RU2016132591A - Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками - Google Patents
Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками Download PDFInfo
- Publication number
- RU2016132591A RU2016132591A RU2016132591A RU2016132591A RU2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A
- Authority
- RU
- Russia
- Prior art keywords
- cybersecurity
- level
- data
- cyber
- lower level
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/01—Probabilistic graphical models, e.g. probabilistic networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Probability & Statistics with Applications (AREA)
- Artificial Intelligence (AREA)
- Computational Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Physics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Multi Processors (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Claims (16)
1. Система кибербезопасности, содержащая:
нижний уровень, выполненный с возможностью контроля и отслеживания данных кибербезопасности для криминалистического анализа;
верхний уровень, выполненный с возможностью контроля, отслеживания и измерения данных кибербезопасности для множества киберокружений;
алгоритм сложной адаптивной системы (САС), используемый для обучения, прогнозирования и принятия мер на основании данных кибербезопасности; причем
верхний уровень и нижний уровень выполнены с возможностью обмена данными кибербезопасности.
2. Система кибербезопасности по п. 1, в которой каждый уровень из нижнего уровня и верхнего уровня также содержит функции, реализуемые в переделах нижнего уровня и верхнего уровня.
3. Система кибербезопасности по п. 1, в которой нижний уровень и верхний уровень выполнены с возможностью обмена данными кибербезопасности посредством двунаправленного соединительного модуля, причем подвергаемые обмену данные кибербезопасности являются коррелированными.
4. Система кибербезопасности по п. 3, в которой соединительный модуль обеспечивает контур обратной связи по всей системе.
5. Система кибербезопасности по п. 1, также содержащая алгоритм сложной адаптивной системы (САС), выполненный с возможностью прогнозирования кибератак и основанный на данных кибербезопасности.
6. Система кибербезопасности по п. 5, в которой алгоритм сложной адаптивной системы (САС) модифицирован для:
создания конечных автоматов, представляющих систему кибербезопасности;
запуска конечных автоматов и записи их переходов;
связывания вероятностей с переходами;
прогнозирования результатов на основании вероятностей;
определения необходимости принятия мер и
принятия мер, если уровень вероятности превышает заданный порог.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/872,698 US10148678B2 (en) | 2015-10-01 | 2015-10-01 | Cybersecurity system with differentiated capacity to deal with complex cyber attacks |
US14/872,698 | 2015-10-01 |
Publications (3)
Publication Number | Publication Date |
---|---|
RU2016132591A true RU2016132591A (ru) | 2018-02-16 |
RU2016132591A3 RU2016132591A3 (ru) | 2020-01-31 |
RU2746685C2 RU2746685C2 (ru) | 2021-04-19 |
Family
ID=56920484
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
RU2016132591A RU2746685C2 (ru) | 2015-10-01 | 2016-08-08 | Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками |
Country Status (3)
Country | Link |
---|---|
US (1) | US10148678B2 (ru) |
EP (1) | EP3151153B1 (ru) |
RU (1) | RU2746685C2 (ru) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3082330B1 (fr) * | 2018-06-07 | 2022-12-30 | Thales Sa | Cybersecurite aeronautique |
US11704600B2 (en) | 2019-06-27 | 2023-07-18 | Microsoft Technology Licensing, Llc | Multistage feed ranking system with methodology providing scalable multi-objective model approximation |
US11734431B2 (en) * | 2020-04-27 | 2023-08-22 | Saudi Arabian Oil Company | Method and system for assessing effectiveness of cybersecurity controls in an OT environment |
US11729195B1 (en) | 2022-09-15 | 2023-08-15 | Cyviation Ltd | Computerized-system and computerized-method for detecting cyber-attacks on avionic communications of an airborne computerized-device |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7603709B2 (en) * | 2001-05-03 | 2009-10-13 | Computer Associates Think, Inc. | Method and apparatus for predicting and preventing attacks in communications networks |
US8229879B2 (en) * | 2005-07-08 | 2012-07-24 | Brainlike, Inc. | System and method for auto-adaptive network |
US7634262B1 (en) * | 2006-03-07 | 2009-12-15 | Trend Micro, Inc. | Virus pattern update for mobile device |
CA2651303A1 (en) | 2006-05-05 | 2007-11-15 | Millennium Pharmaceuticals, Inc. | Factor xa inhibitors |
US8108550B2 (en) * | 2006-10-25 | 2012-01-31 | Hewlett-Packard Development Company, L.P. | Real-time identification of an asset model and categorization of an asset to assist in computer network security |
US8103727B2 (en) * | 2007-08-30 | 2012-01-24 | Fortinet, Inc. | Use of global intelligence to make local information classification decisions |
KR100935861B1 (ko) | 2007-11-12 | 2010-01-07 | 한국전자통신연구원 | 네트워크 보안 위험도 예측 방법 및 장치 |
