中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

21 records (took 0.075 seconds)

    Characterizing behavior anomaly analysis performance based on threat intelligence
    1.
    发明授权
    Characterizing behavior anomaly analysis performance based on threat intelligence 有权

    公开(公告)号:US10728264B2

    公开(公告)日:2020-07-28

    申请号:US15433136

    申请日:2017-02-15

    Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

    Inventor: Sandeep N. Bhatt Pratyusa K. Manadhata Tomas Sander

    IPC: H04L29/06 G06N20/00

    Abstract: A technique includes receiving data identifying behavior anomalies that are exhibited by entities that are associated with a computer system. The technique includes associating the behavior anomalies with contexts based at least in part on threat intelligence to provide modified anomalies. The threat intelligence associates the contexts with indicators of potential breach. The technique includes characterizing the behavior anomaly identification based at least in part on the threat intelligence. The characterization includes applying machine learning to features of the modified anomalies to classify the identified behavior anomalies.

    Parameter based data access on a security information sharing platform
    2.
    发明授权
    Parameter based data access on a security information sharing platform 有权

    公开(公告)号:US10389719B2

    公开(公告)日:2019-08-20

    申请号:US15337181

    申请日:2016-10-28

    Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

    Inventor: Terence Spies Tomas Sander Susan K. Langford

    IPC: H04L9/32 H04L29/06 H04L9/06 H04L29/08

    Abstract: Example implementations relate to a security information sharing platform that enables sharing of security information among a plurality of members. For example, in an implementation, a system may determine that a first member of a community of a security information sharing platform is entitled access to a first set of encrypted information shared by a second member of the community. The system may also receive a request, from the first member, to access the first set of encrypted information, the request including a masked parameter. The system may also determine that the masked parameter matches an access parameter for accessing the first set of encrypted information and provide the first member access to the first set of encrypted information in response to determining that the masked parameter matches the access parameter.

    Abnormal behavior detection of enterprise entities using time-series data
    5.
    发明授权
    Abnormal behavior detection of enterprise entities using time-series data 有权

    公开(公告)号:US11310247B2

    公开(公告)日:2022-04-19

    申请号:US15386101

    申请日:2016-12-21

    Applicant: Hewlett Packard Enterprise Development LP

    Inventor: Pratyusa K Manadhata Sandeep N Bhatt Tomas Sander

    IPC: H04L29/06 H04L29/08 H04L29/12 G06N5/02 G06N20/00 G06F16/2458 H04L67/02 H04L61/4511 H04L67/306 H04L67/10

    Abstract: A machine-readable medium may store instructions executable by a processing resource to access log data of an enterprise and extract time-series data of an enterprise entity from the log data. The time-series data may include measured feature values of a set of selected features over a series of time periods. The instructions may be further executable to train a predictive model specific to the enterprise entity using the time-series data, wherein the predictive model is to generate, for a particular time period, a predicted feature value for each of the selected features; access actual feature values of the enterprise entity for the particular time period; apply first-level deviation criteria to the actual feature value and the predicted feature value of each selected feature to identify deviant features of the enterprise entity; and apply second-level deviation criteria to the identified deviant features to identify the enterprise entity as behaving abnormally.

    Updating ground truth data in a security management platform
    6.
    发明授权
    Updating ground truth data in a security management platform 有权

    公开(公告)号:US11049026B2

    公开(公告)日:2021-06-29

    申请号:US15463562

    申请日:2017-03-20

    Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

    Inventor: Pratyusa K. Manadhata Sandeep Bhatt Tomas Sander

    IPC: G06N5/04 G06F21/56 G06F21/57

    Abstract: Updating ground truth data in a security management platform is disclosed. One example is a system including at least one processor and a memory storing instructions executable by the at least one processor to receive, in a security management platform, event data relating to a plurality of events corresponding to operation of a computing arrangement in a current time interval, and computing ground truth data for the current time interval based on the received event data, and threat intelligence data from time intervals preceding the current time interval. A prediction model is applied to generate predictions for the current time interval based on the received event data. Ground truth data is re-computed for the time intervals preceding the current time interval based on a comparison of the generated predictions and the computed ground truth data.

    Conditional security indicator sharing
    7.
    发明授权
    Conditional security indicator sharing 有权

    公开(公告)号:US10395049B2

    公开(公告)日:2019-08-27

    申请号:US15328024

    申请日:2014-07-22

    Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

    Inventor: Anurag Singla Tomas Sander

    IPC: G06F21/62 H04L29/06 G06F21/44 G06F21/46 G06F21/50 G06F21/57

    Abstract: According to an example, conditional security indicator sharing may include analyzing a security indicator that is received from a first entity by a security indicator sharing platform for sharing with a second entity. A determination may be made as to whether to share the security indicator with a third entity based on a condition. In response to a determination that the security indicator is to be shared or not to be shared with the third entity based on the condition, the security indicator may be respectively shared with the third entity, or not shared with the third entity.

    Sharing of community-based security information
    9.
    发明授权
    Sharing of community-based security information 有权

    公开(公告)号:US10701044B2

    公开(公告)日:2020-06-30

    申请号:US15737864

    申请日:2015-06-26

    Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

    Inventor: Tomas Sander Nadav Cohen Brian Frederik Hosea Che Hein Amir Kibbar Ted Ross

    IPC: H04L29/06 G06F21/62

    Abstract: Examples disclosed herein relate to sharing of community-based security information. Some examples may enable generating a first community on a security information sharing platform that enables sharing of security information among a plurality of communities; obtaining a first security indicator from a first user of the first community; providing the first security indicator to the first community; obtaining contextual information related to the first security indicator from a second user of the first community; including the first security indicator and the contextual information related to the first security indicator in the security information of the first community; and encrypting a portion of the security information of the first community with an encryption key, wherein the encryption key is unavailable to users outside of the first community.

Patent Agency Ranking