SG11201809495QA - Parallelism and n-tiering of knowledge inference and statistical correlation system - Google Patents
Parallelism and n-tiering of knowledge inference and statistical correlation systemInfo
- Publication number
- SG11201809495QA SG11201809495QA SG11201809495QA SG11201809495QA SG11201809495QA SG 11201809495Q A SG11201809495Q A SG 11201809495QA SG 11201809495Q A SG11201809495Q A SG 11201809495QA SG 11201809495Q A SG11201809495Q A SG 11201809495QA SG 11201809495Q A SG11201809495Q A SG 11201809495QA
- Authority
- SG
- Singapore
- Prior art keywords
- inference
- international
- correlation
- certis
- cisco
- Prior art date
Links
- 238000000034 method Methods 0.000 abstract 2
- 238000012806 monitoring device Methods 0.000 abstract 1
- 238000012544 monitoring process Methods 0.000 abstract 1
- 230000008520 organization Effects 0.000 abstract 1
- 239000011148 porous material Substances 0.000 abstract 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/04—Inference or reasoning models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/08—Computing arrangements based on specific mathematical models using chaos models or non-linear system models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Computation (AREA)
- Mathematical Physics (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Computational Linguistics (AREA)
- Algebra (AREA)
- Nonlinear Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Navigation (AREA)
- Medicines That Contain Protein Lipid Enzymes And Other Medicines (AREA)
Abstract
INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) (19) World Intellectual Property --,' 1#11101111011101010111110101111101110111110111101101110110 MI MI OE lil Organization International Bureau (10) International Publication Number 1 (43) International Publication Date .....•• WO 2017/192099 Al 09 November 2017 (09.11.2017) W I P0 I P C T (51) (21) (22) (25) Filing Language: (26) (71) (72) International Patent Classification: (74) Agent: FOO, Chee Hiong, Ricky et al.; Marks & Clerk GOOF 21/50 (2013.01) HO4L 29/00 (2006.01) Singapore LLP, Tanjong Pagar, P 0 Box 636, Singapore International Application Number: 910816 (SG). PCT/SG2016/050206 (81) Designated States (unless otherwise indicated, for every International Filing Date: kind of national protection available): AE, AG, AL, AM, 04 May 2016 (04.05.2016) AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DK, DM, DO, DZ, English EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, Publication Language: English HU, ID, IL, IN, IR, IS, JP, KE, KG, KN, KP, KR, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, Applicant: CERTIS CISCO SECURITY PTE LTD MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, [SG/SG]; 20 Jalan Afifi, Certis CISCO Centre, Singapore PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, 409179 (SG). SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW. Inventor: LIM, Albert Keng Leng; c/o Certis CISCO Se- curity Pte Ltd, 20 Jalan Afifi, Certis CISCO Centre, Singa- (84) Designated States (unless otherwise indicated, for every pore 409179 (SG). kind of regional protection available): ARIPO (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW), Eurasian (AM, AZ, BY, KG, KZ, RU, TJ, Title: PARALLELISM AND N-TIERING OF KNOWLEDGE INFERENCE AND STATISTICAL CORRELATION SYSTEM 100 (54) MONITORING DEVICES 1,—,,, 104 / --. \ I - - N = --- I ''' •—• _________________________ — -- 108b 1 102 I C/E #5 I/O SYSTEM 1 1 1 1 1 1 I I C/E #2 1 I 114b I I/E #1 1 Handoff 1 ----, I/E #3 I 106a I C/E #1 112a / 110a / / 106b i 112b I/E #4 1 CIE #4 \\ Handoff I \ I \ \ 114a I \ 110b / C/E #3 \\\ I/E #2 I/E #5 108a / / FIG. 1 •----___ , : An n-tiering security threat inference and correlation apparatus (100) for monitoring and anticipating cyber attacks is The apparatus comprises a plurality of groups of inference-correlation systems (106(a, b)-1 14(a, b)), each group arranged at least one inference system and at least one associated correlation system configured to monitor at least one network; and an (I/O) system (102) configured to receive security events, and broadcast the received security events to the plurality of of inference-correlation systems; wherein the respective groups of inference-correlation systems are configured to process only broadcasted security events relevant to the respective networks to identify the cyber attacks. A method of operating the apparatus also disclosed. © disclosed. 01 input/output — Il & (57) N with 1-1 -...... groups 1 r - the 1-1 © is ei C [Continued on next page] WO 2017/192099 Al MIDEDIMOMMIDIRMEMOMMEIDIONEHOMEMOIMIE TM), European (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR), OAPI (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG). Declarations under Rule 4.17: — of inventorship (Rule 4.17(iv)) Published: — with international search report (Art. 21(3))
