SG10201907783YA - Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram - Google Patents

Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram

Info

Publication number
SG10201907783YA
SG10201907783YA SG10201907783YA SG10201907783YA SG10201907783YA SG 10201907783Y A SG10201907783Y A SG 10201907783YA SG 10201907783Y A SG10201907783Y A SG 10201907783YA SG 10201907783Y A SG10201907783Y A SG 10201907783YA SG 10201907783Y A SG10201907783Y A SG 10201907783YA
Authority
SG
Singapore
Prior art keywords
suspicious event
computer program
program product
analysis device
sequence diagram
Prior art date
Application number
SG10201907783YA
Inventor
Ming-Chang Chiu
Hui-Ching Huang
Pei Kan Tsung
ming wei Wu
Original Assignee
Cycarrier Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cycarrier Technology Co Ltd filed Critical Cycarrier Technology Co Ltd
Publication of SG10201907783YA publication Critical patent/SG10201907783YA/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/14Digital output to display device ; Cooperation and interconnection of the display device with other functional units
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/542Event management; Broadcasting; Multicasting; Notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2203/00Indexing scheme relating to G06F3/00 - G06F3/048
    • G06F2203/048Indexing scheme relating to G06F3/048
    • G06F2203/04803Split screen, i.e. subdividing the display area or the window area into separate subareas
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/048Interaction techniques based on graphical user interfaces [GUI]
    • G06F3/0481Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
    • G06F3/0482Interaction with lists of selectable items, e.g. menus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Virology (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Algebra (AREA)
  • Debugging And Monitoring (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
SG10201907783YA 2018-08-22 2019-08-22 Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram SG10201907783YA (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US201862721290P 2018-08-22 2018-08-22

Publications (1)

Publication Number Publication Date
SG10201907783YA true SG10201907783YA (en) 2020-03-30

Family

ID=69583253

Family Applications (3)

Application Number Title Priority Date Filing Date
SG10201907778PA SG10201907778PA (en) 2018-08-22 2019-08-22 Cyber breach diagnostics system for use in diagnosing whether target network system is breached by cyber attack
SG10201907783YA SG10201907783YA (en) 2018-08-22 2019-08-22 Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram
SG10201907785RA SG10201907785RA (en) 2018-08-22 2019-08-22 Multi-frame cyber security analysis device and related computer program product for generating multiple associated data frames

Family Applications Before (1)

Application Number Title Priority Date Filing Date
SG10201907778PA SG10201907778PA (en) 2018-08-22 2019-08-22 Cyber breach diagnostics system for use in diagnosing whether target network system is breached by cyber attack

Family Applications After (1)

Application Number Title Priority Date Filing Date
SG10201907785RA SG10201907785RA (en) 2018-08-22 2019-08-22 Multi-frame cyber security analysis device and related computer program product for generating multiple associated data frames

Country Status (3)

Country Link
US (3) US20200067971A1 (en)
SG (3) SG10201907778PA (en)
TW (6) TW202009764A (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11601442B2 (en) 2018-08-17 2023-03-07 The Research Foundation For The State University Of New York System and method associated with expedient detection and reconstruction of cyber events in a compact scenario representation using provenance tags and customizable policy
US20200106787A1 (en) * 2018-10-01 2020-04-02 Global Data Sentinel, Inc. Data management operating system (dmos) analysis server for detecting and remediating cybersecurity threats
US11381459B2 (en) * 2019-08-05 2022-07-05 Sk Planet Co., Ltd. Service providing system and method for preventing hidden camera, service providing apparatus therefor, and non-transitory computer readable medium having computer program recorded thereon
CN112287339B (en) * 2020-03-06 2024-06-04 杭州奇盾信息技术有限公司 APT intrusion detection method and device and computer equipment
US11902306B1 (en) * 2020-04-30 2024-02-13 Splunk Inc. Advanced persistent threat detection by an information technology and security operations application
TWI812072B (en) * 2022-03-16 2023-08-11 緯創資通股份有限公司 Window arrangement method and window arrangement system
CN114826685A (en) * 2022-03-30 2022-07-29 深信服科技股份有限公司 Information analysis method, equipment and computer readable storage medium
US20240070268A1 (en) * 2022-08-23 2024-02-29 Bitdefender IPR Management Ltd. Aggregate Event Profiles for Detecting Malicious Mobile Applications
CN116738408B (en) * 2023-08-14 2023-11-17 北京安天网络安全技术有限公司 Method, device and medium for determining suspicious equipment
TWI839291B (en) * 2023-08-16 2024-04-11 臺灣中小企業銀行股份有限公司 System and method for counterfeit detection of applications on android

