SG10202008469RA - A deep embedded self-taught learning system and method for detecting suspicious network behaviours - Google Patents

A deep embedded self-taught learning system and method for detecting suspicious network behaviours

Info

Publication number
SG10202008469RA
SG10202008469RA SG10202008469RA SG10202008469RA SG10202008469RA SG 10202008469R A SG10202008469R A SG 10202008469RA SG 10202008469R A SG10202008469R A SG 10202008469RA SG 10202008469R A SG10202008469R A SG 10202008469RA SG 10202008469R A SG10202008469R A SG 10202008469RA
Authority
SG
Singapore
Prior art keywords
learning system
suspicious network
detecting suspicious
embedded self
deep embedded
Prior art date
Application number
SG10202008469RA
Inventor
Joon Sern Lee
Hanyang Quek
Jin Hao Chan
Original Assignee
Ensign Infosecurity Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ensign Infosecurity Pte Ltd filed Critical Ensign Infosecurity Pte Ltd
Priority to SG10202008469RA priority Critical patent/SG10202008469RA/en
Publication of SG10202008469RA publication Critical patent/SG10202008469RA/en
Priority to GB2112064.7A priority patent/GB2601401B/en
Priority to AU2021221867A priority patent/AU2021221867B2/en
Priority to IL285979A priority patent/IL285979B2/en
Priority to KR1020210116344A priority patent/KR102590451B1/en
Priority to CN202111018792.1A priority patent/CN114205106B/en
Priority to US17/463,927 priority patent/US11438356B2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • G06F1/02Digital function generators
    • G06F1/022Waveform generators, i.e. devices for generating periodical functions of time, e.g. direct digital synthesizers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/004Artificial life, i.e. computing arrangements simulating life
    • G06N3/008Artificial life, i.e. computing arrangements simulating life based on physical entities controlled by simulated intelligence so as to replicate intelligent life forms, e.g. based on robots replicating pets or humans in their appearance or behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/06Physical realisation, i.e. hardware implementation of neural networks, neurons or parts of neurons
    • G06N3/063Physical realisation, i.e. hardware implementation of neural networks, neurons or parts of neurons using electronic means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
SG10202008469RA 2020-09-01 2020-09-01 A deep embedded self-taught learning system and method for detecting suspicious network behaviours SG10202008469RA (en)

Priority Applications (7)

Application Number Priority Date Filing Date Title
SG10202008469RA SG10202008469RA (en) 2020-09-01 2020-09-01 A deep embedded self-taught learning system and method for detecting suspicious network behaviours
GB2112064.7A GB2601401B (en) 2020-09-01 2021-08-23 A deep embedded self-taught learning system and method for detecting suspicious network behaviours
AU2021221867A AU2021221867B2 (en) 2020-09-01 2021-08-26 A deep embedded self-taught learning system and method for detecting suspicious network behaviours
IL285979A IL285979B2 (en) 2020-09-01 2021-08-30 A deep embedded self-taught learning system and method for detecting suspicious network behaviours
KR1020210116344A KR102590451B1 (en) 2020-09-01 2021-09-01 A deep embedded self-taught learning system and method for detecting suspicious network behaviours
CN202111018792.1A CN114205106B (en) 2020-09-01 2021-09-01 Deep embedded self-learning system and method for detecting suspicious network behavior
US17/463,927 US11438356B2 (en) 2020-09-01 2021-09-01 Deep embedded self-taught learning system and method for detecting suspicious network behaviours

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SG10202008469RA SG10202008469RA (en) 2020-09-01 2020-09-01 A deep embedded self-taught learning system and method for detecting suspicious network behaviours

Publications (1)

Publication Number Publication Date
SG10202008469RA true SG10202008469RA (en) 2020-10-29

Family

ID=73034379

Family Applications (1)

Application Number Title Priority Date Filing Date
SG10202008469RA SG10202008469RA (en) 2020-09-01 2020-09-01 A deep embedded self-taught learning system and method for detecting suspicious network behaviours

Country Status (6)

Country Link
US (1) US11438356B2 (en)
KR (1) KR102590451B1 (en)
AU (1) AU2021221867B2 (en)
GB (1) GB2601401B (en)
IL (1) IL285979B2 (en)
SG (1) SG10202008469RA (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114707151A (en) * 2022-05-16 2022-07-05 桂林电子科技大学 Zombie software detection method based on API calling and network behavior

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11843623B2 (en) * 2021-03-16 2023-12-12 Mitsubishi Electric Research Laboratories, Inc. Apparatus and method for anomaly detection
US11893346B2 (en) * 2021-05-05 2024-02-06 International Business Machines Corporation Transformer-based encoding incorporating metadata
CN114386514B (en) * 2022-01-13 2022-11-25 中国人民解放军国防科技大学 Unknown flow data identification method and device based on dynamic network environment
CN114679308B (en) * 2022-03-21 2023-04-07 山东大学 Unknown flow identification method and system based on double-path self-coding
CN114615088A (en) * 2022-04-25 2022-06-10 国网冀北电力有限公司信息通信分公司 Terminal service flow abnormity detection model establishing method and abnormity detection method
CN117640252B (en) * 2024-01-24 2024-03-26 北京邮电大学 Encryption stream threat detection method and system based on context analysis

