会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
下载
著录项
PDF全文
热词
    • 1. 发明申请
      US20080263197A1 Passively attributing anonymous network events to their associated users 有权
    • Passively attributing anonymous network events to their associated users
    • 将匿名网络事件自动归因于其关联用户
    • US20080263197A1
    • 2008-10-23
    • US11790037
    • 2007-04-23
    • Gregory D. Stephens
    • Gregory D. Stephens
    • G06F15/173
    • H04L63/126H04L41/0622H04L63/1416
    • Systems, methods, and computer program products for passively attributing anonymous network events to their associated users are provided herein. Embodiments include filtering network events over a pre-determined time interval to generate a filtered event list. In an embodiment, event attribution includes attributing an anonymous network event to a user associated with a nearest-neighbor event relative to the anonymous network event. In another embodiment, event attribution includes attributing an anonymous network event to a user associated with an event in the filtered event list, wherein that user maximizes an event attribution function. In a further embodiment, event attribution includes determining a first potential attribution user for an anonymous network event based on a nearest-neighbor attribution approach; determining a second potential attribution user for the anonymous network event based on an event attribution function approach; and comparing the first and second potential attribution users to determine the attribution of the anonymous event.
    • 本文提供了将匿名网络事件归因于其关联用户的系统,方法和计算机程序产品。 实施例包括通过预定时间间隔过滤网络事件以生成经过滤的事件列表。 在一个实施例中,事件属性包括将匿名网络事件归因于与相对于匿名网络事件的最近邻居事件相关联的用户。 在另一个实施例中,事件属性包括将匿名网络事件归因于与过滤的事件列表中的事件相关联的用户,其中该用户使事件归属功能最大化。 在另一实施例中,事件属性包括基于最近邻归属方法来确定匿名网络事件的第一潜在归属用户; 基于事件归属函数方法确定所述匿名网络事件的第二潜在归属用户; 以及比较第一和第二潜在归属用户以确定匿名事件的属性。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Global Dossier Espacenet 法律信息 同族专利 专利引用
    • 2. 发明授权
      US08996681B2 Passively attributing anonymous network events to their associated users 有权
    • Passively attributing anonymous network events to their associated users
    • 将匿名网络事件自动归因于其关联用户
    • US08996681B2
    • 2015-03-31
    • US11790037
    • 2007-04-23
    • Gregory D. Stephens
    • Gregory D. Stephens
    • G06F15/173G06F15/16H04L29/06H04L12/24
    • H04L63/126H04L41/0622H04L63/1416
    • Systems, methods, and computer program products for passively attributing anonymous network events to their associated users are provided herein. Embodiments include filtering network events over a pre-determined time interval to generate a filtered event list. In an embodiment, event attribution includes attributing an anonymous network event to a user associated with a nearest-neighbor event relative to the anonymous network event. In another embodiment, event attribution includes attributing an anonymous network event to a user associated with an event in the filtered event list, wherein that user maximizes an event attribution function. In a further embodiment, event attribution includes determining a first potential attribution user for an anonymous network event based on a nearest-neighbor attribution approach; determining a second potential attribution user for the anonymous network event based on an event attribution function approach; and comparing the first and second potential attribution users to determine the attribution of the anonymous event.
    • 本文提供了将匿名网络事件归因于其关联用户的系统,方法和计算机程序产品。 实施例包括通过预定时间间隔过滤网络事件以生成经过滤的事件列表。 在一个实施例中,事件属性包括将匿名网络事件归因于与相对于匿名网络事件的最近邻居事件相关联的用户。 在另一个实施例中,事件属性包括将匿名网络事件归因于与过滤的事件列表中的事件相关联的用户,其中该用户使事件归属功能最大化。 在另一实施例中,事件属性包括基于最近邻归属方法来确定匿名网络事件的第一潜在归属用户; 基于事件归属函数方法确定所述匿名网络事件的第二潜在归属用户; 以及比较第一和第二潜在归属用户以确定匿名事件的属性。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Espacenet 法律信息 同族专利 专利引用
    • 3. 发明授权
      US08707431B2 Insider threat detection 有权