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100608403B1 (en) 2004-03-24 2006-08-03 엘지.필립스 엘시디 주식회사 Organic Electro luminescence Device and fabrication method thereof
TW201141155A (en) 2010-05-14 2011-11-16 Nat Univ Chin Yi Technology Alliance type distributed network intrusion prevention system and method thereof
US9311479B1 (en) * 2013-03-14 2016-04-12 Fireeye, Inc. Correlation and consolidation of analytic data for holistic view of a malware attack
US9699205B2 (en) * 2015-08-31 2017-07-04 Splunk Inc. Network security system
US9928366B2 (en) * 2016-04-15 2018-03-27 Sophos Limited Endpoint malware detection using an event graph
US20180234302A1 (en) * 2017-02-10 2018-08-16 Qualcomm Incorporated Systems and methods for network monitoring
US10587621B2 (en) * 2017-06-16 2020-03-10 Cisco Technology, Inc. System and method for migrating to and maintaining a white-list network security model
CN107733921A (en) * 2017-11-14 2018-02-23 深圳中兴网信科技有限公司 Network flow abnormal detecting method, device, computer equipment and storage medium
TWM564751U (en) * 2018-04-03 2018-08-01 南山人壽保險股份有限公司 Hacker attack detection system

Also Published As

Publication number Publication date
TWI726834B (en) 2021-05-01
TW202113642A (en) 2021-04-01
TW202009768A (en) 2020-03-01
SG10201907785RA (en) 2020-03-30
US11328056B2 (en) 2022-05-10
TWI726749B (en) 2021-05-01
TWI709057B (en) 2020-11-01
US20200067971A1 (en) 2020-02-27
TWI703468B (en) 2020-09-01
TW202046148A (en) 2020-12-16
SG10201907778PA (en) 2020-03-30
US20200067957A1 (en) 2020-02-27
US20200065481A1 (en) 2020-02-27
TW202009764A (en) 2020-03-01
TW202038118A (en) 2020-10-16
TWI726393B (en) 2021-05-01
TW202009765A (en) 2020-03-01

Similar Documents

Publication Publication Date Title
SG10201907783YA (en) Suspicious event analysis device and related computer program product for generating suspicious event sequence diagram
EP3323689A4 (en) Peripheral environment recognition device and computer program product
GB201423344D0 (en) Method, apparatus and computer program product for input detection
GB201713345D0 (en) A Method, an apparatus and a computer program product for object detection
GB201612323D0 (en) Information processing apparatus, method and computer program product
FR3022357B1 (en) METHOD AND DEVICE FOR GENERATING AN AIRCRAFT RESPONSE TRACK, COMPUTER PROGRAM PRODUCT AND ASSOCIATED AIRCRAFT
GB2536093B (en) Portable programmable device, system, method and computer program product
SG11201704907QA (en) A device, system, method and computer program product for processing electronic transaction requests
PL3482291T3 (en) A device for generating computer programs and a method for generating computer programs
IL267807A (en) Metrology method and apparatus and associated computer product
EP3526648C0 (en) Checking method, device, and computer program product
IL257771A (en) Systems, methods and computer program products for combining pets
GB201706763D0 (en) A Method, an apparatus and a computer program product for object detection
SG11201700694PA (en) Processor, method and computer program for processing an audio signal using truncated analysis or synthesis window overlap portions
GB201408635D0 (en) An apparatus method and computer program for a wearable device
IL268681A (en) An apparatus, computer program and method
DK3185552T3 (en) METHOD, DEVICE AND COMPUTER PROGRAM PRODUCT FOR TESTING A VIDEO SYSTEM
EP3570020A4 (en) Data analysis device and data analysis program
GB202000384D0 (en) Inference processing system, inference processing device, and computer program product
EP3471089A4 (en) Acoustic processing device, acoustic processing method, and computer program
GB201704727D0 (en) Apparatus, method and computer program
EP3665646A4 (en) Method and apparatus for processing image and computer program product thereof
EP3629286A4 (en) Image analysis evaluation method, computer program, and image analysis evaluation device
IL261819B (en) System, method and computer program product for data analysis
GB201604904D0 (en) Information processing apparatus,second information processing apparatus, system,method and computer program product