专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20090245109A1 METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR DETECTING FLOW-LEVEL NETWORK TRAFFIC ANOMALIES VIA ABSTRACTION LEVELS 失效
标题翻译：用于检测流量网络交通异常的方法，系统和计算机程序产品通过抽取级别
公开(公告)号：US20090245109A1
公开(公告)日：2009-10-01
申请号：US12056583
申请日：2008-03-27
申请人： Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
发明人： Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
IPC分类号： H04L12/26
CPC分类号： H04L43/026 , H04L41/142
摘要： Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels. An exemplary embodiment includes a method for detecting flow-level network traffic anomalies in a computer network, the method including obtaining current distributions of flow level traffic features within the computer network, computing distances of the current distributions' components from a distributions model, comparing the distances of the current distributions to distance baselines from the distributions model, determining if the distances are above a pre-determined thresholds and in response to one or more of the distances being above the pre-determined thresholds in one or more distributions, identifying the current condition to be abnormal and providing indications to its nature.
摘要翻译：用于通过抽象级别检测流量级网络流量异常的方法，系统和计算机程序产品。示例性实施例包括一种用于检测计算机网络中的流量级网络流量异常的方法，所述方法包括获得计算机网络内的流量级别业务特征的当前分布，从分布模型计算当前分布组件的距离，当前分布与分布模型的距离基线的距离，确定距离是否高于预定阈值，并且响应于一个或多个距离在一个或多个分布中高于预定阈值，识别当前情况异常，并提供适应症。

2. 发明申请

US20130318616A1 PREDICTING ATTACKS BASED ON PROBABILISTIC GAME-THEORY 审中-公开
标题翻译：基于概率游戏理论预测攻击
公开(公告)号：US20130318616A1
公开(公告)日：2013-11-28
申请号：US13487774
申请日：2012-06-04
申请人： Mihai Christodorescu , Dmytro Korzhyk , Reiner Sailer , Douglas L Schales , Marc Ph Stoecklin , Ting Wang
发明人： Mihai Christodorescu , Dmytro Korzhyk , Reiner Sailer , Douglas L Schales , Marc Ph Stoecklin , Ting Wang
IPC分类号： G06F21/00
CPC分类号： G06F21/00 , G06F21/552 , G06Q10/06375 , H04L63/1408 , H04L63/20
摘要： Systems for determining cyber-attack target include a network monitor module configured to collect network event information from sensors in one or more network nodes; a processor configured to extract information regarding an attacker from the network event information, to form an attack scenario tree that encodes network topology and vulnerability information including a plurality of paths from known compromised nodes to a set of potential targets, to calculate a likelihood for each of the paths, to calculate a probability distribution for the set of potential targets to determine which potential targets are most likely pursued by the attacker, to calculate a probability distribution over a set of nodes and node vulnerability types already accessed by the attacker, and to determine a network graph edge to remove that minimizes a defender's expected uncertainty over the potential targets; and a network management module configured to remove the determined network graph edge.
摘要翻译：用于确定网络攻击目标的系统包括被配置为从一个或多个网络节点中的传感器收集网络事件信息的网络监视器模块; 处理器，其被配置为从网络事件信息中提取关于攻击者的信息，以形成将网络拓扑和脆弱性信息编码的攻击场景树，所述攻击场景树包括从已知的受损节点到一组潜在目标的多个路径，以计算每个的路径，以计算潜在目标集合的概率分布，以确定攻击者最有可能追查哪些潜在目标，以计算攻击者已经访问的一组节点和节点漏洞类型的概率分布，以及确定一个网络图边缘去除，使防守者对潜在目标的预期不确定性最小化; 以及被配置为去除所确定的网络图边缘的网络管理模块。

