首页> 外国专利> DETECTING ZERO-DAY ATTACKS WITH UNKNOWN SIGNATURES VIA MINING CORRELATION IN BEHAVIORAL CHANGE OF ENTITIES OVER TIME

DETECTING ZERO-DAY ATTACKS WITH UNKNOWN SIGNATURES VIA MINING CORRELATION IN BEHAVIORAL CHANGE OF ENTITIES OVER TIME

机译：通过实体随时间变化的采矿关联来检测未知特征的零日攻击

页面导航

摘要
著录项
相似文献

摘要

Zero-day attacks with unknown attack signatures are detected by correlating behavior differences of a plurality of entities. An entity baseline behavior for each entity of the plurality of entities is determined 310, the entity baseline behavior includes multiple variables. An entity behavior difference for each entity is determined at a series of points in time 320. Correlations between the entity behavior differences for the plurality of entities are determined at the series of points in time 330. Based on these correlations, it is determined whether the plurality of entities is exhibiting coordinated behavior differences 340. An attack signature is determined based on the entity behavior differences and the correlations 350. A database of attack signatures is generated 360.

机译：通过关联多个实体的行为差异来检测具有未知攻击特征的零日攻击。在 310 中确定多个实体中的每个实体的实体基线行为，该实体基线行为包括多个变量。在 320 的一系列时间点确定每个实体的实体行为差异。在一系列时间点 330 中确定多个实体的实体行为差异之间的相关性。根据这些相关性，确定多个实体是否表现出协调的行为差异 340 。根据实体行为差异和相关性 350 确定攻击签名。在 360中生成攻击特征的数据库。 展开▼

著录项

公开/公告号US2020145455A1

专利类型

公开/公告日2020-05-07

原文格式PDF

申请/专利权人 GOOGLE LLC;
展开▼

申请/专利号US201816464779

发明设计人 ANIMESH NANDI;
展开▼

申请日2018-06-28

分类号H04L29/06;

国家 US

入库时间 2022-08-21 11:19:20

相似文献

专利

外文文献

中文文献

1. 一种基于报警关联分析的未知攻击场景检测方法 [P] . 中国专利： CN109450946A . 2019-03-08

2. 建立网络实体间呼叫日志关联及查找关联呼叫日志的方法 [P] . 中国专利： CN1968132B . 2010.04.21

3. Detecting zero-day attacks with unknown signatures via mining correlation in behavioral change of entities over time [P] . US11159564B2 . 2021-10-26

机译：随着时间的推移，通过挖掘实体的行为变化中的挖掘相关零点攻击

4. DETECTING ZERO-DAY ATTACKS WITH UNKNOWN SIGNATURES VIA MINING CORRELATION IN BEHAVIORAL CHANGE OF ENTITIES OVER TIME [P] . 世界知识产权组织专利： WO2020005250A1 . 2020-01-02

机译：通过实体随时间变化的采矿关联来检测未知特征的零日攻击

5. APPARATUS AND METHOD FOR DEFENDING A DISTRIBUTION SERVICE ATTACK IN A MOBILE TERMINAL CAPABLE OF BLOCKING A ZERO-DAY ATTACK OR UNKNOWN ATTACKS [P] . 韩国专利： KR20120116730A . 2012-10-23

机译：防御可阻止零日攻击或未知攻击的移动终端中的分发服务攻击的装置和方法

1. A technique for detecting and attributing changes in species distributions to climate change over time [J] . Jianguo Wu 中国人口·资源与环境（英文版） . 2020,第002期

2. Training for the Unknown: The Role of Feedback and Similarity in Detecting Zero-day Attacks [J] . Noam Ben-Asher, Cleotilde Gonzalez Procedia Manufacturing . 2015,第4期

3. Generalizing Behavioral Signatures for Detecting Unknown Malware Variants and Early Warning [J] . Martin Apel, Michael Meier PIK: Praxis der Informationsverarbeitung und Kommunikation . 2012,第1期

4. Hue Signature Auto Update System for Visual Similarity-Based Phishing Detection with Tolerance to Zero-Day Attack [J] . Shuichiro HARUTA, Hiromu ASAHINA, Fumitaka YAMAZAKI, IEICE transactions on information and systems . 2019,第12期

5. The role of User Entity Behavior Analytics to detect network attacks in real time [C] . Manya Ali Salitin, Ali Hussein Zolait International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies . 2018

6. Monitoring unknown source IP addresses and packet sizes to detect DDoS attacks [D] . Kone, Roseline Estelle Sindolmane 2014

7. Detecting Unknown Attacks in Wireless Sensor Networks That Contain Mobile Nodes [O] . Zorana Banković, David Fraga, José M. Moya, 2012

8. Training for the Unknown: The Role of Feedback and Similarity in Detecting Zero-day Attacks [O] . Ben-Asher Noam, Gonzalez Cleotilde 2015

1. Generating Rule-Based Signatures for Detecting Polymorphic Variants Using Data Mining and Sequence Alignment Approaches [J] . Vijay Naidu ,Jacqueline Whalley ,Ajit Narayanan . 信息安全（英文） . 2018,第4期

2. HTTP-sCAN: Detecting HTTP-Flooding Attack by Modeling Multi-Features of Web Browsing Behavior from Noisy Web-Logs [J] . WANG Jin ,ZHANG Min ,YANG Xiaolong . 中国通信 . 2015,第002期

3. Analytical Tools and Strategic Approach to Detect Poor Quality Medicines, Identify Unknown Components, and Timely Alerts for Appropriate Measures: Case Study of Antimalarial Medicines [J] . Veacute ,daste Habyalimana ,Jeacute . 美国分析化学（英文） . 2015,第13期

4. Detecting DDoS Attacks against Web Server Using Time Series Analysis [J] . WU Qing-tao SHAO Zhi-qing . 武汉大学自然科学学报：英文版 . 2006,第1期

5. 肺通气量指标在不同强度下伴随时间的变化特征 [C] . SHEN Hui-xiang ,申慧祥 ,CHEN Xue-wei . 第十四届全国劳动卫生与职业病学术会议 . 2016

6. 基于数据挖掘的入侵检测未知攻击识别框架研究 [A] . 姚醒 . 2006