专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100235879A1 SYSTEMS, METHODS, AND MEDIA FOR ENFORCING A SECURITY POLICY IN A NETWORK INCLUDING A PLURALITY OF COMPONENTS 有权
标题翻译：用于执行网络中的安全策略的系统，方法和媒体，包括大量组件
公开(公告)号：US20100235879A1
公开(公告)日：2010-09-16
申请号：US12632934
申请日：2009-12-08
申请人： Matthew Burnside , Angelos D. Keromytis
发明人： Matthew Burnside , Angelos D. Keromytis
IPC分类号： G06F11/00 , G06F17/00 , H04L29/06 , G06F15/16 , G06F17/30
CPC分类号： H04L63/0263 , G06F2221/2101 , H04L63/1416 , H04L63/1425
摘要： Systems, methods, and media for enforcing a security policy in a network are provided, including, for example, receiving a plurality of events describing component behavior detected by a plurality of sensors, each sensor monitoring a different component of a plurality of components; attributing a first event of the plurality of events to a first principal; attributing a second event of the plurality of events to a second principal; determining whether the first and second events are correlated; storing a data structure that attributes each of the first and second events to the first principal, if it is determined that the first and second events are correlated; comparing the second event to the security policy; and modifying network behavior to enforce the security policy against the first principal based on the comparison of the second event to the security policy and the attribution of the second event to the first principal.
摘要翻译：提供了用于在网络中实施安全策略的系统，方法和媒体，包括例如接收描述由多个传感器检测到的组件行为的多个事件，每个传感器监视多个组件的不同组件; 将所述多个事件的第一事件归因于第一主体; 将所述多个事件的第二事件归因于第二主体; 确定所述第一和第二事件是否相关; 如果确定所述第一和第二事件相关，则存储将所述第一和第二事件中的每一个归属于所述第一主体的数据结构; 将第二个事件与安全策略进行比较; 以及基于所述第二事件与所述安全策略的比较以及所述第二事件对所述第一主体的归属，修改网络行为以对所述第一主体执行所述安全策略。

2. 发明授权

US08516575B2 Systems, methods, and media for enforcing a security policy in a network including a plurality of components 有权
标题翻译：用于在包括多个组件的网络中执行安全策略的系统，方法和媒体
公开(公告)号：US08516575B2
公开(公告)日：2013-08-20
申请号：US12632934
申请日：2009-12-08
申请人： Matthew Burnside , Angelos D. Keromytis
发明人： Matthew Burnside , Angelos D. Keromytis
IPC分类号： H04L29/06 , G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/0263 , G06F2221/2101 , H04L63/1416 , H04L63/1425
摘要： Systems, methods, and media for enforcing a security policy in a network are provided, including, for example, receiving a plurality of events describing component behavior detected by a plurality of sensors, each sensor monitoring a different component of a plurality of components; attributing a first event of the plurality of events to a first principal; attributing a second event of the plurality of events to a second principal; determining whether the first and second events are correlated; storing a data structure that attributes each of the first and second events to the first principal, if it is determined that the first and second events are correlated; comparing the second event to the security policy; and modifying network behavior to enforce the security policy against the first principal based on the comparison of the second event to the security policy and the attribution of the second event to the first principal.
摘要翻译：提供了用于在网络中实施安全策略的系统，方法和媒体，包括例如接收描述由多个传感器检测到的组件行为的多个事件，每个传感器监视多个组件的不同组件; 将所述多个事件的第一事件归因于第一主体; 将所述多个事件的第二事件归因于第二主体; 确定所述第一和第二事件是否相关; 如果确定所述第一和第二事件相关，则存储将所述第一和第二事件中的每一个归属于所述第一主体的数据结构; 将第二个事件与安全策略进行比较; 以及基于所述第二事件与所述安全策略的比较以及所述第二事件对所述第一主体的归属，修改网络行为以对所述第一主体执行所述安全策略。

