Invention Grant
- Patent Title: Online alert ranking and attack scenario reconstruction
-
Application No.: US15729030Application Date: 2017-10-10
-
Publication No.: US10333952B2Publication Date: 2019-06-25
- Inventor: Zhengzhang Chen , LuAn Tang , Ying Lin , Zhichun Li , Haifeng Chen , Guofei Jiang
- Applicant: NEC Laboratories America, Inc.
- Applicant Address: JP Tokyo
- Assignee: NEC Corporation
- Current Assignee: NEC Corporation
- Current Assignee Address: JP Tokyo
- Agent Joseph Kolodka
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L12/24

Abstract:
Methods and systems for detecting security intrusions include detecting alerts in monitored system data. Temporal dependencies are determined between the alerts based on a prefix tree formed from the detected alerts. Content dependencies between the alerts are determined based on a distance between alerts in a graph representation of the detected alerts. The alerts are ranked based on an optimization problem that includes the temporal dependencies and the content dependencies. A security management action is performed based on the ranked alerts.
Public/Granted literature
- US20180034836A1 ONLINE ALERT RANKING AND ATTACK SCENARIO RECONSTRUCTION Public/Granted day:2018-02-01
Information query