US8613096B2 (en) * | 2007-11-30 | 2013-12-17 | Microsoft Corporation | Automatic data patch generation for unknown vulnerabilities |
US7899849B2 (en) * | 2008-05-28 | 2011-03-01 | Zscaler, Inc. | Distributed security provisioning |
US8504504B2 (en) * | 2008-09-26 | 2013-08-06 | Oracle America, Inc. | System and method for distributed denial of service identification and prevention |
US20120180126A1 (en) * | 2010-07-13 | 2012-07-12 | Lei Liu | Probable Computing Attack Detector |
US9015843B2 (en) * | 2010-12-03 | 2015-04-21 | Microsoft Corporation | Predictive malware threat mitigation |
US8726376B2 (en) * | 2011-03-11 | 2014-05-13 | Openet Telecom Ltd. | Methods, systems and devices for the detection and prevention of malware within a network |
US8949668B2 (en) * | 2011-05-23 | 2015-02-03 | The Boeing Company | Methods and systems for use in identifying abnormal behavior in a control system including independent comparisons to user policies and an event correlation model |
US8739281B2 (en) * | 2011-12-06 | 2014-05-27 | At&T Intellectual Property I, L.P. | Multilayered deception for intrusion detection and prevention |
US9355172B2 (en) * | 2013-01-10 | 2016-05-31 | Accenture Global Services Limited | Data trend analysis |
US20140337974A1 (en) * | 2013-04-15 | 2014-11-13 | Anupam Joshi | System and method for semantic integration of heterogeneous data sources for context aware intrusion detection |
US9519775B2 (en) * | 2013-10-03 | 2016-12-13 | Qualcomm Incorporated | Pre-identifying probable malicious behavior based on configuration pathways |
US20150326600A1 (en) * | 2013-12-17 | 2015-11-12 | George KARABATIS | Flow-based system and method for detecting cyber-attacks utilizing contextual information |
US20160078365A1 (en) * | 2014-03-21 | 2016-03-17 | Philippe Baumard | Autonomous detection of incongruous behaviors |
US9774614B2 (en) * | 2014-06-24 | 2017-09-26 | Qualcomm Incorporated | Methods and systems for side channel analysis detection and protection |
US9710752B2 (en) * | 2014-09-11 | 2017-07-18 | Qualcomm Incorporated | Methods and systems for aggregated multi-application behavioral analysis of mobile device behaviors |
US9571519B2 (en) * | 2014-09-29 | 2017-02-14 | Juniper Networks, Inc. | Targeted attack discovery |
US9928369B2 (en) * | 2015-02-09 | 2018-03-27 | Cisco Technologies, Inc. | Information technology vulnerability assessment |
-
2015
- 2015-10-01 US US14/872,698 patent/US10148678B2/en active Active
-
2016
- 2016-08-08 RU RU2016132591A patent/RU2746685C2/ru active
- 2016-08-25 EP EP16185788.3A patent/EP3151153B1/en active Active
Also Published As
Publication number | Publication date |
---|---|
EP3151153B1 (en) | 2021-05-19 |
RU2016132591A3 (ru) | 2020-01-31 |
EP3151153A1 (en) | 2017-04-05 |
RU2746685C2 (ru) | 2021-04-19 |
US20170099308A1 (en) | 2017-04-06 |
US10148678B2 (en) | 2018-12-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2016132591A (ru) | Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками | |
TWI706273B (zh) | 統一資源定位符(url)攻擊檢測方法、裝置及電子設備 | |
Hussain et al. | A two-fold machine learning approach to prevent and detect IoT botnet attacks | |
US11775826B2 (en) | Artificial intelligence with cyber security | |
RU2019113327A (ru) | СЛУЖБА IoT-БЕЗОПАСНОСТИ | |
Ham et al. | Android mobile application system call event pattern analysis for determination of malicious attack | |
WO2014107438A3 (en) | Methods and systems of dynamically generating and using device-specific and device-state-specific classifier models for the efficient classification of mobile device behaviors | |
RU2015138958A (ru) | Способ формирования анализа поведения в системе наблюдения и мониторинга | |
SG10201805424RA (en) | User authentication method, device for executing same, and recording medium for storing same | |
WO2016122904A3 (en) | Managing thermal remediations on a computing device | |
RU2017103387A (ru) | Устройство и способ обработки данных | |
RU2016116679A (ru) | Система и способ для вычисления дайджеста сообщений | |
CN106961444A (zh) | 一种基于隐马尔可夫模型的恶意网络爬虫检测方法 | |
JP2016115095A5 (ru) | ||
TW201615049A (en) | Method, apparatus, and mobile terminal for collecting location information | |
Dehlaghi-Ghadim et al. | Anomaly detection dataset for industrial control systems | |
Demertzis | Blockchained federated learning for threat defense | |
Bhosale et al. | Detection of Anomalous User Activity for Home IoT Devices [Detection of Anomalous User Activity for Home IoT Devices] | |
FI20135203L (fi) | Testihallinta | |
RU2016105643A (ru) | Способ и устройство для ликвидации скважины | |
Ghaffari et al. | DroidMalHunter: A novel entropy-based anomaly detection system to detect malicious Android applications | |
Kumar et al. | A network-based framework for mobile threat detection | |
CN103905269B (zh) | 基于格式识别技术的网络双向检测方法及系统 | |
Singhania et al. | A Novel Crypt-Stego Technique for Information Security in Communication Networks | |
Tembhurne et al. | IoT Security and Privacy |