MX2021012614A - Deteccion de exposicion de datos confidenciales a traves de registro. - Google Patents
Deteccion de exposicion de datos confidenciales a traves de registro.Info
- Publication number
- MX2021012614A MX2021012614A MX2021012614A MX2021012614A MX2021012614A MX 2021012614 A MX2021012614 A MX 2021012614A MX 2021012614 A MX2021012614 A MX 2021012614A MX 2021012614 A MX2021012614 A MX 2021012614A MX 2021012614 A MX2021012614 A MX 2021012614A
- Authority
- MX
- Mexico
- Prior art keywords
- attack
- cyber
- partial
- pattern
- sensitive data
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/15—Correlation function computation including computation of convolution operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Mathematical Optimization (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Mathematical Physics (AREA)
- Algebra (AREA)
- Databases & Information Systems (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Se proporciona un método implementado por computadora para identificar dinámicamente amenazas de seguridad que comprende una cadena de ciberataques compuesta por una secuencia de ciberataques parciales representados por patrones de ataque. El método comprende recibir una secuencia de eventos de seguridad, determinar, un primer patrón de ciberataque al aplicar un conjunto de reglas predefinidas para detectar un indicador de compromiso de un primer ciberataque parcial de la cadena de ciberataques - identificando así una cadena de ciberataques específica - y determinar un tipo y un atributo en el patrón del primer ciberataque parcial. El método comprende además configurar al menos una regla para un ciberataque parcial corriente abajo en la cadena de ciberataques específica con base en el tipo y el atributo en el patrón de ataque del primer ciberataque parcial, y añadir la por lo menos una regla configurada al conjunto de reglas predefinidas que se van a utilizar por el motor de correlación para identificar de forma dinámica las amenazas a la seguridad.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/387,632 US11431734B2 (en) | 2019-04-18 | 2019-04-18 | Adaptive rule generation for security event correlation |
PCT/EP2020/058028 WO2020212093A1 (en) | 2019-04-18 | 2020-03-23 | Detecting sensitive data exposure via logging |
Publications (1)
Publication Number | Publication Date |
---|---|
MX2021012614A true MX2021012614A (es) | 2021-11-12 |
Family
ID=69960641
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
MX2021012614A MX2021012614A (es) | 2019-04-18 | 2020-03-23 | Deteccion de exposicion de datos confidenciales a traves de registro. |
Country Status (12)
Country | Link |
---|---|
US (1) | US11431734B2 (es) |
EP (1) | EP3957042A1 (es) |
JP (1) | JP2022529220A (es) |
KR (1) | KR102612500B1 (es) |
CN (1) | CN113661693B (es) |
AU (1) | AU2020257925B2 (es) |
BR (1) | BR112021020850A2 (es) |
CA (1) | CA3137249A1 (es) |
IL (1) | IL286611A (es) |
MX (1) | MX2021012614A (es) |
SG (1) | SG11202109795WA (es) |
WO (1) | WO2020212093A1 (es) |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10841337B2 (en) | 2016-11-28 | 2020-11-17 | Secureworks Corp. | Computer implemented system and method, and computer program product for reversibly remediating a security risk |
