DE60116877D1 - System und verfahren zum detektieren von vorfällen - Google Patents
System und verfahren zum detektieren von vorfällenInfo
- Publication number
- DE60116877D1 DE60116877D1 DE60116877T DE60116877T DE60116877D1 DE 60116877 D1 DE60116877 D1 DE 60116877D1 DE 60116877 T DE60116877 T DE 60116877T DE 60116877 T DE60116877 T DE 60116877T DE 60116877 D1 DE60116877 D1 DE 60116877D1
- Authority
- DE
- Germany
- Prior art keywords
- detecting incidents
- incidents
- detecting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/02—Capturing of monitoring data
- H04L43/022—Capturing of monitoring data by sampling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/12—Network monitoring probes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/16—Threshold monitoring
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP00306876 | 2000-08-11 | ||
| EP00306876 | 2000-08-11 | ||
| PCT/GB2001/003450 WO2002015479A1 (en) | 2000-08-11 | 2001-08-02 | System and method of detecting events |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| DE60116877D1 true DE60116877D1 (de) | 2006-04-13 |
| DE60116877T2 DE60116877T2 (de) | 2006-09-14 |
Family
ID=8173182
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| DE60116877T Expired - Lifetime DE60116877T2 (de) | 2000-08-11 | 2001-08-02 | System und verfahren zum erfassen von ereignissen |
Country Status (6)
| Country | Link |
|---|---|
| US (1) | US7143442B2 (de) |
| EP (1) | EP1307999B1 (de) |
| AU (1) | AU2001275737A1 (de) |
| CA (1) | CA2417817C (de) |
| DE (1) | DE60116877T2 (de) |
| WO (1) | WO2002015479A1 (de) |
Families Citing this family (68)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6978301B2 (en) * | 2000-12-06 | 2005-12-20 | Intelliden | System and method for configuring a network device |
| US7624444B2 (en) | 2001-06-13 | 2009-11-24 | Mcafee, Inc. | Method and apparatus for detecting intrusions on a computer system |
| US7644436B2 (en) * | 2002-01-24 | 2010-01-05 | Arxceo Corporation | Intelligent firewall |
| US7424744B1 (en) * | 2002-03-05 | 2008-09-09 | Mcafee, Inc. | Signature based network intrusion detection system and method |
| AU2003223379A1 (en) * | 2002-03-29 | 2003-10-13 | Global Dataguard, Inc. | Adaptive behavioral intrusion detection systems and methods |
| US7367055B2 (en) * | 2002-06-11 | 2008-04-29 | Motorola, Inc. | Communication systems automated security detection based on protocol cause codes |
| TWI244297B (en) * | 2002-06-12 | 2005-11-21 | Thomson Licensing Sa | Apparatus and method adapted to communicate via a network |
| US7483972B2 (en) * | 2003-01-08 | 2009-01-27 | Cisco Technology, Inc. | Network security monitoring system |
| US6985920B2 (en) * | 2003-06-23 | 2006-01-10 | Protego Networks Inc. | Method and system for determining intra-session event correlation across network address translation devices |
| US7328451B2 (en) * | 2003-06-30 | 2008-02-05 | At&T Delaware Intellectual Property, Inc. | Network firewall policy configuration facilitation |
| US7353218B2 (en) * | 2003-08-14 | 2008-04-01 | International Business Machines Corporation | Methods and apparatus for clustering evolving data streams through online and offline components |
| US7644365B2 (en) * | 2003-09-12 | 2010-01-05 | Cisco Technology, Inc. | Method and system for displaying network security incidents |
