MX350670B - Método y dispositivo para identificar el comportamiento de usuario. - Google Patents
Método y dispositivo para identificar el comportamiento de usuario.Info
- Publication number
- MX350670B MX350670B MX2015009131A MX2015009131A MX350670B MX 350670 B MX350670 B MX 350670B MX 2015009131 A MX2015009131 A MX 2015009131A MX 2015009131 A MX2015009131 A MX 2015009131A MX 350670 B MX350670 B MX 350670B
- Authority
- MX
- Mexico
- Prior art keywords
- behavior
- user behavior
- access
- sliding window
- time sliding
- Prior art date
Links
- 238000000034 method Methods 0.000 title abstract 3
- 238000011156 evaluation Methods 0.000 abstract 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/10—Active monitoring, e.g. heartbeat, ping or trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2133—Verifying human interaction, e.g., Captcha
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/142—Denial of service attacks against network infrastructure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/144—Detection or countermeasures against botnets
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Cardiology (AREA)
- General Health & Medical Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Storage Device Security (AREA)
- Debugging And Monitoring (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Transfer Between Computers (AREA)
Abstract
La presente divulgación se refiere a un método y dispositivo para identificar el comportamiento de usuario, configurado para identificar un comportamiento malicioso de manera más efectiva y precisa; el método incluye: adquirir un comportamiento de acceso de una terminal dentro de una ventana corrediza de tiempo preestablecida; evaluar el comportamiento de acceso dentro de la ventana corrediza de tiempo de acuerdo con el comportamiento de acceso dentro de la ventana corrediza de tiempo; y determinar si el comportamiento de acceso de la terminal es un acceso malicioso de acuerdo con un resultado de la evaluación.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410708281.6A CN104486298B (zh) | 2014-11-27 | 2014-11-27 | 识别用户行为的方法及装置 |
PCT/CN2015/078019 WO2016082462A1 (zh) | 2014-11-27 | 2015-04-30 | 识别用户行为的方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
MX2015009131A MX2015009131A (es) | 2016-08-01 |
MX350670B true MX350670B (es) | 2017-09-12 |
Family
ID=52760802
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
MX2015009131A MX350670B (es) | 2014-11-27 | 2015-04-30 | Método y dispositivo para identificar el comportamiento de usuario. |
Country Status (9)
Country | Link |
---|---|
US (1) | US20160156653A1 (es) |
EP (1) | EP3026864B1 (es) |
JP (1) | JP2017503293A (es) |
KR (1) | KR101677217B1 (es) |
CN (1) | CN104486298B (es) |
BR (1) | BR112015018912A2 (es) |
MX (1) | MX350670B (es) |
RU (1) | RU2628127C2 (es) |
WO (1) | WO2016082462A1 (es) |
Families Citing this family (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104486298B (zh) * | 2014-11-27 | 2018-03-09 | 小米科技有限责任公司 | 识别用户行为的方法及装置 |
CN104881479B (zh) * | 2015-06-03 | 2018-07-13 | 北京京东尚科信息技术有限公司 | 一种限制用户最小操作间隔的方法及装置 |
CN106327230B (zh) * | 2015-06-30 | 2019-12-24 | 阿里巴巴集团控股有限公司 | 一种异常用户检测方法及设备 |
CN104967629B (zh) * | 2015-07-16 | 2018-11-27 | 网宿科技股份有限公司 | 网络攻击检测方法及装置 |
CN105282047B (zh) * | 2015-09-25 | 2020-04-14 | 小米科技有限责任公司 | 访问请求处理方法及装置 |
CN106789831B (zh) | 2015-11-19 | 2020-10-23 | 阿里巴巴集团控股有限公司 | 识别网络攻击的方法和装置 |
CN106789844B (zh) * | 2015-11-23 | 2020-06-16 | 阿里巴巴集团控股有限公司 | 一种恶意用户识别方法及装置 |
EP3423962A4 (en) * | 2016-03-04 | 2019-10-02 | Axon Vibe AG | SYSTEMS AND METHOD FOR PREDICTING THE USER BEHAVIOR BASED ON LOCATION DATA |
CN106506451B (zh) * | 2016-09-30 | 2019-08-27 | 百度在线网络技术(北京)有限公司 | 恶意访问的处理方法及装置 |
JP6737189B2 (ja) * | 2017-01-18 | 2020-08-05 | トヨタ自動車株式会社 | 不正判定システム及び不正判定方法 |
CN106657410B (zh) * | 2017-02-28 | 2018-04-03 | 国家电网公司 | 基于用户访问序列的异常行为检测方法 |
