SG11202109795WA - Detecting sensitive data exposure via logging - Google Patents

Detecting sensitive data exposure via logging

Info

Publication number
SG11202109795WA
SG11202109795WA SG11202109795WA SG11202109795WA SG 11202109795W A SG11202109795W A SG 11202109795WA SG 11202109795W A SG11202109795W A SG 11202109795WA SG 11202109795W A SG11202109795W A SG 11202109795WA
Authority
SG
Singapore
Prior art keywords
sensitive data
data exposure
exposure via
detecting sensitive
via logging
Prior art date
Application number
Inventor
Raghavendra Arjun Udupi
Matthias Seul
Tim Scheideler
Tiziano Airoldi
Original Assignee
Ibm
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm filed Critical Ibm
Publication of SG11202109795WA publication Critical patent/SG11202109795WA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/15Correlation function computation including computation of convolution operations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Mathematical Analysis (AREA)
  • Pure & Applied Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • Mathematical Optimization (AREA)
  • Computational Mathematics (AREA)
  • Algebra (AREA)
  • Databases & Information Systems (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
SG11202109795W 2019-04-18 2020-03-23 Detecting sensitive data exposure via logging SG11202109795WA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/387,632 US11431734B2 (en) 2019-04-18 2019-04-18 Adaptive rule generation for security event correlation
PCT/EP2020/058028 WO2020212093A1 (en) 2019-04-18 2020-03-23 Detecting sensitive data exposure via logging

Publications (1)

Publication Number Publication Date
SG11202109795WA true SG11202109795WA (en) 2021-10-28

Family

ID=69960641

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11202109795W SG11202109795WA (en) 2019-04-18 2020-03-23 Detecting sensitive data exposure via logging

Country Status (12)

Country Link
US (1) US11431734B2 (en)
EP (1) EP3957042A1 (en)
JP (1) JP2022529220A (en)
KR (1) KR102612500B1 (en)
CN (1) CN113661693B (en)
AU (1) AU2020257925B2 (en)
BR (1) BR112021020850A2 (en)
CA (1) CA3137249A1 (en)
IL (1) IL286611A (en)
MX (1) MX2021012614A (en)
SG (1) SG11202109795WA (en)
WO (1) WO2020212093A1 (en)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10841337B2 (en) 2016-11-28 2020-11-17 Secureworks Corp. Computer implemented system and method, and computer program product for reversibly remediating a security risk
US10735470B2 (en) 2017-11-06 2020-08-04 Secureworks Corp. Systems and methods for sharing, distributing, or accessing security data and/or security applications, models, or analytics
WO2020183615A1 (en) * 2019-03-12 2020-09-17 三菱電機株式会社 Attack estimation device, attack control method, and attack estimation program
EP3712721A1 (en) * 2019-03-19 2020-09-23 Siemens Aktiengesellschaft Safety-related diagnosis reports
US11431734B2 (en) 2019-04-18 2022-08-30 Kyndryl, Inc. Adaptive rule generation for security event correlation
US11418524B2 (en) * 2019-05-07 2022-08-16 SecureworksCorp. Systems and methods of hierarchical behavior activity modeling and detection for systems-level security
US11522877B2 (en) 2019-12-16 2022-12-06 Secureworks Corp. Systems and methods for identifying malicious actors or activities
US11669615B2 (en) * 2020-07-23 2023-06-06 Mcafee, Llc Skewness in indicators of compromise
US11588834B2 (en) * 2020-09-03 2023-02-21 Secureworks Corp. Systems and methods for identifying attack patterns or suspicious activity in client networks
CN112351017B (en) * 2020-10-28 2022-08-26 北京奇虎科技有限公司 Transverse penetration protection method, device, equipment and storage medium
US11539737B2 (en) * 2020-10-28 2022-12-27 Kyndryl, Inc. Adaptive security for resource constraint devices
AT523933B1 (en) * 2020-11-18 2022-01-15 Ait Austrian Inst Tech Gmbh Method for classifying abnormal operating states of a computer network
JP7427574B2 (en) 2020-11-30 2024-02-05 株式会社日立製作所 Condition diagnosis device and condition diagnosis method
CN114650146A (en) * 2020-12-02 2022-06-21 中国电信股份有限公司 Attack tracing method and device and computer storage medium
CN114697057B (en) * 2020-12-28 2023-02-10 华为技术有限公司 Method, device and storage medium for acquiring layout script information
US11528294B2 (en) 2021-02-18 2022-12-13 SecureworksCorp. Systems and methods for automated threat detection
CN113259371B (en) * 2021-06-03 2022-04-19 上海雾帜智能科技有限公司 Network attack event blocking method and system based on SOAR system
CN115473658A (en) * 2021-06-10 2022-12-13 中国移动通信集团有限公司 Network attack detection method, device, equipment and computer program
CN113591092B (en) * 2021-06-22 2023-05-09 中国电子科技集团公司第三十研究所 Attack chain construction method based on vulnerability combination
CN113452700B (en) * 2021-06-25 2022-12-27 阿波罗智联(北京)科技有限公司 Method, device, equipment and storage medium for processing safety information
CN113765915B (en) * 2021-09-06 2023-04-21 杭州安恒信息技术股份有限公司 Network event analysis method, system, readable storage medium and computer device
JP7230146B1 (en) 2021-09-24 2023-02-28 エヌ・ティ・ティ・コミュニケーションズ株式会社 Vehicle security analysis device, method and program thereof
CN114095274B (en) * 2021-12-10 2023-11-10 北京天融信网络安全技术有限公司 Attack studying and judging method and device
CN114430335A (en) * 2021-12-16 2022-05-03 奇安信科技集团股份有限公司 Web fingerprint matching method and device
CN114301692B (en) * 2021-12-29 2023-12-12 中国电信股份有限公司 Attack prediction method, device, medium and equipment
CN114124587B (en) * 2022-01-29 2022-06-28 北京安帝科技有限公司 Attack chain processing method and system and electronic equipment
US12015623B2 (en) 2022-06-24 2024-06-18 Secureworks Corp. Systems and methods for consensus driven threat intelligence
CN114866355B (en) * 2022-07-06 2023-04-28 浙江国利网安科技有限公司 Message flow forwarding method, device and computer equipment
CN115883218B (en) * 2022-12-02 2024-04-12 中国人民解放军国防科技大学 Multi-mode data model-based composite attack chain completion method, system and medium

