SG11201509818UA - System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms - Google Patents

System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms

Info

Publication number
SG11201509818UA
SG11201509818UA SG11201509818UA SG11201509818UA SG11201509818UA SG 11201509818U A SG11201509818U A SG 11201509818UA SG 11201509818U A SG11201509818U A SG 11201509818UA SG 11201509818U A SG11201509818U A SG 11201509818UA SG 11201509818U A SG11201509818U A SG 11201509818UA
Authority
SG
Singapore
Prior art keywords
high speed
machine learning
threat intelligence
unsupervised machine
intelligence management
Prior art date
Application number
SG11201509818UA
Other languages
English (en)
Inventor
Keng Leng Albert Lim
Original Assignee
Certis Cisco Security Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Certis Cisco Security Pte Ltd filed Critical Certis Cisco Security Pte Ltd
Publication of SG11201509818UA publication Critical patent/SG11201509818UA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/23Clustering techniques
    • G06F18/232Non-hierarchical techniques
    • G06F18/2321Non-hierarchical techniques using statistics or function optimisation, e.g. modelling of probability density functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/241Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
    • G06F18/2413Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on distances to training or reference patterns
    • G06F18/24147Distances to closest patterns, e.g. nearest neighbour classification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Artificial Intelligence (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Mathematical Physics (AREA)
  • Medical Informatics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Probability & Statistics with Applications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
SG11201509818UA 2015-07-24 2015-07-24 System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms SG11201509818UA (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/SG2015/050233 WO2017018926A1 (en) 2015-07-24 2015-07-24 System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms

Publications (1)

Publication Number Publication Date
SG11201509818UA true SG11201509818UA (en) 2017-03-30

Family

ID=57884992

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11201509818UA SG11201509818UA (en) 2015-07-24 2015-07-24 System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms

Country Status (7)

Country Link
US (1) US10713586B2 (de)
EP (1) EP3143547B1 (de)
CN (1) CN106663169B (de)
AU (1) AU2015403433B2 (de)
SG (1) SG11201509818UA (de)
TW (1) TWI711938B (de)
WO (1) WO2017018926A1 (de)