| FR2864282A1 (fr) * | 2003-12-17 | 2005-06-24 | France Telecom | Procede de gestion d'un ensemble d'alertes issus de sondes de detection d'intrusions d'un systeme de securite d'informations. |
| KR100628296B1 (ko) * | 2003-12-18 | 2006-09-27 | 한국전자통신연구원 | 네트워크 공격상황 분석 방법 |
| US7895448B1 (en) * | 2004-02-18 | 2011-02-22 | Symantec Corporation | Risk profiling |
| US20060018478A1 (en) * | 2004-07-23 | 2006-01-26 | Diefenderfer Kristopher G | Secure communication protocol |
| US7774848B2 (en) * | 2004-07-23 | 2010-08-10 | Fortinet, Inc. | Mapping remediation to plurality of vulnerabilities |
| US7665119B2 (en) | 2004-09-03 | 2010-02-16 | Secure Elements, Inc. | Policy-based selection of remediation |
| US7761920B2 (en) * | 2004-09-03 | 2010-07-20 | Fortinet, Inc. | Data structure for policy-based remediation selection |
| US8171555B2 (en) | 2004-07-23 | 2012-05-01 | Fortinet, Inc. | Determining technology-appropriate remediation for vulnerability |
| US7703137B2 (en) * | 2004-09-03 | 2010-04-20 | Fortinet, Inc. | Centralized data transformation |
| US7672948B2 (en) * | 2004-09-03 | 2010-03-02 | Fortinet, Inc. | Centralized data transformation |
| US20060080738A1 (en) * | 2004-10-08 | 2006-04-13 | Bezilla Daniel B | Automatic criticality assessment |
| KR100628317B1 (ko) * | 2004-12-03 | 2006-09-27 | 한국전자통신연구원 | 네트워크 공격 상황 탐지 장치 및 그 방법 |
| US8301489B2 (en) * | 2004-12-21 | 2012-10-30 | Ctre Pty Limited | Change management |
| CN100433636C (zh) * | 2004-12-24 | 2008-11-12 | 中兴通讯股份有限公司 | 一种实时体现网管前后台数据不一致的方法 |
| US7808897B1 (en) | 2005-03-01 | 2010-10-05 | International Business Machines Corporation | Fast network security utilizing intrusion prevention systems |
| JP4329711B2 (ja) * | 2005-03-09 | 2009-09-09 | 株式会社日立製作所 | 交通情報システム |
| US9438683B2 (en) | 2005-04-04 | 2016-09-06 | Aol Inc. | Router-host logging |
| US7454790B2 (en) * | 2005-05-23 | 2008-11-18 | Ut-Battelle, Llc | Method for detecting sophisticated cyber attacks |
| US8051484B2 (en) | 2005-06-14 | 2011-11-01 | Imperva, Inc. | Method and security system for indentifying and blocking web attacks by enforcing read-only parameters |
| FR2888440A1 (fr) * | 2005-07-08 | 2007-01-12 | France Telecom | Procede et systeme de detection d'intrusions |
| US7882262B2 (en) | 2005-08-18 | 2011-02-01 | Cisco Technology, Inc. | Method and system for inline top N query computation |
| US8392963B2 (en) * | 2005-11-28 | 2013-03-05 | Imperva, Inc. | Techniques for tracking actual users in web application security systems |
| WO2007071004A1 (en) * | 2005-12-20 | 2007-06-28 | Bce Inc. | Apparatus and method for supporting multiple traffic categories at a single networked device |
| US20070195776A1 (en) * | 2006-02-23 | 2007-08-23 | Zheng Danyang R | System and method for channeling network traffic |
| US8024804B2 (en) * | 2006-03-08 | 2011-09-20 | Imperva, Inc. | Correlation engine for detecting network attacks and detection method |
| US8233388B2 (en) | 2006-05-30 | 2012-07-31 | Cisco Technology, Inc. | System and method for controlling and tracking network content flow |
| US20080134300A1 (en) | 2006-07-08 | 2008-06-05 | David Izatt | Method for Improving Security of Computer Networks |
| JP4950590B2 (ja) * | 2006-08-07 | 2012-06-13 | クラリオン株式会社 | 交通情報提供装置、交通情報提供システム、交通情報の送信方法、および交通情報の要求方法 |