Family Cites Families (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7644365B2 (en) 2003-09-12 2010-01-05 Cisco Technology, Inc. Method and system for displaying network security incidents
JP3999188B2 (en) * 2003-10-28 2007-10-31 富士通株式会社 Unauthorized access detection device, unauthorized access detection method, and unauthorized access detection program
US9686293B2 (en) 2011-11-03 2017-06-20 Cyphort Inc. Systems and methods for malware detection and mitigation
US10356109B2 (en) * 2014-07-21 2019-07-16 Entit Software Llc Security indicator linkage determination
US9716721B2 (en) 2014-08-29 2017-07-25 Accenture Global Services Limited Unstructured security threat information analysis
US9882929B1 (en) * 2014-09-30 2018-01-30 Palo Alto Networks, Inc. Dynamic selection and generation of a virtual clone for detonation of suspicious content within a honey network
US20160219066A1 (en) 2015-01-26 2016-07-28 Cisco Technology, Inc. Event correlation in a network merging local graph models from distributed nodes
US10298607B2 (en) 2015-04-16 2019-05-21 Nec Corporation Constructing graph models of event correlation in enterprise security systems
US10192051B2 (en) * 2015-06-17 2019-01-29 Accenture Global Services Limited Data acceleration
US9516052B1 (en) 2015-08-01 2016-12-06 Splunk Inc. Timeline displays of network security investigation events
US9699205B2 (en) 2015-08-31 2017-07-04 Splunk Inc. Network security system
US10641585B2 (en) 2016-03-08 2020-05-05 Raytheon Company System and method for integrated and synchronized planning and response to defeat disparate threats over the threat kill chain with combined cyber, electronic warfare and kinetic effects
US20170289191A1 (en) * 2016-03-31 2017-10-05 Acalvio Technologies, Inc. Infiltration Detection and Network Rerouting
US20180004958A1 (en) * 2016-07-01 2018-01-04 Hewlett Packard Enterprise Development Lp Computer attack model management
JP6786960B2 (en) * 2016-08-26 2020-11-18 富士通株式会社 Cyber attack analysis support program, cyber attack analysis support method and cyber attack analysis support device
WO2018071356A1 (en) 2016-10-13 2018-04-19 Nec Laboratories America, Inc. Graph-based attack chain discovery in enterprise security systems
US20180115569A1 (en) 2016-10-21 2018-04-26 Emet Rodney Anders, JR. Cyber security
US11146578B2 (en) * 2016-12-16 2021-10-12 Patternex, Inc. Method and system for employing graph analysis for detecting malicious activity in time evolving networks
US10404751B2 (en) 2017-02-15 2019-09-03 Intuit, Inc. Method for automated SIEM custom correlation rule generation through interactive network visualization
US10728264B2 (en) 2017-02-15 2020-07-28 Micro Focus Llc Characterizing behavior anomaly analysis performance based on threat intelligence
US10474966B2 (en) * 2017-02-27 2019-11-12 Microsoft Technology Licensing, Llc Detecting cyber attacks by correlating alerts sequences in a cluster environment
CN108259449B (en) 2017-03-27 2020-03-06 新华三技术有限公司 Method and system for defending against APT (android packet) attack
JP2018185712A (en) * 2017-04-27 2018-11-22 株式会社日立製作所 Security monitoring system and security monitoring method
US10855700B1 (en) * 2017-06-29 2020-12-01 Fireeye, Inc. Post-intrusion detection of cyber-attacks during lateral movement within networks
CN107888607B (en) * 2017-11-28 2020-11-06 新华三技术有限公司 Network threat detection method and device and network management equipment
US11258818B2 (en) * 2018-01-31 2022-02-22 Ironsdn Corp. Method and system for generating stateful attacks
US11700269B2 (en) * 2018-12-18 2023-07-11 Fortinet, Inc. Analyzing user behavior patterns to detect compromised nodes in an enterprise network
US11431734B2 (en) 2019-04-18 2022-08-30 Kyndryl, Inc. Adaptive rule generation for security event correlation