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/SG2016/050206 WO2017192099A1 (en) | 2016-05-04 | 2016-05-04 | Parallelism and n-tiering of knowledge inference and statistical correlation system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| SG11201809495QA true SG11201809495QA (en) | 2018-11-29 |
Family
ID=60203148
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| SG11201809495QA SG11201809495QA (en) | 2016-05-04 | 2016-05-04 | Parallelism and n-tiering of knowledge inference and statistical correlation system |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US11057402B2 (en) |
| EP (1) | EP3452945B1 (en) |
| CN (1) | CN109478216B (en) |
| AU (1) | AU2016405637B2 (en) |
| CA (1) | CA3023086C (en) |
| SG (1) | SG11201809495QA (en) |
| WO (1) | WO2017192099A1 (en) |
Families Citing this family (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10805331B2 (en) | 2010-09-24 | 2020-10-13 | BitSight Technologies, Inc. | Information technology security assessment system |
| US9438615B2 (en) | 2013-09-09 | 2016-09-06 | BitSight Technologies, Inc. | Security risk management |
| US10425380B2 (en) | 2017-06-22 | 2019-09-24 | BitSight Technologies, Inc. | Methods for mapping IP addresses and domains to organizations using user activity data |
| US10257219B1 (en) | 2018-03-12 | 2019-04-09 | BitSight Technologies, Inc. | Correlated risk in cybersecurity |
| US10812520B2 (en) | 2018-04-17 | 2020-10-20 | BitSight Technologies, Inc. | Systems and methods for external detection of misconfigured systems |
| WO2020005250A1 (en) * | 2018-06-28 | 2020-01-02 | Google Llc | Detecting zero-day attacks with unknown signatures via mining correlation in behavioral change of entities over time |
| CN110912853A (en) * | 2018-09-15 | 2020-03-24 | 华为技术有限公司 | Method, device and system for anti-phishing attack inspection |
| US11200323B2 (en) | 2018-10-17 | 2021-12-14 | BitSight Technologies, Inc. | Systems and methods for forecasting cybersecurity ratings based on event-rate scenarios |
| US10521583B1 (en) | 2018-10-25 | 2019-12-31 | BitSight Technologies, Inc. | Systems and methods for remote detection of software through browser webinjects |
| US12346432B2 (en) * | 2018-12-31 | 2025-07-01 | Intel Corporation | Securing systems employing artificial intelligence |
| US10726136B1 (en) | 2019-07-17 | 2020-07-28 | BitSight Technologies, Inc. | Systems and methods for generating security improvement plans for entities |
| US11956265B2 (en) | 2019-08-23 | 2024-04-09 | BitSight Technologies, Inc. | Systems and methods for inferring entity relationships via network communications of users or user devices |
| US10848382B1 (en) | 2019-09-26 | 2020-11-24 | BitSight Technologies, Inc. | Systems and methods for network asset discovery and association thereof with entities |
| US11032244B2 (en) | 2019-09-30 | 2021-06-08 | BitSight Technologies, Inc. | Systems and methods for determining asset importance in security risk management |
| US10893067B1 (en) | 2020-01-31 | 2021-01-12 | BitSight Technologies, Inc. | Systems and methods for rapidly generating security ratings |
| US10764298B1 (en) * | 2020-02-26 | 2020-09-01 | BitSight Technologies, Inc. | Systems and methods for improving a security profile of an entity based on peer security profiles |
| US11023585B1 (en) | 2020-05-27 | 2021-06-01 | BitSight Technologies, Inc. | Systems and methods for managing cybersecurity alerts |
| US11122073B1 (en) | 2020-12-11 | 2021-09-14 | BitSight Technologies, Inc. | Systems and methods for cybersecurity risk mitigation and management |
| US12079347B2 (en) | 2021-03-31 | 2024-09-03 | BitSight Technologies, Inc. | Systems and methods for assessing cybersecurity risk in a work from home environment |
| US12353563B2 (en) | 2021-07-01 | 2025-07-08 | BitSight Technologies, Inc. | Systems and methods for accelerating cybersecurity assessments |
| US12282564B2 (en) | 2022-01-31 | 2025-04-22 | BitSight Technologies, Inc. | Systems and methods for assessment of cyber resilience |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003021376A2 (en) | 2001-09-04 | 2003-03-13 | E-Cop.Net Pte Ltd | Computer security event management system |
| JP2006129355A (en) | 2004-11-01 | 2006-05-18 | Internatl Business Mach Corp <Ibm> | Information processor, data transmission system, data transmission method, and program for performing the data transmission method on the information processor |
| WO2006071985A2 (en) | 2004-12-29 | 2006-07-06 | Alert Logic, Inc. | Threat scoring system and method for intrusion detection security networks |