| US8051474B1 (en) * | 2006-09-26 | 2011-11-01 | Avaya Inc. | Method and apparatus for identifying trusted sources based on access point |
| JP4729469B2 (ja) * | 2006-11-10 | 2011-07-20 | 日立オートモティブシステムズ株式会社 | 交通情報システム |
| US7882217B2 (en) * | 2007-05-17 | 2011-02-01 | Verint Systems Inc. | Network identity clustering |
| KR100924694B1 (ko) * | 2007-06-21 | 2009-11-03 | 삼성전자주식회사 | 계층적 클러스터링과 커브 피트를 이용한 하드디스크드라이브의 디펙트 예측 및 처리 방법 |
| JP4547408B2 (ja) * | 2007-09-11 | 2010-09-22 | 日立オートモティブシステムズ株式会社 | 交通状況予測装置,交通状況予測方法 |
| US8694622B2 (en) * | 2007-10-04 | 2014-04-08 | Microsoft Corporation | Monitoring and controlling network communications |
| US8413250B1 (en) * | 2008-06-05 | 2013-04-02 | A9.Com, Inc. | Systems and methods of classifying sessions |
| US8068431B2 (en) * | 2009-07-17 | 2011-11-29 | Satyam Computer Services Limited | System and method for deep packet inspection |
| US9705899B2 (en) * | 2010-01-26 | 2017-07-11 | Bae Systems Information And Electronic Systems Integration Inc. | Digital filter correlation engine |
| US8776226B2 (en) * | 2010-01-26 | 2014-07-08 | Bae Systems Information And Electronic Systems Integration Inc. | Method and apparatus for detecting SSH login attacks |
| US8463772B1 (en) | 2010-05-13 | 2013-06-11 | Google Inc. | Varied-importance proximity values |
| US9384112B2 (en) | 2010-07-01 | 2016-07-05 | Logrhythm, Inc. | Log collection, structuring and processing |
| US9780995B2 (en) * | 2010-11-24 | 2017-10-03 | Logrhythm, Inc. | Advanced intelligence engine |
| US8543694B2 (en) | 2010-11-24 | 2013-09-24 | Logrhythm, Inc. | Scalable analytical processing of structured data |
| US20130117272A1 (en) * | 2011-11-03 | 2013-05-09 | Microsoft Corporation | Systems and methods for handling attributes and intervals of big data |
| US20130212680A1 (en) * | 2012-01-12 | 2013-08-15 | Arxceo Corporation | Methods and systems for protecting network devices from intrusion |
| US9265458B2 (en) | 2012-12-04 | 2016-02-23 | Sync-Think, Inc. | Application of smooth pursuit cognitive testing paradigms to clinical drug development |
| CN103870751B (zh) * | 2012-12-18 | 2017-02-01 | 中国移动通信集团山东有限公司 | 入侵检测方法及系统 |
| US8966068B2 (en) | 2013-01-15 | 2015-02-24 | International Business Machines Corporation | Selective logging of network requests based on subsets of the program that were executed |
| US9380976B2 (en) | 2013-03-11 | 2016-07-05 | Sync-Think, Inc. | Optical neuroinformatics |
| JP6252254B2 (ja) * | 2014-02-28 | 2017-12-27 | 富士通株式会社 | 監視プログラム、監視方法および監視装置 |
| US9160680B1 (en) | 2014-11-18 | 2015-10-13 | Kaspersky Lab Zao | System and method for dynamic network resource categorization re-assignment |
| CN104580173B (zh) * | 2014-12-25 | 2017-10-10 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | 一种sdn异常检测与阻截方法及系统 |
| US10116536B2 (en) * | 2015-11-18 | 2018-10-30 | Adobe Systems Incorporated | Identifying multiple devices belonging to a single user |
| KR20200140560A (ko) * | 2019-06-07 | 2020-12-16 | 삼성전자주식회사 | 전자 장치 및 그 시스템 |
| CN110738856B (zh) * | 2019-11-12 | 2020-09-22 | 中南大学 | 一种基于移动聚类的城市交通拥堵精细识别方法 |
| US11411802B2 (en) * | 2019-12-09 | 2022-08-09 | Arista Networks, Inc. | Determining the impact of network events on network applications |