3. 发明申请

US20160248808A1 SYSTEMS AND METHODS FOR INHIBITING ATTACKS WITH A NETWORK 有权
公开(公告)号：US20160248808A1
公开(公告)日：2016-08-25
申请号：US15147441
申请日：2016-05-05
申请人： Angelos Stavrou , Angelos D. Keromytis
发明人： Angelos Stavrou , Angelos D. Keromytis
IPC分类号： H04L29/06
CPC分类号： H04L63/1458 , H04L63/08 , H04L63/0823 , H04L63/12 , H04L63/123 , H04L63/1416 , H04L2463/141
摘要： Systems and methods for inhibiting attacks with a network are provided. In some embodiments, methods for inhibiting attacks by forwarding packets through a plurality of intermediate nodes when being transmitted from a source node to a destination node are provided, the methods comprising: receiving a packet at one of the plurality of intermediate nodes; determining at the selected intermediate node whether the packet has been sent to the correct one of the plurality of intermediate nodes based on a pseudo random function; and forwarding the packet to the destination node, based on the determining. In some embodiments an intermediate node is selected based on a pseudo random function. In some embodiments, systems and methods for establishing access to a multi-path network are provided.

4. 发明授权

US09419981B2 Methods, media, and systems for securing communications between a first node and a second node 有权
标题翻译：用于保护第一节点和第二节点之间的通信的方法，媒体和系统
公开(公告)号：US09419981B2
公开(公告)日：2016-08-16
申请号：US12092224
申请日：2006-10-31
申请人： Salvatore J. Stolfo , Gabriela F. Ciocarlie , Vanessa Frias-Martinez , Janak Parekh , Angelos D. Keromytis , Joseph Sherrick
发明人： Salvatore J. Stolfo , Gabriela F. Ciocarlie , Vanessa Frias-Martinez , Janak Parekh , Angelos D. Keromytis , Joseph Sherrick
IPC分类号： H04L29/06
CPC分类号： H04L63/102 , H04L63/145
摘要： Methods, media, and systems for securing communications between a first node and a second node are provided. In some embodiments, methods for securing communication between a first node and a second node are provided. The methods comprising: receiving at least one model of behavior of the second node at the first node; and authorizing the first node to receive traffic from the second node based on the difference between the at least one model of behavior of the second node and at least one model of behavior of the first node.
摘要翻译：提供了用于保护第一节点和第二节点之间的通信的方法，媒体和系统。在一些实施例中，提供了用于确保第一节点和第二节点之间的通信的方法。所述方法包括：在所述第一节点处接收所述第二节点的至少一个行为模型; 并且基于所述第二节点的所述至少一个行为模型与所述第一节点的行为的至少一个模型之间的差异，授权所述第一节点从所述第二节点接收流量。

5. 发明授权

US09344418B2 Systems and methods for inhibiting attacks with a network 有权
标题翻译：用于抑制网络攻击的系统和方法
公开(公告)号：US09344418B2
公开(公告)日：2016-05-17
申请号：US14103430
申请日：2013-12-11
申请人： Angelos Stavrou , Angelos D. Keromytis
发明人： Angelos Stavrou , Angelos D. Keromytis
IPC分类号： H04L29/06
CPC分类号： H04L63/1458 , H04L63/08 , H04L63/0823 , H04L63/12 , H04L63/123 , H04L63/1416 , H04L2463/141
摘要： Systems and methods for inhibiting attacks with a network are provided. In some embodiments, methods for inhibiting attacks by forwarding packets through a plurality of intermediate nodes when being transmitted from a source node to a destination node are provided, the methods comprising: receiving a packet at one of the plurality of intermediate nodes; determining at the selected intermediate node whether the packet has been sent to the correct one of the plurality of intermediate nodes based on a pseudo random function; and forwarding the packet to the destination node, based on the determining. In some embodiments an intermediate node is selected based on a pseudo random function. In some embodiments, systems and methods for establishing access to a multi-path network are provided.
摘要翻译：提供了用于抑制网络攻击的系统和方法。在一些实施例中，提供了当从源节点发送到目的地节点时通过将多个中间节点转发分组来抑制攻击的方法，所述方法包括：在所述多个中间节点之一处接收分组; 在所选择的中间节点处，确定所述分组是否已经基于伪随机函数发送到所述多个中间节点中的正确的一个; 以及基于所述确定将所述分组转发到所述目的地节点。在一些实施例中，基于伪随机函数来选择中间节点。在一些实施例中，提供了用于建立对多路径网络的访问的系统和方法。