Family Cites Families (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE60236351D1 (en) * 2001-03-08 2010-06-24 California Inst Of Techn REAL-TIME REAL-TIME COHERENCE ASSESSMENT FOR AUTONOMOUS MODUS IDENTIFICATION AND INVARIATION TRACKING
US10417415B2 (en) * 2016-12-06 2019-09-17 General Electric Company Automated attack localization and detection
US11205103B2 (en) * 2016-12-09 2021-12-21 The Research Foundation for the State University Semisupervised autoencoder for sentiment analysis
KR101888683B1 (en) * 2017-07-28 2018-08-14 펜타시큐리티시스템 주식회사 Method and apparatus for detecting anomaly traffic
US10686806B2 (en) * 2017-08-21 2020-06-16 General Electric Company Multi-class decision system for categorizing industrial asset attack and fault types
KR101994528B1 (en) * 2017-08-30 2019-06-28 고려대학교 세종산학협력단 Method and Apparatus for Detection of Traffic Flooding Attacks using Time Series Analysis
US11663067B2 (en) * 2017-12-15 2023-05-30 International Business Machines Corporation Computerized high-speed anomaly detection
US10819725B2 (en) * 2018-01-18 2020-10-27 General Electric Company Reliable cyber-threat detection in rapidly changing environments
US11113395B2 (en) * 2018-05-24 2021-09-07 General Electric Company System and method for anomaly and cyber-threat detection in a wind turbine
CN110659759A (en) * 2018-06-29 2020-01-07 微软技术许可有限责任公司 Neural network based trend prediction
US11451565B2 (en) * 2018-09-05 2022-09-20 Oracle International Corporation Malicious activity detection by cross-trace analysis and deep learning
CN109446804B (en) 2018-09-27 2022-02-01 桂林电子科技大学 Intrusion detection method based on multi-scale feature connection convolutional neural network
US10834106B2 (en) * 2018-10-03 2020-11-10 At&T Intellectual Property I, L.P. Network security event detection via normalized distance based clustering
US11610098B2 (en) * 2018-12-27 2023-03-21 Paypal, Inc. Data augmentation in transaction classification using a neural network
US11171978B2 (en) * 2019-03-27 2021-11-09 Microsoft Technology Licensing, Llc. Dynamic monitoring, detection of emerging computer events
KR102198224B1 (en) * 2019-04-11 2021-01-05 주식회사 알고리고 Anomaly detection apparatus using artificial neural network
US11410048B2 (en) * 2019-05-17 2022-08-09 Honda Motor Co., Ltd. Systems and methods for anomalous event detection
US20200387818A1 (en) * 2019-06-07 2020-12-10 Aspen Technology, Inc. Asset Optimization Using Integrated Modeling, Optimization, and Artificial Intelligence
US11811801B2 (en) * 2019-08-21 2023-11-07 Nokia Solutions And Networks Oy Anomaly detection for microservices
US11729190B2 (en) * 2019-10-29 2023-08-15 General Electric Company Virtual sensor supervised learning for cyber-attack neutralization
US11468164B2 (en) * 2019-12-11 2022-10-11 General Electric Company Dynamic, resilient virtual sensing system and shadow controller for cyber-attack neutralization
CN111507385B (en) 2020-04-08 2023-04-28 中国农业科学院农业信息研究所 Extensible network attack behavior classification method
US11269978B2 (en) * 2020-05-07 2022-03-08 Microsoft Technology Licensing, Llc Detection of slow brute force attacks based on user-level time series analysis

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114707151A (en) * 2022-05-16 2022-07-05 桂林电子科技大学 Zombie software detection method based on API calling and network behavior

Also Published As

Publication number Publication date
KR20220029532A (en) 2022-03-08
IL285979B (en) 2022-12-01
AU2021221867B2 (en) 2022-12-01
KR102590451B1 (en) 2023-10-19
US11438356B2 (en) 2022-09-06
GB2601401B (en) 2022-12-28
CN114205106A (en) 2022-03-18
IL285979B2 (en) 2023-04-01
AU2021221867A1 (en) 2022-03-17
GB2601401A (en) 2022-06-01
GB202112064D0 (en) 2021-10-06
US20220070195A1 (en) 2022-03-03
IL285979A (en) 2022-03-01

Similar Documents

Publication Publication Date Title
GB2601401B (en) A deep embedded self-taught learning system and method for detecting suspicious network behaviours
GB202214224D0 (en) Deep learning network intrusion detection
EP3824321A4 (en) Systems and methods for detecting a subsurface event
EP4252148A4 (en) Lane line detection method based on deep learning, and apparatus
GB2592203B (en) A System and method for improved geophysical data interpretation
EP4203349A4 (en) Training method for detection model, system, device, and storage medium
EP3889846A4 (en) Deep learning model training method and system
EP2779133A3 (en) System and method of anomaly detection
ZA202108234B (en) A sports training system and method based on vr technology
IL309969A (en) Method and system of detecting obstacle elements with a visual aid device
GB2606938B (en) Modular sensing device, system, and method
GB202006166D0 (en) Method and system for confidence estimation of a trained deep learning model
EP4137976A4 (en) Learning device, detection device, learning method, detection method, learning program, and detection program
GB201913283D0 (en) Position detection system and method of detecting a movement of a machine
EP4191483A4 (en) Federated learning method, device and system
GB202109215D0 (en) Method and system for detecting a lane departure event
GB2564052A (en) System and method for launching and retrieving wireline eat sensors
EP4136432A4 (en) A system and a method for fluorescence detection
GB202213332D0 (en) Device and method for providing missing child search service based on face recognition using deep learning
GB202106807D0 (en) A drone detection device and method thereof
GB201900542D0 (en) A theft deterrent system and method
GB2602395B (en) Apparatus, system and method for tethering a subsea assembly
ZA202110328B (en) Orchard pest detection system based on deep learning and method thereof
ZA202303052B (en) A wildlife target monitoring system based on deep learning and its method
GB202102768D0 (en) A spraying detection system and method