Families Citing this family (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10713586B2 (en) 2015-07-24 2020-07-14 Certis Cisco Security Pte Ltd System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms
US11232522B2 (en) 2015-10-05 2022-01-25 Verizon Media Inc. Methods, systems and techniques for blending online content from multiple disparate content sources including a personal content source or a semi-personal content source
US10387432B2 (en) 2015-10-05 2019-08-20 Oath Inc. Methods, systems and techniques for ranking blended content retrieved from multiple disparate content sources
US11522977B2 (en) * 2015-10-09 2022-12-06 Niranjan Suri System and method to optimize communications in tactical networks by computing and using information value
KR101703446B1 (ko) * 2015-10-15 2017-02-06 숭실대학교산학협력단 DoS 공격의 탐지가 가능한 네트워크 및 이의 제어 방법과, 상기 네트워크에 포함되는 게이트웨이 및 관리 서버
US20220078210A1 (en) * 2015-10-28 2022-03-10 Qomplx, Inc. System and method for collaborative cybersecurity defensive strategy analysis utilizing virtual network spaces
AU2016427778B2 (en) * 2016-10-24 2022-03-10 Certis Cisco Security Pte Ltd Quantitative unified analytic neural networks
GB2577640B (en) * 2017-06-29 2022-09-07 Certis Cisco Security Pte Ltd Autonomic incident triage prioritization by performance modifier and temporal decay parameters
US10503899B2 (en) * 2017-07-10 2019-12-10 Centripetal Networks, Inc. Cyberanalysis workflow acceleration
US10936981B2 (en) * 2017-08-24 2021-03-02 Facebook, Inc. Detecting a landing page that violates an online system policy based on a structural similarity between the landing page and a web page violating the policy
US10678954B2 (en) * 2017-09-21 2020-06-09 GM Global Technology Operations LLC Cybersecurity vulnerability prioritization and remediation
KR101916676B1 (ko) * 2017-11-27 2018-11-08 한국인터넷진흥원 사이버 위협 인텔리전스 데이터를 수집하는 방법 및 그 시스템
CN108346107B (zh) * 2017-12-28 2020-11-10 创新先进技术有限公司 一种社交内容风险识别方法、装置以及设备
US10812510B2 (en) * 2018-01-12 2020-10-20 The Boeing Company Anticipatory cyber defense
CN108737406B (zh) * 2018-05-10 2020-08-04 北京邮电大学 一种异常流量数据的检测方法及系统
CN108833389A (zh) * 2018-06-05 2018-11-16 北京奇安信科技有限公司 一种情报数据共享处理方法及装置
CN109615080B (zh) 2018-09-20 2020-05-26 阿里巴巴集团控股有限公司 无监督模型评估方法、装置、服务器及可读存储介质
EP3660716B1 (de) * 2018-11-30 2020-12-23 Ovh Dienstinfrastruktur und verfahren zur vorhersage und erkennung potenzieller anomalien in der dienstinfrastruktur
US11201877B2 (en) * 2018-12-11 2021-12-14 Cisco Technology, Inc. Detecting encrypted malware with SPLT-based deep networks
CN110009174B (zh) * 2018-12-13 2020-11-06 创新先进技术有限公司 风险识别模型训练方法、装置及服务器
CN109547479A (zh) * 2018-12-27 2019-03-29 国网浙江省电力有限公司电力科学研究院 一种工业环境中威胁情报整合系统和方法
US11592812B2 (en) 2019-02-19 2023-02-28 Applied Materials, Inc. Sensor metrology data integration
WO2020169211A1 (en) 2019-02-22 2020-08-27 Telefonaktiebolaget Lm Ericsson (Publ) Managing telecommunication network event data
US11647041B2 (en) * 2019-04-08 2023-05-09 United States Of America As Represented By The Secretary Of The Air Force System and method for privacy preservation in cyber threat
WO2021002885A1 (en) * 2019-07-03 2021-01-07 Cyber Team Six, Llc Data breach prevention and remediation
US11070572B2 (en) 2019-07-09 2021-07-20 Mcafee, Llc Methods, systems, articles of manufacture and apparatus for producing generic IP reputation through cross-protocol analysis
US11863577B1 (en) * 2019-08-22 2024-01-02 Rapid7, Inc. Data collection and analytics pipeline for cybersecurity
US10735270B1 (en) * 2019-09-30 2020-08-04 Godaddy.Com, Llc Computer-based systems configured for network modelling and monitoring using programming object bindings and methods of use thereof
CN111209750B (zh) * 2020-01-07 2023-11-21 深圳开源互联网安全技术有限公司 车联网威胁情报建模方法、装置及可读存储介质
US11522880B2 (en) 2020-07-09 2022-12-06 International Business Machines Corporation Analytics engine for data exploration and analytics
CN112100257A (zh) * 2020-08-21 2020-12-18 杭州安恒信息安全技术有限公司 数据处理方法、装置、计算机设备和存储介质
US11956266B2 (en) * 2020-10-23 2024-04-09 International Business Machines Corporation Context based risk assessment of a computing resource vulnerability
US11853042B2 (en) 2021-02-17 2023-12-26 Applied Materials, Inc. Part, sensor, and metrology data integration
CN112564988B (zh) * 2021-02-19 2021-06-18 腾讯科技(深圳)有限公司 告警处理方法、装置及电子设备
US11677771B2 (en) * 2021-05-12 2023-06-13 Dragos, Inc. Community threat intelligence and visibility for operational technology networks
CN113139025B (zh) * 2021-05-14 2024-06-07 恒安嘉新(北京)科技股份公司 一种威胁情报的评价方法、装置、设备及存储介质
TWI777766B (zh) * 2021-09-10 2022-09-11 中華電信股份有限公司 偵測惡意網域查詢行為的系統及方法
CN114124484B (zh) * 2021-11-09 2024-04-05 招商银行股份有限公司 网络攻击识别方法、系统、装置、终端设备以及存储介质
EP4415312A1 (de) 2023-02-07 2024-08-14 Fibabanka Anonim Sirketi Sichere blockchain-basierte architektur zur ermöglichung von kollektiver intelligenz in verteilten iot-netzwerken