6. 发明申请

US20160087951A9 SYSTEMS AND METHODS FOR INHIBITING ATTACKS WITH A NETWORK 有权
公开(公告)号：US20160087951A9
公开(公告)日：2016-03-24
申请号：US14103430
申请日：2013-12-11
申请人： Angelos Stavrou , Angelos D. Keromytis
发明人： Angelos Stavrou , Angelos D. Keromytis
IPC分类号： H04L29/06
CPC分类号： H04L63/1458 , H04L63/08 , H04L63/0823 , H04L63/12 , H04L63/123 , H04L63/1416 , H04L2463/141
摘要： Systems and methods for inhibiting attacks with a network are provided. In some embodiments, methods for inhibiting attacks by forwarding packets through a plurality of intermediate nodes when being transmitted from a source node to a destination node are provided, the methods comprising: receiving a packet at one of the plurality of intermediate nodes; determining at the selected intermediate node whether the packet has been sent to the correct one of the plurality of intermediate nodes based on a pseudo random function; and forwarding the packet to the destination node, based on the determining. In some embodiments an intermediate node is selected based on a pseudo random function. In some embodiments, systems and methods for establishing access to a multi-path network are provided.

7. 发明授权

US09253201B2 Detecting network anomalies by probabilistic modeling of argument strings with markov chains 有权
标题翻译：通过使用马尔可夫链的参数串的概率建模来检测网络异常
公开(公告)号：US09253201B2
公开(公告)日：2016-02-02
申请号：US14476142
申请日：2014-09-03
申请人： Yingbo Song , Angelos D. Keromytis , Salvatore J. Stolfo
发明人： Yingbo Song , Angelos D. Keromytis , Salvatore J. Stolfo
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/1425 , H04L63/1416 , H04L63/1466 , H04L67/02 , H04L69/16
摘要： Systems, methods, and media for detecting network anomalies are provided. In some embodiments, a training dataset of communication protocol messages having argument strings is received. The content and structure associated with each of the argument strings is determined and a probabilistic model is trained using the determined content and structure of each of the argument strings. A communication protocol message having an argument string that is transmitted from a first processor to a second processor across a computer network is received. The received communication protocol message is compared to the probabilistic model and then it is determined whether the communication protocol message is anomalous.
摘要翻译：提供了检测网络异常的系统，方法和介质。在一些实施例中，接收具有参数串的通信协议消息的训练数据集。确定与每个参数串相关联的内容和结构，并且使用确定的每个参数串的内容和结构来训练概率模型。接收具有通过计算机网络从第一处理器发送到第二处理器的参数串的通信协议消息。将接收到的通信协议消息与概率模型进行比较，然后确定通信协议消息是否是异常的。

8. 发明授权

US08763103B2 Systems and methods for inhibiting attacks on applications 有权
标题翻译：抑制应用攻击的系统和方法
公开(公告)号：US08763103B2
公开(公告)日：2014-06-24
申请号：US12297730
申请日：2006-04-21
申请人： Michael E. Locasto , Salvatore J. Stolfo , Angelos D. Keromytis , Ke Wang
发明人： Michael E. Locasto , Salvatore J. Stolfo , Angelos D. Keromytis , Ke Wang
IPC分类号： H04L29/06 , G06F21/41
CPC分类号： H04L63/1416 , G06F21/41 , H04L63/0815 , H04L63/1408 , H04L63/1441
摘要： In accordance with some embodiments of the present invention, systems and methods that protect an application from attacks are provided. In some embodiments of the present invention, input from an input source, such as traffic from a communication network, can be routed through a filtering proxy that includes one or more filters, classifiers, and/or detectors. In response to the input passing through the filtering proxy to the application, a supervision framework monitors the input for attacks (e.g., code injection attacks). The supervision framework can provide feedback to tune the components of the filtering proxy.
摘要翻译：根据本发明的一些实施例，提供了保护应用免受攻击的系统和方法。在本发明的一些实施例中，可以通过包括一个或多个过滤器，分类器和/或检测器的过滤代理来路由来自诸如来自通信网络的业务的输入源的输入。响应于通过过滤代理的输入到应用程序，监督框架监视输入的攻击（例如代码注入攻击）。监督框架可以提供反馈来调整过滤代理的组件。