| US20210409376A1 (en) * | 2020-06-30 | 2021-12-30 | Vmware, Inc. | Firewall rule statistic mini-maps |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6304262B1 (en) | 1998-07-21 | 2001-10-16 | Raytheon Company | Information security analysis system |
| US6564243B1 (en) | 1998-09-14 | 2003-05-13 | Adwise Ltd. | Method and system for injecting external content into computer network interactive sessions |
-
2001
- 2001-08-02 CA CA002417817A patent/CA2417817C/en not_active Expired - Fee Related
- 2001-08-02 DE DE60116877T patent/DE60116877T2/de not_active Expired - Lifetime
- 2001-08-02 AU AU2001275737A patent/AU2001275737A1/en not_active Abandoned
- 2001-08-02 US US10/332,802 patent/US7143442B2/en not_active Expired - Lifetime
- 2001-08-02 WO PCT/GB2001/003450 patent/WO2002015479A1/en active IP Right Grant
- 2001-08-02 EP EP01953248A patent/EP1307999B1/de not_active Expired - Lifetime
Also Published As
| Publication number | Publication date |
|---|---|
| US20040103021A1 (en) | 2004-05-27 |
| CA2417817C (en) | 2007-11-06 |
| CA2417817A1 (en) | 2002-02-21 |
| EP1307999A1 (de) | 2003-05-07 |
| US7143442B2 (en) | 2006-11-28 |
| EP1307999B1 (de) | 2006-01-25 |
| AU2001275737A1 (en) | 2002-02-25 |
| DE60116877T2 (de) | 2006-09-14 |
| WO2002015479A1 (en) | 2002-02-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| DE60116877D1 (de) | System und verfahren zum detektieren von vorfällen | |
| DE60136283D1 (de) | Verfahren und system zum perforieren | |
| DE60142556D1 (de) | System und verfahren zum bündeln von informationen | |
| DE60029914D1 (de) | System und Verfahren zum Zwischenspeichern | |
| DE60126382D1 (de) | Verfahren und Gerät zur Erkennung von Gegenständen | |
| DE60114072D1 (de) | Verfahren und Vorrichtung zum Verbinden | |
| DE60123514D1 (de) | Vorrichtung und Verfahren zum Nachweis von Wächterlymphknoten | |
| DE69928222D1 (de) | Verfahren und System zum Versand von Information | |
| DE10196672T1 (de) | System und Verfahren zum selektiven Indizieren von Datenbanken | |
| DE10196292T1 (de) | Schaltung und Verfahren zum Erkennen von Mehrfachübereinstimmungen | |
| DE60107142D1 (de) | Verfahren und Vorrichtung zur Detektierung von Schalterbetätigungen | |
| DE69732255D1 (de) | Verfahren und vorrichtungen zum nachweis von bakteriophagen | |
| DE60120822D1 (de) | Meta-Dokument und Verfahren zum Verwalten von Meta-Dokumenten | |
| DE60121701D1 (de) | Verfahren und Vorrichtung zum Nachrichtendienst | |
| DE60134974D1 (de) | Verfahren und vorrichtung zum abwickeln von bahnmaterial | |
| DE60133316D1 (de) | System und verfahren zum abfangen von telekommunikationen | |
| DE60018588D1 (de) | Vorrichtungen und verfahren zum nachweis von mikroorganismen | |
| DE50108594D1 (de) | Verfahren und Vorrichtung zum Nachweisen von Quecksilber | |
| ATE293076T1 (de) | Verfahren und vorrichtung zum stapeln von tortillachips | |
| DE60009503D1 (de) | Verfahren und vorrichtung zum umwickeln | |
| DE69805280D1 (de) | Gerät und verfahren zur mustererkennung. | |
| DE60102762D1 (de) | Verfahren und Vorrichtung zum Etikettieren | |
| DE69922242D1 (de) | Verfahren und vorrichtung zum aufwickeln von metallbändern | |
| DE50115254D1 (de) | Verfahren zum erkennen und/oder begrenzen von kurzndler | |
| DE50010726D1 (de) | Verfahren und Vorrichtung zum Vereinzeln flächiger Güter |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 8364 | No opposition during term of opposition |