3. 发明授权

US08863293B2 Predicting attacks based on probabilistic game-theory 有权
标题翻译：基于概率博弈理论预测攻击
公开(公告)号：US08863293B2
公开(公告)日：2014-10-14
申请号：US13478290
申请日：2012-05-23
申请人： Mihai Christodorescu , Dmytro Korzhyk , Reiner Sailer , Douglas L. Schales , Marc Ph Stoecklin , Ting Wang
发明人： Mihai Christodorescu , Dmytro Korzhyk , Reiner Sailer , Douglas L. Schales , Marc Ph Stoecklin , Ting Wang
IPC分类号： G06F21/00 , G06F21/55 , H04L29/06 , G06Q10/06
CPC分类号： G06F21/00 , G06F21/552 , G06Q10/06375 , H04L63/1408 , H04L63/20
摘要： Methods for determining cyber-attack targets include collecting and storing network event information from sensors to extract information regarding an attacker; forming an attack scenario tree that encodes network topology and vulnerability information including paths from known compromised nodes to a set of potential targets; calculating a likelihood for each of the paths using a processor; calculating a probability distribution for the set of potential targets to determine which potential targets are most likely pursued by the attacker; calculating a probability distribution over a set of nodes and node vulnerability types already accessed by the attacker; determining a network graph edge to remove which minimizes a defender's expected uncertainty over the potential targets; and removing the determined network graph edge.
摘要翻译：用于确定网络攻击目标的方法包括从传感器收集和存储网络事件信息以提取关于攻击者的信息; 形成攻击场景树，其编码网络拓扑和脆弱性信息，包括从已知的受感染节点到一组潜在目标的路径; 使用处理器计算每个路径的可能性; 计算一组潜在目标的概率分布，以确定攻击者最有可能追查哪些潜在目标; 计算攻击者已经访问的一组节点和节点漏洞类型的概率分布; 确定要除去的网络图边缘，使防守者对潜在目标的预期不确定性最小化; 并删除确定的网络图边缘。

4. 发明申请

US20130318615A1 PREDICTING ATTACKS BASED ON PROBABILISTIC GAME-THEORY 有权
标题翻译：基于概率游戏理论预测攻击
公开(公告)号：US20130318615A1
公开(公告)日：2013-11-28
申请号：US13478290
申请日：2012-05-23
申请人： Mihai Christodorescu , Dmytro Korzhyk , Reiner Sailer , Douglas L. Schales , Marc Ph. Stoecklin , Ting Wang
发明人： Mihai Christodorescu , Dmytro Korzhyk , Reiner Sailer , Douglas L. Schales , Marc Ph. Stoecklin , Ting Wang
IPC分类号： G06F21/00 , G06F17/10
CPC分类号： G06F21/00 , G06F21/552 , G06Q10/06375 , H04L63/1408 , H04L63/20
摘要： Methods for determining cyber-attack targets include collecting and storing network event information from sensors to extract information regarding an attacker; forming an attack scenario tree that encodes network topology and vulnerability information including paths from known compromised nodes to a set of potential targets; calculating a likelihood for each of the paths using a processor; calculating a probability distribution for the set of potential targets to determine which potential targets are most likely pursued by the attacker; calculating a probability distribution over a set of nodes and node vulnerability types already accessed by the attacker; determining a network graph edge to remove which minimizes a defender's expected uncertainty over the potential targets; and removing the determined network graph edge.
摘要翻译：用于确定网络攻击目标的方法包括从传感器收集和存储网络事件信息以提取关于攻击者的信息; 形成攻击场景树，其编码网络拓扑和脆弱性信息，包括从已知的受感染节点到一组潜在目标的路径; 使用处理器计算每个路径的可能性; 计算一组潜在目标的概率分布，以确定攻击者最有可能追查哪些潜在目标; 计算攻击者已经访问的一组节点和节点漏洞类型的概率分布; 确定要除去的网络图边缘，使防守者对潜在目标的预期不确定性最小化; 并删除确定的网络图边缘。

5. 发明授权

US07962611B2 Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels 失效
标题翻译：用于通过抽象级别检测流量级网络流量异常的方法，系统和计算机程序产品
公开(公告)号：US07962611B2
公开(公告)日：2011-06-14
申请号：US12056583
申请日：2008-03-27
申请人： Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
发明人： Paul T. Hurley , Andreas Kind , Marc Ph. Stoecklin
IPC分类号： G06F15/173
CPC分类号： H04L43/026 , H04L41/142
摘要： Methods, systems and computer program products for detecting flow-level network traffic anomalies via abstraction levels. An exemplary embodiment includes a method for detecting flow-level network traffic anomalies in a computer network, the method including obtaining current distributions of flow level traffic features within the computer network, computing distances of the current distributions' components from a distributions model, comparing the distances of the current distributions to distance baselines from the distributions model, determining if the distances are above a pre-determined thresholds and in response to one or more of the distances being above the pre-determined thresholds in one or more distributions, identifying the current condition to be abnormal and providing indications to its nature.
摘要翻译：用于通过抽象级别检测流量级网络流量异常的方法，系统和计算机程序产品。示例性实施例包括一种用于检测计算机网络中的流量级网络流量异常的方法，所述方法包括获得计算机网络内的流量级别业务特征的当前分布，从分布模型计算当前分布组件的距离，当前分布与分布模型的距离基线的距离，确定距离是否高于预定阈值，并且响应于一个或多个距离在一个或多个分布中高于预定阈值，识别当前情况异常，并提供适应症。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式