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030191832A1 (en) 1999-06-01 2003-10-09 Ramakrishna Satyavolu Method and apparatus for controlled establishment of a turnkey system providing a centralized data aggregation and summary capability to third party entities
US7249162B2 (en) * 2003-02-25 2007-07-24 Microsoft Corporation Adaptive junk message filtering system
US20070289013A1 (en) * 2006-06-08 2007-12-13 Keng Leng Albert Lim Method and system for anomaly detection using a collective set of unsupervised machine-learning algorithms
CN101650792A (zh) * 2008-08-12 2010-02-17 宏碁股份有限公司 管理跨平台防毒软件的方法及其系统
US8151350B2 (en) 2008-11-03 2012-04-03 Korea University Industry And Academy Collaboration Foundation Method and device for detecting unknown network worms
CN101872343A (zh) * 2009-04-24 2010-10-27 罗彤 半监督式的海量数据层次分类方法
US8554948B2 (en) 2010-03-03 2013-10-08 At&T Intellectual Property I, L.P. Methods, systems and computer program products for identifying traffic on the internet using communities of interest
US9183397B2 (en) * 2011-06-05 2015-11-10 Core Sdi Incorporated System and method for providing automated computer security compromise as a service
US8726379B1 (en) 2011-07-15 2014-05-13 Norse Corporation Systems and methods for dynamic protection from electronic attacks
US8782788B2 (en) * 2012-06-28 2014-07-15 LonoCloud, Inc. Systems, methods, and apparatus for improved application security
US8813228B2 (en) * 2012-06-29 2014-08-19 Deloitte Development Llc Collective threat intelligence gathering system
US9258321B2 (en) 2012-08-23 2016-02-09 Raytheon Foreground Security, Inc. Automated internet threat detection and mitigation system and associated methods
US9323935B2 (en) * 2012-12-18 2016-04-26 Mcafee, Inc. User device security profile
CN104036780B (zh) * 2013-03-05 2017-05-24 阿里巴巴集团控股有限公司 一种人机识别方法及系统
US9692789B2 (en) 2013-12-13 2017-06-27 Oracle International Corporation Techniques for cloud security monitoring and threat intelligence
US9338181B1 (en) * 2014-03-05 2016-05-10 Netflix, Inc. Network security system with remediation based on value of attacked assets
CN104601565B (zh) * 2015-01-07 2018-06-15 天津理工大学 一种智能优化规则的网络入侵检测分类方法
US10713586B2 (en) 2015-07-24 2020-07-14 Certis Cisco Security Pte Ltd System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms

Also Published As

Publication number Publication date
CN106663169A (zh) 2017-05-10
US10713586B2 (en) 2020-07-14
WO2017018926A1 (en) 2017-02-02
AU2015403433B2 (en) 2021-08-19
TW201705034A (zh) 2017-02-01
AU2015403433A1 (en) 2018-02-08
EP3143547B1 (de) 2019-03-20
EP3143547A4 (de) 2017-10-11
EP3143547A1 (de) 2017-03-22
US20170228658A1 (en) 2017-08-10
CN106663169B (zh) 2021-03-09
TWI711938B (zh) 2020-12-01

Similar Documents

Publication Publication Date Title
SG11201509818UA (en) System and method for high speed threat intelligence management using unsupervised machine learning and prioritization algorithms
HK1246460A1 (zh) 一種跨月臺管理系統、方法及裝置
HK1246952A1 (zh) 自行車管理系統及其控制方法和裝置
EP3491524A4 (de) System und verfahren zur verwaltung von cybersicherheitsschwachstellen
EP3317797A4 (de) Intelligenzsystem und verfahren gegen bedrohungen
EP3311348A4 (de) Bestandsmanagementvorrichtung, -verfahren und -system
EP3358430A4 (de) Verwaltungssystem und verwaltungsverfahren
EP3149689A4 (de) Systeme und verfahren für gesteuertes wissenssystemmanagement
EP3151515A4 (de) Datenspeicherungsverfahren, sdn-steuergerät und verteiltes netzwerkspeicherungssystem
EP3361469B8 (de) Geheimes suchsystem, verwaltungsgerät, geheimes suchverfahren und geheimes suchprogramm
EP3249863A4 (de) Zugangssteuerungsvorrichtung, -system und -verfahren
EP3238163A4 (de) Wearable-vorrichtung, verwaltungsserver, verwaltungssystem damit und verfahren zur steuerung davon
HK1249603A1 (zh) 用於生成網絡威脅情報的系統及方法
EP3565174C0 (de) Zugangsverwaltungssystem, zugangsverwaltungsverfahren und programm
HK1225895A1 (zh) 節點間通信的裝置、方法和系統
KR101687819B9 (ko) 비닐하우스 관리 시스템 및 그의 처리 방법
EP3128416A4 (de) Snd-anwendung-integration, verwaltungs- und steuerungsverfahren, system und vorrichtung
EP3642763C0 (de) System und verfahren für neuronale netzwerke
EP3179377A4 (de) Verwaltungsvorrichtung, steuerungsvorrichtung für die verwaltungsvorrichtung und steuerungsverfahren für die verwaltungsvorrichtung
EP3497640A4 (de) Vertragsverwaltungssystem, vorrichtung und verfahren
EP3229530A4 (de) Zugangsverfahren, vorrichtung und system
HK1231638A1 (zh) 充電管理裝置、充電裝置以及充電管理方法
IL263794A (en) Orthocratological method for scoring lenses, scoring system, scoring and delivery method, and scoring and delivery system
EP3328073A4 (de) Bildverwaltungssystem, bildverwaltungsverfahren und programm
GB201608623D0 (en) Method and apparatus for utilizing customer actions for store intelligence and management