and method for identifying cyber threats | |
CN105471623A (zh) | 一种基于模糊场景的关键ip地址安全报警关联分析方法 |