MX2022004354A - Método de derivación automática de vías de ataque en red. - Google Patents
Método de derivación automática de vías de ataque en red.Info
- Publication number
- MX2022004354A MX2022004354A MX2022004354A MX2022004354A MX2022004354A MX 2022004354 A MX2022004354 A MX 2022004354A MX 2022004354 A MX2022004354 A MX 2022004354A MX 2022004354 A MX2022004354 A MX 2022004354A MX 2022004354 A MX2022004354 A MX 2022004354A
- Authority
- MX
- Mexico
- Prior art keywords
- network
- vulnerabilities
- topology
- information
- processing unit
- Prior art date
Links
- 238000009795 derivation Methods 0.000 title abstract 2
- 238000000034 method Methods 0.000 title abstract 2
- 238000007689 inspection Methods 0.000 abstract 2
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3608—Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
La presente invención se refiere a un método de derivación automática de vías de ataque en una red que comprende definir la topología de la red como una topología enriquecida de red, identificar las vulnerabilidades de la topología como los artefactos de información de vulnerabilidades, construir la base de datos de ataque atómico de la red en función de la topología y las vulnerabilidades, traducir la topología enriquecida de red, los artefactos de información de vulnerabilidades y la base de datos de ataque atómico en un modelo formal predefinido, ejecutar un comprobador predefinido de modelo basado en SMT para el modelo formal predefinido para buscar ejemplos contrarios y derivar las vías de ataque de los ejemplos contrarios, en donde la definición de la topología comprende ejecutar, mediante una unidad computarizada de procesamiento de datos conectada, de manera operativa, con la red, un módulo de inspección profunda de paquete de la red para construir una topología de red en función de la información derivada del módulo de inspección profunda de paquete, ejecutar, mediante la unidad computarizada de procesamiento de datos, un módulo de consultas activas de la red para agregar la información adicional a la topología de red en función de la información derivada de las consultas activas para construir la topología enriquecida de red, en donde la identificación de las vulnerabilidades comprende ejecutar, mediante la unidad computarizada de procesamiento de datos, un módulo de evaluación de vulnerabilidad para identificar los artefactos de información de vulnerabilidades de cada nodo de la red en función de la comparación entre la información de nodos de la topología enriquecida de red y las vulnerabilidades conocidas de una base de datos de vulnerabilidades predefinidas y en donde la construcción de la base de datos de ataque atómico comprende buscar, mediante la unidad computarizada de procesamiento de datos, uno o más ataques atómicos para la red como las precondiciones y acciones para capturar el estado del sistema en un momento dado en el tiempo, en donde las acciones son expresadas en términos de un conjunto de características de los nodos.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/225,392 US11831671B2 (en) | 2021-04-08 | 2021-04-08 | Method for automatic derivation of attack paths in a network |
Publications (1)
Publication Number | Publication Date |
---|---|
MX2022004354A true MX2022004354A (es) | 2022-10-10 |
Family
ID=81324931
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
MX2022004354A MX2022004354A (es) | 2021-04-08 | 2022-04-08 | Método de derivación automática de vías de ataque en red. |
Country Status (9)
Country | Link |
---|---|
US (1) | US11831671B2 (es) |
EP (1) | EP4072066A1 (es) |
JP (1) | JP2022161880A (es) |
KR (1) | KR20220139807A (es) |
CN (1) | CN115208609A (es) |
BR (1) | BR102022006585A2 (es) |
CA (1) | CA3154249A1 (es) |
MX (1) | MX2022004354A (es) |
TW (1) | TW202241095A (es) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115913640B (zh) * | 2022-10-19 | 2023-09-05 | 南京南瑞信息通信科技有限公司 | 一种基于攻击图的大型网络攻击推演及风险预警方法 |
WO2024137471A1 (en) * | 2022-12-20 | 2024-06-27 | Operant AI, Inc. | Multi-layer application security graph for cloud-native applications using runtime application telemetry collected in real-time |