CN107046489B (zh) * | 2017-04-07 | 2020-07-28 | 上海熙菱信息技术有限公司 | 一种频次类实时统计模型系统及方法 |
CN107481090A (zh) * | 2017-07-06 | 2017-12-15 | 众安信息技术服务有限公司 | 一种用户异常行为检测方法、装置和系统 |
FR3094518B1 (fr) * | 2019-04-01 | 2021-02-26 | Idemia Identity & Security France | Procédé de détection de bots dans un réseau d’utilisateurs |
KR102295463B1 (ko) * | 2019-07-12 | 2021-08-27 | 경상국립대학교산학협력단 | 가속도 센서를 구비한 돼지이표 |
KR102034998B1 (ko) * | 2019-07-12 | 2019-10-22 | 경상대학교산학협력단 | 돼지움직임 감지용 광이표 |
CN111224939B (zh) * | 2019-11-15 | 2022-07-12 | 上海钧正网络科技有限公司 | 任务请求的拦截方法、装置、计算机设备和存储介质 |
CN110933115B (zh) * | 2019-12-31 | 2022-04-29 | 上海观安信息技术股份有限公司 | 基于动态session的分析对象行为异常检测方法及装置 |
CN113114611B (zh) * | 2020-01-13 | 2024-02-06 | 北京沃东天骏信息技术有限公司 | 黑名单管理的方法和装置 |
CN112784288B (zh) * | 2021-01-22 | 2024-05-10 | 尚娱软件(深圳)有限公司 | 访问管理方法、终端及计算机可读存储介质 |
US11991196B2 (en) | 2021-03-04 | 2024-05-21 | Qatar Foundation For Education, Science And Community Development | Anomalous user account detection systems and methods |
Family Cites Families (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000148276A (ja) * | 1998-11-05 | 2000-05-26 | Fujitsu Ltd | セキュリティ監視装置,セキュリティ監視方法およびセキュリティ監視用プログラム記録媒体 |
KR100479328B1 (ko) * | 2002-12-24 | 2005-03-31 | 한국전자통신연구원 | 슬라이딩 윈도우 캐쉬 구조 |
JP2005044277A (ja) * | 2003-07-25 | 2005-02-17 | Fuji Xerox Co Ltd | 不正通信検出装置 |
KR101074597B1 (ko) * | 2004-09-17 | 2011-10-17 | 주식회사 케이티 | 가상 웹서버 기반의 침입 유도 시스템 및 그 방법 |
JP2006279930A (ja) * | 2005-03-01 | 2006-10-12 | Nec Corp | 不正アクセス検出方法及び装置、並びに不正アクセス遮断方法及び装置 |
EP2109841B1 (en) * | 2007-01-16 | 2017-09-20 | Absolute Software Corporation | A security module having a secondary agent in coordination with a host agent |
US7885976B2 (en) * | 2007-02-23 | 2011-02-08 | International Business Machines Corporation | Identification, notification, and control of data access quantity and patterns |
EP2009864A1 (en) | 2007-06-28 | 2008-12-31 | Nibelung Security Systems GmbH | Method and apparatus for attack prevention |
JP4948359B2 (ja) * | 2007-10-26 | 2012-06-06 | 三菱電機株式会社 | 不正アクセス検知装置及び不正アクセス検知方法及びプログラム |
US20090144545A1 (en) * | 2007-11-29 | 2009-06-04 | International Business Machines Corporation | Computer system security using file system access pattern heuristics |
JP2009217555A (ja) * | 2008-03-11 | 2009-09-24 | Mitsubishi Electric Corp | ネットワーク異常判定装置 |
US8326987B2 (en) * | 2008-11-12 | 2012-12-04 | Lin Yeejang James | Method for adaptively building a baseline behavior model |
US8572736B2 (en) * | 2008-11-12 | 2013-10-29 | YeeJang James Lin | System and method for detecting behavior anomaly in information access |
CN101446956A (zh) * | 2008-12-12 | 2009-06-03 | 北京理工大学 | 预测模型的在线增量式插入与删除方法 |
JP2010146160A (ja) * | 2008-12-17 | 2010-07-01 | Kureo:Kk | 通信管理装置、通信管理方法、およびプログラム |
WO2010088550A2 (en) * | 2009-01-29 | 2010-08-05 | Breach Security, Inc. | A method and apparatus for excessive access rate detection |
US9805271B2 (en) * | 2009-08-18 | 2017-10-31 | Omni Ai, Inc. | Scene preset identification using quadtree decomposition analysis |
JP5911431B2 (ja) * | 2010-01-21 | 2016-05-11 | アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited | 悪意のあるアクセスの遮断 |
CN102769549B (zh) * | 2011-05-05 | 2016-02-17 | 腾讯科技(深圳)有限公司 | 网络安全监控的方法和装置 |
EP2737427A4 (en) * | 2011-07-29 | 2015-04-15 | Hewlett Packard Development Co | SYSTEMS AND METHOD FOR THE DISTRIBUTED CONTROL-BASED CORRELATION OF EVENTS |
JP5791548B2 (ja) * | 2012-03-15 | 2015-10-07 | 三菱電機株式会社 | アドレス抽出装置 |
US20130291107A1 (en) * | 2012-04-27 | 2013-10-31 | The Irc Company, Inc. | System and Method for Mitigating Application Layer Distributed Denial of Service Attacks Using Human Behavior Analysis |
US20140304833A1 (en) * | 2013-04-04 | 2014-10-09 | Xerox Corporation | Method and system for providing access to crowdsourcing tasks |
CN104113519B (zh) * | 2013-04-16 | 2017-07-14 | 阿里巴巴集团控股有限公司 | 网络攻击检测方法及其装置 |
