RU2016132591A - Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками - Google Patents

Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками Download PDF

Info

Publication number
RU2016132591A
RU2016132591A RU2016132591A RU2016132591A RU2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A RU 2016132591 A RU2016132591 A RU 2016132591A
Authority
RU
Russia
Prior art keywords
cybersecurity
level
data
cyber
lower level
Prior art date
Application number
RU2016132591A
Other languages
English (en)
Other versions
RU2016132591A3 (ru
RU2746685C2 (ru
Inventor
Ядранка МИД
Джеймс Е. ВАСАТКА
Джон А. КРЕЙГ
Original Assignee
Зе Боинг Компани
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Зе Боинг Компани filed Critical Зе Боинг Компани
Publication of RU2016132591A publication Critical patent/RU2016132591A/ru
Publication of RU2016132591A3 publication Critical patent/RU2016132591A3/ru
Application granted granted Critical
Publication of RU2746685C2 publication Critical patent/RU2746685C2/ru

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N7/00Computing arrangements based on specific mathematical models
    • G06N7/01Probabilistic graphical models, e.g. probabilistic networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Probability & Statistics with Applications (AREA)
  • Artificial Intelligence (AREA)
  • Computational Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Multi Processors (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Claims (16)

1. Система кибербезопасности, содержащая:
нижний уровень, выполненный с возможностью контроля и отслеживания данных кибербезопасности для криминалистического анализа;
верхний уровень, выполненный с возможностью контроля, отслеживания и измерения данных кибербезопасности для множества киберокружений;
алгоритм сложной адаптивной системы (САС), используемый для обучения, прогнозирования и принятия мер на основании данных кибербезопасности; причем
верхний уровень и нижний уровень выполнены с возможностью обмена данными кибербезопасности.
2. Система кибербезопасности по п. 1, в которой каждый уровень из нижнего уровня и верхнего уровня также содержит функции, реализуемые в переделах нижнего уровня и верхнего уровня.
3. Система кибербезопасности по п. 1, в которой нижний уровень и верхний уровень выполнены с возможностью обмена данными кибербезопасности посредством двунаправленного соединительного модуля, причем подвергаемые обмену данные кибербезопасности являются коррелированными.
4. Система кибербезопасности по п. 3, в которой соединительный модуль обеспечивает контур обратной связи по всей системе.
5. Система кибербезопасности по п. 1, также содержащая алгоритм сложной адаптивной системы (САС), выполненный с возможностью прогнозирования кибератак и основанный на данных кибербезопасности.
6. Система кибербезопасности по п. 5, в которой алгоритм сложной адаптивной системы (САС) модифицирован для:
создания конечных автоматов, представляющих систему кибербезопасности;
запуска конечных автоматов и записи их переходов;
связывания вероятностей с переходами;
прогнозирования результатов на основании вероятностей;
определения необходимости принятия мер и
принятия мер, если уровень вероятности превышает заданный порог.
RU2016132591A 2015-10-01 2016-08-08 Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками RU2746685C2 (ru)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/872,698 US10148678B2 (en) 2015-10-01 2015-10-01 Cybersecurity system with differentiated capacity to deal with complex cyber attacks
US14/872,698 2015-10-01

Publications (3)

Publication Number Publication Date
RU2016132591A true RU2016132591A (ru) 2018-02-16
RU2016132591A3 RU2016132591A3 (ru) 2020-01-31
RU2746685C2 RU2746685C2 (ru) 2021-04-19

Family

ID=56920484

Family Applications (1)

Application Number Title Priority Date Filing Date
RU2016132591A RU2746685C2 (ru) 2015-10-01 2016-08-08 Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками

Country Status (3)

Country Link
US (1) US10148678B2 (ru)
EP (1) EP3151153B1 (ru)
RU (1) RU2746685C2 (ru)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3082330B1 (fr) * 2018-06-07 2022-12-30 Thales Sa Cybersecurite aeronautique
US11704600B2 (en) 2019-06-27 2023-07-18 Microsoft Technology Licensing, Llc Multistage feed ranking system with methodology providing scalable multi-objective model approximation
US11734431B2 (en) * 2020-04-27 2023-08-22 Saudi Arabian Oil Company Method and system for assessing effectiveness of cybersecurity controls in an OT environment
US11729195B1 (en) 2022-09-15 2023-08-15 Cyviation Ltd Computerized-system and computerized-method for detecting cyber-attacks on avionic communications of an airborne computerized-device