Also Published As

Publication number Publication date
AU2020257925B2 (en) 2022-08-11
IL286611A (en) 2021-10-31
JP2022529220A (en) 2022-06-20
US11431734B2 (en) 2022-08-30
EP3957042A1 (en) 2022-02-23
BR112021020850A2 (en) 2021-12-14
CA3137249A1 (en) 2020-10-22
KR102612500B1 (en) 2023-12-08
CN113661693B (en) 2023-11-17
KR20210141575A (en) 2021-11-23
CN113661693A (en) 2021-11-16
MX2021012614A (en) 2021-11-12
WO2020212093A1 (en) 2020-10-22
US20200336497A1 (en) 2020-10-22
AU2020257925A1 (en) 2021-09-30

Similar Documents

Publication Publication Date Title
IL286611A (en) Detecting sensitive data exposure via logging
GB201517267D0 (en) Sensing apparatus having a light sensitive detector
GB201819342D0 (en) Means for determining toll data
GB2578060B (en) Fault detection based on seismic data interpretation
GB202117271D0 (en) Sensitive data management
GB2582673B (en) Security data processing device
EP3871125A4 (en) Sensitive data detection and replacement
SG11202002288QA (en) Processing sensitive information over voip
GB201714501D0 (en) System for detecting data relationships based on sample data
GB202020414D0 (en) Blocking sensitive data
GB2570957B (en) Downhole detection apparatus
NO20200898A1 (en) Geological Data Assessment System
ZA202000038B (en) Proportional copying device
GB2587105B (en) Position sensing for downhole electronics
DK3568489T3 (en) SCREENING TEST FOR GAMMA SECRETATION STABILIZING COMPOUNDS
GB2581527B (en) Security data processing device
GB201908938D0 (en) Security data processing device
SG11202101145WA (en) Techniques for securely communicating sensitive data
GB201801299D0 (en) Context sensitive braking distance reduction
GB202316699D0 (en) Sensitive data detection
GB201901508D0 (en) Highly sensitive magnetic detector
GB201802637D0 (en) Sensitive information processing
GB2581014B (en) Sensor data management
DK3767259T3 (en) SENSOR OR DETECTOR DEVICE
GB2588580B (en) Measuring environmental exposure