US10735470B2 (en) | 2017-11-06 | 2020-08-04 | Secureworks Corp. | Systems and methods for sharing, distributing, or accessing security data and/or security applications, models, or analytics |
WO2020183615A1 (ja) * | 2019-03-12 | 2020-09-17 | 三菱電機株式会社 | 攻撃推定装置、攻撃制御方法、および攻撃推定プログラム |
EP3712721A1 (de) * | 2019-03-19 | 2020-09-23 | Siemens Aktiengesellschaft | Sicherheitsrelevante diagnosemeldungen |
US11431734B2 (en) | 2019-04-18 | 2022-08-30 | Kyndryl, Inc. | Adaptive rule generation for security event correlation |
US11418524B2 (en) * | 2019-05-07 | 2022-08-16 | SecureworksCorp. | Systems and methods of hierarchical behavior activity modeling and detection for systems-level security |
US11522877B2 (en) | 2019-12-16 | 2022-12-06 | Secureworks Corp. | Systems and methods for identifying malicious actors or activities |
US11669615B2 (en) * | 2020-07-23 | 2023-06-06 | Mcafee, Llc | Skewness in indicators of compromise |
US11588834B2 (en) * | 2020-09-03 | 2023-02-21 | Secureworks Corp. | Systems and methods for identifying attack patterns or suspicious activity in client networks |
CN112351017B (zh) * | 2020-10-28 | 2022-08-26 | 北京奇虎科技有限公司 | 横向渗透防护方法、装置、设备及存储介质 |
US11539737B2 (en) * | 2020-10-28 | 2022-12-27 | Kyndryl, Inc. | Adaptive security for resource constraint devices |
AT523933B1 (de) * | 2020-11-18 | 2022-01-15 | Ait Austrian Inst Tech Gmbh | Verfahren zur Klassifizierung von anomalen Betriebszuständen eines Computernetzwerks |
JP7427574B2 (ja) | 2020-11-30 | 2024-02-05 | 株式会社日立製作所 | 状態診断装置、及び状態診断方法 |
CN114650146A (zh) * | 2020-12-02 | 2022-06-21 | 中国电信股份有限公司 | 攻击溯源方法及装置、计算机可存储介质 |
CN114697057B (zh) * | 2020-12-28 | 2023-02-10 | 华为技术有限公司 | 获取编排剧本信息的方法、装置及存储介质 |
US11528294B2 (en) | 2021-02-18 | 2022-12-13 | SecureworksCorp. | Systems and methods for automated threat detection |
CN113259371B (zh) * | 2021-06-03 | 2022-04-19 | 上海雾帜智能科技有限公司 | 基于soar系统的网络攻击事件阻止方法及系统 |
CN113591092B (zh) * | 2021-06-22 | 2023-05-09 | 中国电子科技集团公司第三十研究所 | 一种基于漏洞组合的攻击链构建方法 |
CN113452700B (zh) * | 2021-06-25 | 2022-12-27 | 阿波罗智联(北京)科技有限公司 | 处理安全信息的方法、装置、设备以及存储介质 |
CN113765915B (zh) * | 2021-09-06 | 2023-04-21 | 杭州安恒信息技术股份有限公司 | 网络事件分析方法、系统、可读存储介质及计算机设备 |
JP7230146B1 (ja) | 2021-09-24 | 2023-02-28 | エヌ・ティ・ティ・コミュニケーションズ株式会社 | 車両セキュリティ分析装置、方法およびそのプログラム |
CN114095274B (zh) * | 2021-12-10 | 2023-11-10 | 北京天融信网络安全技术有限公司 | 一种攻击研判方法及装置 |
CN114430335A (zh) * | 2021-12-16 | 2022-05-03 | 奇安信科技集团股份有限公司 | web指纹匹配方法及装置 |
CN114301692B (zh) * | 2021-12-29 | 2023-12-12 | 中国电信股份有限公司 | 攻击预测方法、装置、介质及设备 |
CN114124587B (zh) * | 2022-01-29 | 2022-06-28 | 北京安帝科技有限公司 | 一种攻击链的处理方法、系统及电子设备 |
CN114866355B (zh) * | 2022-07-06 | 2023-04-28 | 浙江国利网安科技有限公司 | 一种报文流转发方法、装置、计算机设备 |
CN115883218B (zh) * | 2022-12-02 | 2024-04-12 | 中国人民解放军国防科技大学 | 基于多模态数据模型的复合攻击链补全方法、系统及介质 |
Family Cites Families (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7644365B2 (en) | 2003-09-12 | 2010-01-05 | Cisco Technology, Inc. | Method and system for displaying network security incidents |
JP3999188B2 (ja) * | 2003-10-28 | 2007-10-31 | 富士通株式会社 | 不正アクセス検知装置、不正アクセス検知方法および不正アクセス検知プログラム |
US9686293B2 (en) | 2011-11-03 | 2017-06-20 | Cyphort Inc. | Systems and methods for malware detection and mitigation |
WO2016014021A1 (en) * | 2014-07-21 | 2016-01-28 | Hewlett-Packard Development Company, L.P. | Security indicator linkage determination |