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7603709B2 (en) * 2001-05-03 2009-10-13 Computer Associates Think, Inc. Method and apparatus for predicting and preventing attacks in communications networks
US8229879B2 (en) * 2005-07-08 2012-07-24 Brainlike, Inc. System and method for auto-adaptive network
US7634262B1 (en) * 2006-03-07 2009-12-15 Trend Micro, Inc. Virus pattern update for mobile device
CA2651303A1 (en) 2006-05-05 2007-11-15 Millennium Pharmaceuticals, Inc. Factor xa inhibitors
US8108550B2 (en) * 2006-10-25 2012-01-31 Hewlett-Packard Development Company, L.P. Real-time identification of an asset model and categorization of an asset to assist in computer network security
US8103727B2 (en) * 2007-08-30 2012-01-24 Fortinet, Inc. Use of global intelligence to make local information classification decisions
KR100935861B1 (ko) 2007-11-12 2010-01-07 한국전자통신연구원 네트워크 보안 위험도 예측 방법 및 장치
US8613096B2 (en) * 2007-11-30 2013-12-17 Microsoft Corporation Automatic data patch generation for unknown vulnerabilities
US7899849B2 (en) * 2008-05-28 2011-03-01 Zscaler, Inc. Distributed security provisioning
US8504504B2 (en) * 2008-09-26 2013-08-06 Oracle America, Inc. System and method for distributed denial of service identification and prevention
US20120180126A1 (en) * 2010-07-13 2012-07-12 Lei Liu Probable Computing Attack Detector
US9015843B2 (en) * 2010-12-03 2015-04-21 Microsoft Corporation Predictive malware threat mitigation
US8726376B2 (en) * 2011-03-11 2014-05-13 Openet Telecom Ltd. Methods, systems and devices for the detection and prevention of malware within a network
US8949668B2 (en) * 2011-05-23 2015-02-03 The Boeing Company Methods and systems for use in identifying abnormal behavior in a control system including independent comparisons to user policies and an event correlation model
US8739281B2 (en) * 2011-12-06 2014-05-27 At&T Intellectual Property I, L.P. Multilayered deception for intrusion detection and prevention
US9355172B2 (en) * 2013-01-10 2016-05-31 Accenture Global Services Limited Data trend analysis
US20140337974A1 (en) * 2013-04-15 2014-11-13 Anupam Joshi System and method for semantic integration of heterogeneous data sources for context aware intrusion detection
US9519775B2 (en) * 2013-10-03 2016-12-13 Qualcomm Incorporated Pre-identifying probable malicious behavior based on configuration pathways
US20150326600A1 (en) * 2013-12-17 2015-11-12 George KARABATIS Flow-based system and method for detecting cyber-attacks utilizing contextual information
US20160078365A1 (en) * 2014-03-21 2016-03-17 Philippe Baumard Autonomous detection of incongruous behaviors
US9774614B2 (en) * 2014-06-24 2017-09-26 Qualcomm Incorporated Methods and systems for side channel analysis detection and protection
US9710752B2 (en) * 2014-09-11 2017-07-18 Qualcomm Incorporated Methods and systems for aggregated multi-application behavioral analysis of mobile device behaviors
US9571519B2 (en) * 2014-09-29 2017-02-14 Juniper Networks, Inc. Targeted attack discovery
US9928369B2 (en) * 2015-02-09 2018-03-27 Cisco Technologies, Inc. Information technology vulnerability assessment

Also Published As

Publication number Publication date
EP3151153B1 (en) 2021-05-19
RU2016132591A3 (ru) 2020-01-31
EP3151153A1 (en) 2017-04-05
RU2746685C2 (ru) 2021-04-19
US20170099308A1 (en) 2017-04-06
US10148678B2 (en) 2018-12-04

Similar Documents

Publication Publication Date Title
RU2016132591A (ru) Система кибербезопасности с дифференцированной способностью справляться со сложными кибератаками
TWI706273B (zh) 統一資源定位符(url)攻擊檢測方法、裝置及電子設備
Hussain et al. A two-fold machine learning approach to prevent and detect IoT botnet attacks
US11775826B2 (en) Artificial intelligence with cyber security
RU2019113327A (ru) СЛУЖБА IoT-БЕЗОПАСНОСТИ
Ham et al. Android mobile application system call event pattern analysis for determination of malicious attack
WO2014107438A3 (en) Methods and systems of dynamically generating and using device-specific and device-state-specific classifier models for the efficient classification of mobile device behaviors
RU2015138958A (ru) Способ формирования анализа поведения в системе наблюдения и мониторинга
SG10201805424RA (en) User authentication method, device for executing same, and recording medium for storing same
WO2016122904A3 (en) Managing thermal remediations on a computing device
RU2017103387A (ru) Устройство и способ обработки данных
RU2016116679A (ru) Система и способ для вычисления дайджеста сообщений
CN106961444A (zh) 一种基于隐马尔可夫模型的恶意网络爬虫检测方法
JP2016115095A5 (ru)
TW201615049A (en) Method, apparatus, and mobile terminal for collecting location information
Dehlaghi-Ghadim et al. Anomaly detection dataset for industrial control systems
Demertzis Blockchained federated learning for threat defense
Bhosale et al. Detection of Anomalous User Activity for Home IoT Devices [Detection of Anomalous User Activity for Home IoT Devices]
FI20135203L (fi) Testihallinta
RU2016105643A (ru) Способ и устройство для ликвидации скважины
Ghaffari et al. DroidMalHunter: A novel entropy-based anomaly detection system to detect malicious Android applications
Kumar et al. A network-based framework for mobile threat detection
CN103905269B (zh) 基于格式识别技术的网络双向检测方法及系统
Singhania et al. A Novel Crypt-Stego Technique for Information Security in Communication Networks
Tembhurne et al. IoT Security and Privacy