WO2014060964A3 - Método e sistema de deteção de intrusões em redes e sistemas com base na especificação de processos de negócio - Google Patents
Método e sistema de deteção de intrusões em redes e sistemas com base na especificação de processos de negócio Download PDFInfo
- Publication number
- WO2014060964A3 WO2014060964A3 PCT/IB2013/059391 IB2013059391W WO2014060964A3 WO 2014060964 A3 WO2014060964 A3 WO 2014060964A3 IB 2013059391 W IB2013059391 W IB 2013059391W WO 2014060964 A3 WO2014060964 A3 WO 2014060964A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- systems
- business
- networks
- intrusion detection
- systems based
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Alarm Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
A deteção de intrusões ou incidentes em redes e sistemas é realizada com o apoio de Sistemas de Deteção de Intrusão. O presente invento enquadra-se no campo da segurança em redes de comunicação, sistemas de controlo e sistemas de informação e refere-se a um método e a um sistema de IDS com base na especificação dos processos de negócio e regras de negócio. Através de diversos métodos, os eventos em cada sistema ou rede são utilizados como indícios de ações sobre os sistemas envolvidos, e analisados para determinar se correspondem à execução do processo de negócio previamente especificado, não correspondendo é produzido um alarme. O presente invento diminui consideravelmente o número de falsos positivos típicos dos IDS e tem particular aplicação na proteção de sistemas que participem em processos de negócio que sejam completamente especificáveis. Destacam-se os sistemas de natureza industrial e os utilizados em infraestruturas críticas.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PT13820889T PT2911362T (pt) | 2012-10-17 | 2013-10-16 | Método e sistema de deteção de intrusões em redes e sistemas com base na especificação de processos de negócio |
EP13820889.7A EP2911362B1 (en) | 2012-10-17 | 2013-10-16 | Method and system for detecting intrusion in networks and systems based on business-process specification |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PT106586A PT106586A (pt) | 2012-10-17 | 2012-10-17 | Método e sistema de deteção de intrusões em redes e sistemas com base na especificação de processos de negócio |
PT106586 | 2012-10-17 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2014060964A2 WO2014060964A2 (pt) | 2014-04-24 |
WO2014060964A3 true WO2014060964A3 (pt) | 2014-07-03 |
Family
ID=49955407
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2013/059391 WO2014060964A2 (pt) | 2012-10-17 | 2013-10-16 | Método e sistema de deteção de intrusões em redes e sistemas com base na especificação de processos de negócio |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2911362B1 (pt) |
PT (2) | PT106586A (pt) |
WO (1) | WO2014060964A2 (pt) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6577442B2 (ja) * | 2016-11-01 | 2019-09-18 | 日本電信電話株式会社 | 不正侵入防止装置、不正侵入防止方法および不正侵入防止プログラム |
US10783138B2 (en) * | 2017-10-23 | 2020-09-22 | Google Llc | Verifying structured data |
CN115174193B (zh) * | 2022-06-30 | 2023-08-15 | 北京炼石网络技术有限公司 | 基于ga算法的数据安全入侵检测方法、装置及设备 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2293513A1 (en) * | 2009-09-03 | 2011-03-09 | Juniper Networks, Inc. | Protecting Against Distributed Network Flood Attacks |
US20120079592A1 (en) * | 2010-09-24 | 2012-03-29 | Verisign, Inc. | Ip prioritization and scoring system for ddos detection and mitigation |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7036148B2 (en) * | 2001-05-08 | 2006-04-25 | International Business Machines Corporation | Method of operating an intrusion detection system according to a set of business rules |
US7234166B2 (en) * | 2002-11-07 | 2007-06-19 | Stonesoft Corporation | Event sequence detection |
US8712596B2 (en) | 2010-05-20 | 2014-04-29 | Accenture Global Services Limited | Malicious attack detection and analysis |
-
2012
- 2012-10-17 PT PT106586A patent/PT106586A/pt unknown
-
2013
- 2013-10-16 EP EP13820889.7A patent/EP2911362B1/en active Active
- 2013-10-16 WO PCT/IB2013/059391 patent/WO2014060964A2/pt active Application Filing
- 2013-10-16 PT PT13820889T patent/PT2911362T/pt unknown
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2293513A1 (en) * | 2009-09-03 | 2011-03-09 | Juniper Networks, Inc. | Protecting Against Distributed Network Flood Attacks |
US20120079592A1 (en) * | 2010-09-24 | 2012-03-29 | Verisign, Inc. | Ip prioritization and scoring system for ddos detection and mitigation |
Also Published As
Publication number | Publication date |
---|---|
EP2911362A2 (en) | 2015-08-26 |
EP2911362B1 (en) | 2018-11-21 |
PT106586A (pt) | 2014-04-17 |
PT2911362T (pt) | 2019-02-27 |
WO2014060964A2 (pt) | 2014-04-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017173087A3 (en) | Fingerprinting electronic control units for vehicle intrusion detection | |
IN2014CH01209A (pt) | ||
US11363557B2 (en) | Detection of mobile transmitters in an office environment | |
WO2014003929A3 (en) | M2m network intelligent pattern and anomaly detection | |
WO2014031898A3 (en) | Detecting items of interest within local shops | |
CA2899201C (en) | Method and system for intrusion and extrusion detection | |
WO2013040496A3 (en) | System and method for real-time customized threat protection | |
TW200612278A (en) | Methods, computer program products and data structures for intrusion detection, interusion response and vulnerability remediation across target computer systems | |
WO2018080124A3 (ko) | 딥 러닝 신경망 기반의 보안 시스템 및 그 제어 방법 | |
EP3720055A4 (en) | ELECTRONIC CONTROL DEVICE, SERVER FOR DETECTING AUTHORIZED USE, VEHICLE-MOUNTED NETWORK SYSTEM, VEHICLE-MOUNTED NETWORK MONITORING SYSTEM AND VEHICLE-MOUNTED NETWORK MONITORING METHOD | |
WO2013164821A3 (en) | Detection and prevention for malicious threats | |
GB2505131A (en) | Method and system for locating an acoustic source | |
WO2011146917A3 (en) | Apparatuses, systems and methods for determining installed software applications on a computing device | |
WO2013033243A3 (en) | System and method for detecting and identifying device utilization | |
WO2013172898A3 (en) | System for detecting, analyzing, and controlling infiltration of computer and network systems | |
MX354490B (es) | Método y sistema para prevenir el robo del carro de compras. | |
WO2010088550A3 (en) | A method and apparatus for excessive access rate detection | |
WO2010105184A3 (en) | A method and apparatus for phishing and leeching vulnerability detection | |
WO2013029031A3 (en) | Future messaging system | |
NZ591390A (en) | Method and system for security maintenance in a network | |
AU2010220798A8 (en) | Automatic control of a security protection mode of an electronic device | |
WO2015051990A3 (de) | Verfahren und system zur identifizierung einer gefahrensituation | |
WO2013058852A3 (en) | Distributed assured network system (dans) | |
WO2015029037A3 (en) | Method and system handling malware | |
GB201211875D0 (en) | Social network protection system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13820889 Country of ref document: EP Kind code of ref document: A2 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2013820889 Country of ref document: EP |