US9716721B2 (en) | 2014-08-29 | 2017-07-25 | Accenture Global Services Limited | Unstructured security threat information analysis |
US9882929B1 (en) * | 2014-09-30 | 2018-01-30 | Palo Alto Networks, Inc. | Dynamic selection and generation of a virtual clone for detonation of suspicious content within a honey network |
US20160219066A1 (en) | 2015-01-26 | 2016-07-28 | Cisco Technology, Inc. | Event correlation in a network merging local graph models from distributed nodes |
US10298607B2 (en) | 2015-04-16 | 2019-05-21 | Nec Corporation | Constructing graph models of event correlation in enterprise security systems |
US10043006B2 (en) * | 2015-06-17 | 2018-08-07 | Accenture Global Services Limited | Event anomaly analysis and prediction |
US9516052B1 (en) | 2015-08-01 | 2016-12-06 | Splunk Inc. | Timeline displays of network security investigation events |
US9699205B2 (en) | 2015-08-31 | 2017-07-04 | Splunk Inc. | Network security system |
US10641585B2 (en) | 2016-03-08 | 2020-05-05 | Raytheon Company | System and method for integrated and synchronized planning and response to defeat disparate threats over the threat kill chain with combined cyber, electronic warfare and kinetic effects |
US20170289191A1 (en) * | 2016-03-31 | 2017-10-05 | Acalvio Technologies, Inc. | Infiltration Detection and Network Rerouting |
US20180004958A1 (en) * | 2016-07-01 | 2018-01-04 | Hewlett Packard Enterprise Development Lp | Computer attack model management |
JP6786960B2 (ja) * | 2016-08-26 | 2020-11-18 | 富士通株式会社 | サイバー攻撃分析支援プログラム、サイバー攻撃分析支援方法およびサイバー攻撃分析支援装置 |
WO2018071356A1 (en) | 2016-10-13 | 2018-04-19 | Nec Laboratories America, Inc. | Graph-based attack chain discovery in enterprise security systems |
US20180115569A1 (en) | 2016-10-21 | 2018-04-26 | Emet Rodney Anders, JR. | Cyber security |
US11146578B2 (en) * | 2016-12-16 | 2021-10-12 | Patternex, Inc. | Method and system for employing graph analysis for detecting malicious activity in time evolving networks |
US10404751B2 (en) | 2017-02-15 | 2019-09-03 | Intuit, Inc. | Method for automated SIEM custom correlation rule generation through interactive network visualization |
US10728264B2 (en) | 2017-02-15 | 2020-07-28 | Micro Focus Llc | Characterizing behavior anomaly analysis performance based on threat intelligence |
US10474966B2 (en) * | 2017-02-27 | 2019-11-12 | Microsoft Technology Licensing, Llc | Detecting cyber attacks by correlating alerts sequences in a cluster environment |
CN108259449B (zh) * | 2017-03-27 | 2020-03-06 | 新华三技术有限公司 | 一种防御apt攻击的方法和系统 |
JP2018185712A (ja) * | 2017-04-27 | 2018-11-22 | 株式会社日立製作所 | セキュリティ監視システム及びセキュリティ監視方法 |
US10855700B1 (en) * | 2017-06-29 | 2020-12-01 | Fireeye, Inc. | Post-intrusion detection of cyber-attacks during lateral movement within networks |
CN107888607B (zh) * | 2017-11-28 | 2020-11-06 | 新华三技术有限公司 | 一种网络威胁检测方法、装置及网络管理设备 |
US11258818B2 (en) * | 2018-01-31 | 2022-02-22 | Ironsdn Corp. | Method and system for generating stateful attacks |
US11700269B2 (en) * | 2018-12-18 | 2023-07-11 | Fortinet, Inc. | Analyzing user behavior patterns to detect compromised nodes in an enterprise network |
US11431734B2 (en) | 2019-04-18 | 2022-08-30 | Kyndryl, Inc. | Adaptive rule generation for security event correlation |
-
2019
- 2019-04-18 US US16/387,632 patent/US11431734B2/en active Active
-
2020