CN117610018B (zh) * | 2023-12-01 | 2024-06-25 | 深圳市马博士网络科技有限公司 | 漏洞模拟方法及装置 |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020032871A1 (en) * | 2000-09-08 | 2002-03-14 | The Regents Of The University Of Michigan | Method and system for detecting, tracking and blocking denial of service attacks over a computer network |
US7200105B1 (en) * | 2001-01-12 | 2007-04-03 | Bbn Technologies Corp. | Systems and methods for point of ingress traceback of a network attack |
US7752324B2 (en) * | 2002-07-12 | 2010-07-06 | Penn State Research Foundation | Real-time packet traceback and associated packet marking strategies |
US6952779B1 (en) * | 2002-10-01 | 2005-10-04 | Gideon Cohen | System and method for risk detection and analysis in a computer network |
WO2010042979A1 (en) * | 2008-10-13 | 2010-04-22 | Swinburne University Of Technology | Process and system for assessing network vulnerability |
US8601414B2 (en) * | 2009-11-12 | 2013-12-03 | The Regents Of The University Of Michigan | Automated scalable verification for hardware designs at the register transfer level |
US9021092B2 (en) * | 2012-10-19 | 2015-04-28 | Shadow Networks, Inc. | Network infrastructure obfuscation |
WO2017105383A1 (en) * | 2015-12-14 | 2017-06-22 | Siemens Aktiengesellschaft | System and method for passive assessment of industrial perimeter security |
US10298619B2 (en) * | 2016-12-16 | 2019-05-21 | Nicira, Inc. | Application template generation and deep packet inspection approach for creation of micro-segmentation policy for network applications |
US10812499B2 (en) * | 2017-11-09 | 2020-10-20 | Accenture Global Solutions Limited | Detection of adversary lateral movement in multi-domain IIOT environments |
US10819727B2 (en) * | 2018-10-15 | 2020-10-27 | Schweitzer Engineering Laboratories, Inc. | Detecting and deterring network attacks |
-
2021
- 2021-04-08 US US17/225,392 patent/US11831671B2/en active Active
-
2022
- 2022-04-05 CA CA3154249A patent/CA3154249A1/en active Pending
- 2022-04-05 BR BR102022006585-3A patent/BR102022006585A2/pt unknown
- 2022-04-05 KR KR1020220042383A patent/KR20220139807A/ko unknown
- 2022-04-06 EP EP22167037.5A patent/EP4072066A1/en active Pending
- 2022-04-07 JP JP2022063892A patent/JP2022161880A/ja active Pending
- 2022-04-08 TW TW111113559A patent/TW202241095A/zh unknown
- 2022-04-08 CN CN202210366161.7A patent/CN115208609A/zh active Pending
- 2022-04-08 MX MX2022004354A patent/MX2022004354A/es unknown
Also Published As
Publication number | Publication date |
---|---|
CA3154249A1 (en) | 2022-10-08 |
US11831671B2 (en) | 2023-11-28 |
KR20220139807A (ko) | 2022-10-17 |
BR102022006585A2 (pt) | 2022-10-11 |
JP2022161880A (ja) | 2022-10-21 |
CN115208609A (zh) | 2022-10-18 |
US20220329617A1 (en) | 2022-10-13 |
EP4072066A1 (en) | 2022-10-12 |
TW202241095A (zh) | 2022-10-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MX2022004354A (es) | Método de derivación automática de vías de ataque en red. | |
US11087329B2 (en) | Method and apparatus of identifying a transaction risk | |
Eckhart et al. | A specification-based state replication approach for digital twins | |
Dewulf | Contrasting frames in policy debates on climate change adaptation | |
Wang et al. | Modeling network diversity for evaluating the robustness of networks against zero-day attacks | |
CN109644184A (zh) | 用于从ipfix数据检测云上的ddos僵尸网络的聚类方法 | |
JP2018046549A (ja) | ネットワーク検証 | |
CN106453403B (zh) | 一种基于攻击链的漏洞整改顺序确定方法及系统 | |
CN109981326B (zh) | 家庭宽带感知故障定位的方法及装置 | |
US20220156368A1 (en) | Detection of model attacks in distributed ai | |
CN106599691A (zh) | 一种基于复杂网络的计算机病毒传播求源方法 | |
CN107124365A (zh) | 一种基于机器学习的路由策略的获取系统 | |
CN112583715A (zh) | 设备节点连接调整方法及装置 | |
US20110185420A1 (en) | Detection methods and devices of web mimicry attacks | |
US20170039484A1 (en) | Generating negative classifier data based on positive classifier data | |
CN117614698A (zh) | 一种面向电力监控系统的网络安全风险分析方法与系统 | |
CN110784487B (zh) | 一种基于数据包抽检模型的sdn节点防御方法 | |
Praveena et al. | Hybrid approach for IP traceback analysis in wireless networks | |
CN115604032B (zh) | 一种电力系统复杂多步攻击检测方法及系统 | |
Shang | Consensus of Noisy Multiagent Systems with Markovian Switching Topologies and Time‐Varying Delays | |
CN113238897B (zh) | 芯片的系统级测试方法、装置、计算机设备及存储介质 | |
CN102075579A (zh) | 一种p2p幂律网络蠕虫的传播模型及其构建分析方法 | |
CN105488394A (zh) | 一种面向蜜罐系统进行入侵行为识别和分类的方法及系统 | |
EP3346380A1 (en) | Methods for adaptive placement of applications and devices thereof | |
CN107248929B (zh) | 一种多维关联数据的强关联数据生成方法 |