| US20080307525A1 (en) * | 2007-06-05 | 2008-12-11 | Computer Associates Think, Inc. | System and method for evaluating security events in the context of an organizational structure |
| US20140173731A1 (en) * | 2007-07-27 | 2014-06-19 | Redshift Internetworking, Inc. | System and Method for Unified Communications Threat Management (UCTM) for Converged Voice, Video and Multi-Media Over IP Flows |
| US9043919B2 (en) * | 2008-10-21 | 2015-05-26 | Lookout, Inc. | Crawling multiple markets and correlating |
| GB0909079D0 (en) * | 2009-05-27 | 2009-07-01 | Quantar Llp | Assessing threat to at least one computer network |
| US20140317744A1 (en) * | 2010-11-29 | 2014-10-23 | Biocatch Ltd. | Device, system, and method of user segmentation |
| US9306962B1 (en) * | 2013-07-25 | 2016-04-05 | Niddel Corp | Systems and methods for classifying malicious network events |
| WO2015149062A1 (en) * | 2014-03-28 | 2015-10-01 | Zitovault, Inc. | System and method for predicting impending cyber security events using multi channel behavioral analysis in a distributed computing environment |
| CN104468545A (en) * | 2014-11-26 | 2015-03-25 | 中国航天科工集团第二研究院七〇六所 | Network security correlation analysis method based on complex event processing |
-
2016
- 2016-05-04 AU AU2016405637A patent/AU2016405637B2/en active Active
- 2016-05-04 CN CN201680087452.5A patent/CN109478216B/en active Active
- 2016-05-04 SG SG11201809495QA patent/SG11201809495QA/en unknown
- 2016-05-04 CA CA3023086A patent/CA3023086C/en active Active
- 2016-05-04 US US16/098,826 patent/US11057402B2/en active Active
- 2016-05-04 EP EP16901117.8A patent/EP3452945B1/en active Active
- 2016-05-04 WO PCT/SG2016/050206 patent/WO2017192099A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| US20190141060A1 (en) | 2019-05-09 |
| EP3452945A4 (en) | 2019-12-11 |
| EP3452945A1 (en) | 2019-03-13 |
| CN109478216B (en) | 2023-07-21 |
| CA3023086C (en) | 2023-10-03 |
| WO2017192099A1 (en) | 2017-11-09 |
| US11057402B2 (en) | 2021-07-06 |
| CA3023086A1 (en) | 2017-11-09 |
| AU2016405637B2 (en) | 2021-05-27 |
| EP3452945B1 (en) | 2023-12-20 |
| CN109478216A (en) | 2019-03-15 |
| AU2016405637A1 (en) | 2018-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| SG11201809495QA (en) | Parallelism and n-tiering of knowledge inference and statistical correlation system | |
| SG11201903196XA (en) | ENHANCED MANAGEMENT OF ACs IN MULTI-USER EDCA TRANSMISSION MODE IN WIRELESS NETWORKS | |
| SG11201808968WA (en) | Time division multiplexing of synchronization channels | |
| SG11201809645VA (en) | Peer-to-peer network and node of a peer-to-peer network | |
| SG11201809889PA (en) | Device and system including multiple devices for supervision and control of machines in industrial installation | |
| SG11201901858QA (en) | Techniques for contending for access to a radio frequency spectrum band using a coordinated listen before talk procedure | |
| SG11201902084QA (en) | Wireless communication between wideband enb and narrowband ue | |
| SG11201900399WA (en) | Method and apparatus for performing access barring check | |
| SG11201900310RA (en) | Declaring quasi co-location among multiple antenna ports | |
| SG11201809481YA (en) | Phase reference sharing schemes for continuous-variable quantum cryptography | |
| SG11201909116QA (en) | Synchronization for wideband coverage enhancement | |
| SG11201907928UA (en) | Spatial-division multiple access (sdma) across multiple operators | |
| SG11201804599VA (en) | Methods and apparatus for selecting enhanced distributed channel access parameters for different stations | |
| SG11201900516YA (en) | Transmission configuration and format for random access messages | |
| SG11201906647TA (en) | Separate configuration of numerology-associated resources | |
| SG11201807387YA (en) | System and method for beam management | |
| SG11201902200TA (en) | Power control and triggering of sounding reference signal on multiple component carriers | |
| SG11201808924TA (en) | Time division multiplexing of synchronization channels | |
| SG11201710238QA (en) | Autonomic incident triage prioritization by performance modifier and temporal decay parameters | |
| SG11201900969SA (en) | Access stratum security for efficient packet processing | |
| SG11201903412TA (en) | Protection of mission-critical push-to-talk multimedia broadcast and multicast service subchannel control messages | |
| SG11201807679XA (en) | Methods and devices for determining precoder parameters in a wireless communication network | |
| SG11201807307VA (en) | System and method for aerial system discrimination and action | |
| SG11201407780PA (en) | Policy service logging using graph structures | |
| SG11201804315TA (en) | Monitoring traffic in a computer network |