    • Insider threat detection
    • 内部威胁检测
    • US08707431B2
    • 2014-04-22
    • US11790225
    • 2007-04-24
    • Gregory D. StephensMarcus A. Maloof
    • Gregory D. StephensMarcus A. Maloof
    • G06F12/14G08B21/00H04L29/06
    • H04L63/1425H04L41/5061H04L63/1408H04L63/1416
    • Methods, systems, and computer program products for insider threat detection are provided. Embodiments detect insiders who act on documents and/or files to which they have access but whose activity is inappropriate or uncharacteristic of them based on their identity, past activity, and/or organizational context. Embodiments work by monitoring the network to detect network activity associated with a set of network protocols; processing the detected activity to generate information-use events; generating contextual information associated with users of the network; and processing the information-use events based on the generated contextual information to generate alerts and threat scores for users of the network. Embodiments provide several information-misuse detectors that are used to examine generated information-use events in view of collected contextual information to detect volumetric anomalies, suspicious and/or evasive behavior. Embodiments provide a user threat ranking system and a user interface to examine user threat scores and analyze user activity.
    • 提供了内部威胁检测的方法,系统和计算机程序产品。 根据身份,过去活动和/或组织环境,实施者会检测对他们有权访问的文档和/或文件采取行动的内部人员,但他们的行为是不适当的或不具体的。 实施例通过监视网络来检测与一组网络协议相关联的网络活动; 处理检测到的活动以产生信息使用事件; 生成与网络的用户相关联的上下文信息; 以及基于所生成的上下文信息来处理所述信息使用事件以生成所述网络用户的警报和威胁分数。 实施例提供了几种信息滥用检测器,用于根据收集的上下文信息来检查产生的信息使用事件以检测体积异常,可疑和/或回避行为。 实施例提供用户威胁评估系统和用户界面来检查用户威胁分数并分析用户活动。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Espacenet 法律信息 同族专利 专利引用
    • 4. 发明申请
      US20080271143A1 Insider threat detection 有权
    • Insider threat detection
    • 内部威胁检测
    • US20080271143A1
    • 2008-10-30
    • US11790225
    • 2007-04-24
    • Gregory D. StephensMarcus A. Maloof
    • Gregory D. StephensMarcus A. Maloof
    • G08B23/00
    • H04L63/1425H04L41/5061H04L63/1408H04L63/1416
    • Methods, systems, and computer program products for insider threat detection are provided. Embodiments detect insiders who act on documents and/or files to which they have access but whose activity is inappropriate or uncharacteristic of them based on their identity, past activity, and/or organizational context. Embodiments work by monitoring the network to detect network activity associated with a set of network protocols; processing the detected activity to generate information-use events; generating contextual information associated with users of the network; and processing the information-use events based on the generated contextual information to generate alerts and threat scores for users of the network. Embodiments provide several information-misuse detectors that are used to examine generated information-use events in view of collected contextual information to detect volumetric anomalies, suspicious and/or evasive behavior. Embodiments provide a user threat ranking system and a user interface to examine user threat scores and analyze user activity.
    • 提供了内部威胁检测的方法,系统和计算机程序产品。 根据身份,过去活动和/或组织环境,实施者会检测对他们有权访问的文档和/或文件采取行动的内部人员,但他们的行为是不适当的或不具体的。 实施例通过监视网络来检测与一组网络协议相关联的网络活动; 处理检测到的活动以产生信息使用事件; 生成与网络的用户相关联的上下文信息; 以及基于所生成的上下文信息来处理所述信息使用事件以生成所述网络用户的警报和威胁分数。 实施例提供了几种信息滥用检测器,用于根据收集的上下文信息来检查产生的信息使用事件以检测体积异常,可疑和/或回避行为。 实施例提供用户威胁评估系统和用户界面来检查用户威胁分数并分析用户活动。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Global Dossier Espacenet 法律信息 同族专利 专利引用
每页展示10个专利
每页展示10个专利
每页展示20个专利
每页展示50个专利
每页展示100个专利

IPRDB

最新中国发明专利 最新美国发明专利 技术领域 专利库 专利分类库 国际专利分类库

热门服务

会员版试用 API 数据接口 找代理 知嘟嘟专利交易 排行榜 大学排行榜 专利百科

关于我们

平台介绍 战略合作 网站地图

友情链接

知嘟嘟专利交易 国家知识产权局 中国商标网

联系方式


©2019-2023 上海吉码数字技术有限公司 版权所有,并保留所有权利 沪ICP备20016256号-6 沪公网安备31011702005475号