RU133954U1 (ru) * | 2013-04-29 | 2013-10-27 | Федеральное государственное образовательное бюджетное учреждение высшего профессионального образования "Санкт-Петербургский государственный университет телекоммуникаций им. проф. М.А. Бонч-Бруевича" (СПбГУТ) | Устройство защиты сети |
CN104486298B (zh) * | 2014-11-27 | 2018-03-09 | 小米科技有限责任公司 | 识别用户行为的方法及装置 |
-
2014
- 2014-11-27 CN CN201410708281.6A patent/CN104486298B/zh active Active
-
2015
- 2015-04-30 WO PCT/CN2015/078019 patent/WO2016082462A1/zh active Application Filing
- 2015-04-30 RU RU2015128769A patent/RU2628127C2/ru active
- 2015-04-30 BR BR112015018912A patent/BR112015018912A2/pt not_active IP Right Cessation
- 2015-04-30 MX MX2015009131A patent/MX350670B/es active IP Right Grant
- 2015-04-30 JP JP2016561070A patent/JP2017503293A/ja active Pending
- 2015-04-30 KR KR1020157016876A patent/KR101677217B1/ko active IP Right Grant
- 2015-11-05 US US14/933,197 patent/US20160156653A1/en not_active Abandoned
- 2015-11-24 EP EP15196035.8A patent/EP3026864B1/en active Active
Also Published As
Publication number | Publication date |
---|---|
RU2015128769A (ru) | 2017-01-20 |
WO2016082462A1 (zh) | 2016-06-02 |
CN104486298B (zh) | 2018-03-09 |
JP2017503293A (ja) | 2017-01-26 |
KR101677217B1 (ko) | 2016-11-17 |
EP3026864B1 (en) | 2018-09-26 |
US20160156653A1 (en) | 2016-06-02 |
MX2015009131A (es) | 2016-08-01 |
EP3026864A1 (en) | 2016-06-01 |
CN104486298A (zh) | 2015-04-01 |
BR112015018912A2 (pt) | 2017-07-18 |
KR20160077009A (ko) | 2016-07-01 |
RU2628127C2 (ru) | 2017-08-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MX350670B (es) | Método y dispositivo para identificar el comportamiento de usuario. | |
TW201611775A (en) | Electronic device and method for measuring vital signal by the electronic device | |
MX2015000617A (es) | Metodo y dispositivo para procesar el modo niños. | |
SG10201807147TA (en) | Verification methods and verification devices | |
MX2016004066A (es) | Control de acceso utilizando dispositivos electronicos portatiles. | |
MX2016002294A (es) | Metodo y dispositivo de entrada de texto. | |
MX2018002741A (es) | Metodo y aparato para determinar datos volumetricos de una caracteristica anatomica predeterminada. | |
MX2015002437A (es) | Sistema y metodo para determinar el estado de salud de una fuente de energia de un dispositivo portatil. | |
MX368815B (es) | Método y dispositivo para analizar relación social. | |
MX2016017039A (es) | Procedimiento y aparato de verificacion de seguridad. | |
MX2015006652A (es) | Metodo de reconocimiento de mensajes de comunicacion y dispositivo del mismo. | |
EP4336493A3 (en) | Method and apparatus for packet loss concealment, and decoding method and apparatus employing same | |
SG10201903580QA (en) | Method and device for verifying a trusted terminal | |
EP3118733A4 (en) | Method for recognizing operation mode of user on handheld device, and handheld device | |
BR112016022190A2 (pt) | método e aparelho de processamento de informações de humor, e dispositivo de terminal | |
MX357347B (es) | Método y aparato para proporcionar información. | |
MX2016005766A (es) | Dispositivo y metodo para evaluar automaticamente un progreso de un ejercito de entrenamiento. | |
MX358469B (es) | Método y dispositivo para realizar una actualización escalonada. | |
MX2015008601A (es) | Metodo y dispositivo para seleccionar informacion. | |
MX348965B (es) | Metodo, aparato y dispositivo terminal para seleccionar un caracter. | |
MX2017005029A (es) | Metodo y aparato de verificacion. | |
MX2015009733A (es) | Metodo y aparato de visualizacion de pagina, dispositivo electronico. | |
PL2767882T3 (pl) | Sposób segmentacji czasowej gestu z przyrządem, odpowiednie urządzenie, terminal i oprogramowanie | |
SG11201809860UA (en) | Application program data processing method and device | |
MX2016005403A (es) | Metodo y dispositivo para activar una operacion especificada. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FG | Grant or registration |