- 2020-03-23 CN CN202080027748.4A patent/CN113661693B/zh active Active
- 2020-03-23 JP JP2021558907A patent/JP2022529220A/ja active Pending
- 2020-03-23 KR KR1020217033288A patent/KR102612500B1/ko active IP Right Grant
- 2020-03-23 MX MX2021012614A patent/MX2021012614A/es unknown
- 2020-03-23 SG SG11202109795W patent/SG11202109795WA/en unknown
- 2020-03-23 BR BR112021020850A patent/BR112021020850A2/pt unknown
- 2020-03-23 WO PCT/EP2020/058028 patent/WO2020212093A1/en active Application Filing
- 2020-03-23 EP EP20713877.7A patent/EP3957042A1/en active Pending
- 2020-03-23 CA CA3137249A patent/CA3137249A1/en active Pending
- 2020-03-23 AU AU2020257925A patent/AU2020257925B2/en active Active
-
2021
- 2021-09-22 IL IL286611A patent/IL286611A/en unknown
Also Published As
Publication number | Publication date |
---|---|
WO2020212093A1 (en) | 2020-10-22 |
EP3957042A1 (en) | 2022-02-23 |
AU2020257925A1 (en) | 2021-09-30 |
BR112021020850A2 (pt) | 2021-12-14 |
CA3137249A1 (en) | 2020-10-22 |
CN113661693B (zh) | 2023-11-17 |
KR102612500B1 (ko) | 2023-12-08 |
CN113661693A (zh) | 2021-11-16 |
KR20210141575A (ko) | 2021-11-23 |
AU2020257925B2 (en) | 2022-08-11 |
SG11202109795WA (en) | 2021-10-28 |
US11431734B2 (en) | 2022-08-30 |
US20200336497A1 (en) | 2020-10-22 |
IL286611A (en) | 2021-10-31 |
JP2022529220A (ja) | 2022-06-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MX2021012614A (es) | Deteccion de exposicion de datos confidenciales a traves de registro. | |
CA2777434C (en) | Verifying application security vulnerabilities | |
Polakis et al. | Where's wally? precise user discovery attacks in location proximity services | |
Al-Naggar et al. | Artificial light at night and cancer: global study | |
Jang et al. | Detecting SQL injection attacks using query result size | |
KR101060639B1 (ko) | 자바스크립트 난독화 강도 분석을 통한 악성 의심 웹사이트 탐지 시스템 및 그 탐지방법 | |
CN107392016A (zh) | 一种基于代理的Web数据库攻击行为检测系统 | |
ATE408179T1 (de) | Verfahren, systeme und computerprogrammprodukte zur bewertung der sicherheit einer netzwerkumgebung | |
CN103577323B (zh) | 基于动态关键指令序列胎记的软件抄袭检测方法 | |
CN105119874A (zh) | 一种信息安全防护体系有效性评价的方法 | |
Cai et al. | Combine sliced joint graph with graph neural networks for smart contract vulnerability detection | |
CN104462988A (zh) | 基于穿行测试技术的信息安全审计实现方法及系统 | |
CN107993304A (zh) | 一种数据处理方法、装置、设备及计算机可读存储介质 | |
CN107193732A (zh) | 一种基于路径比对的校验函数定位方法 | |
CN110879898A (zh) | 一种基于区块链技术的电网数据完整性检测系统及检测方法 | |
CN105045715A (zh) | 基于编程模式和模式匹配的漏洞聚类方法 | |
CN105631871A (zh) | 基于四元数指数矩的彩色图像复制篡改检测方法 | |
CN103971055B (zh) | 一种基于程序切片技术的安卓恶意软件检测方法 | |
MX2016002839A (es) | Verificacion de que informacion particular se transfiere por una aplicacion. | |
Doyle et al. | Development of sea level rise scenarios for climate change assessments of the Mekong Delta, Vietnam | |
GB2615244A8 (en) | Geological database management using signatures for hydrocarbon exploration | |
Yan et al. | SPIDER: Speeding up Side-Channel Vulnerability Detection via Test Suite Reduction | |
Zefferer et al. | Power consumption-based application classification and malware detection on android using machine-learning techniques | |
RU2459236C1 (ru) | Способ и система контроля за выполнением программ с помощью трассировки | |
Alakeel | Using Fuzzy Logic Techniques for Assertion‐Based Software Testing Metrics |