9. 发明授权

US08407785B2 Systems, methods, and media protecting a digital data processing device from attack 有权
标题翻译：保护数字数据处理设备免受攻击的系统，方法和媒体
公开(公告)号：US08407785B2
公开(公告)日：2013-03-26
申请号：US12063733
申请日：2006-08-18
申请人： Stylianos Sidiroglou , Angelos D. Keromytis , Salvatore J. Stolfo
发明人： Stylianos Sidiroglou , Angelos D. Keromytis , Salvatore J. Stolfo
IPC分类号： G06F11/00
CPC分类号： H04L63/1425 , H04L51/08 , H04L51/12 , H04L63/1416 , H04L63/1466
摘要： In accordance with some embodiments of the disclosed subject matter, systems, methods, and media for protecting a digital data processing device from attack are provided. For example, in some embodiments, a method for protecting a digital data processing device from attack is provided, that includes, within a virtual environment: receiving at least one attachment to an electronic mail; and executing the at least one attachment; and based on the execution of the at least one attachment, determining whether anomalous behavior occurs.
摘要翻译：根据所公开的主题的一些实施例，提供了用于保护数字数据处理装置免受攻击的系统，方法和媒体。例如，在一些实施例中，提供了一种用于保护数字数据处理设备免受攻击的方法，其包括在虚拟环境内：接收至少一个附件到电子邮件; 以及执行所述至少一个附件; 并且基于所述至少一个附件的执行，确定是否发生异常行为。

10. 发明授权

US08407160B2 Systems, methods, and media for generating sanitized data, sanitizing anomaly detection models, and/or generating sanitized anomaly detection models 有权
标题翻译：用于生成消毒数据，消毒异常检测模型和/或生成消毒异常检测模型的系统，方法和介质
公开(公告)号：US08407160B2
公开(公告)日：2013-03-26
申请号：US11940790
申请日：2007-11-15
申请人： Gabriela Cretu , Angelos Stavrou , Salvatore J. Stolfo , Angelos D. Keromytis , Michael E. Locasto
发明人： Gabriela Cretu , Angelos Stavrou , Salvatore J. Stolfo , Angelos D. Keromytis , Michael E. Locasto
IPC分类号： G06F15/18
CPC分类号： H04L63/1425 , G06N99/005 , H04L63/14
摘要： Systems, methods, and media for generating sanitized data, sanitizing anomaly detection models, and generating anomaly detection models are provided. In some embodiments, methods for generating sanitized data are provided. The methods including: dividing a first training dataset comprised of a plurality of training data items into a plurality of data subsets each including at least one training data item of the plurality of training data items of the first training dataset; based on the plurality of data subsets, generating a plurality of distinct anomaly detection micro-models; testing at least one data item of the plurality of data items of a second training dataset of training data items against each of the plurality of micro-models to produce a score for the at least one tested data item; and generating at least one output dataset based on the score for the at least one tested data item.
摘要翻译：提供了生成消毒数据，消毒异常检测模型和生成异常检测模型的系统，方法和介质。在一些实施例中，提供了生成消毒数据的方法。所述方法包括：将由多个训练数据项组成的第一训练数据集划分成多个数据子集，每个数据子集包括第一训练数据集的多个训练数据项中的至少一个训练数据项; 基于所述多个数据子集，生成多个不同的异常检测微模型; 针对所述多个微模型中的每一个测试训练数据项的第二训练数据集的所述多个数据项中的至少一个数据项，以产生所述至少一个测试数据项的分数; 以及基于所述至少一个测试数据项的得分来生成至少一个输出数据集。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式