公开(公告)号：US20150373040A1

公开(公告)日：2015-12-24

申请号：US14764596

申请日：2013-01-31

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Tomas Sander ,  William G. Horne ,  Prasad V. Rao ,  Suranjan Pramanik ,  Siva Raj Rajagopalan ,  Daniel L. Moor ,  Krishnamurthy Viswanathan

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  H04L63/1433 ,  H04L63/1441

Abstract: Sharing information can include identifying, utilizing a threat exchange server, a security occurrence associated with a participant within a threat exchange community. Sharing information can also include determining what participant-related information to share with the threat exchange server in response to the identified security occurrence, and receiving, at the threat exchange server, information associated with the determined participant-related information via communication links within the threat exchange community.

Abstract translation: 共享信息可以包括识别利用威胁交换服务器与威胁交换社区内的参与者相关联的安全事件。 共享信息还可以包括响应于所识别的安全事件来确定与威胁交换服务器共享的参与者相关信息，以及在威胁交换服务器处通过威胁中的通信链路接收与所确定的参与者相关信息相关联的信息 交流社区。

公开(公告)号：US09465678B2

公开(公告)日：2016-10-11

申请号：US14418307

申请日：2012-10-25

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Chetan Kumar Gupta ,  Craig Peter Sayers ,  Umeshwar Dayal ,  Krishnamurthy Viswanathan

IPC: G06F9/54 ,  G06F11/00 ,  G06F9/44

CPC classification number: G06F9/542 ,  G06F9/448 ,  G06F11/008 ,  G06F2201/86

Abstract: A method for event correlation includes capturing events and arranging the events sequentially in at least one dimension. An event correlator implemented by a computational device convolves a kernel density function with each of the events to produce a convolved function for each event. Co-occurrences between events are found by calculating overlap between convolved functions.

Abstract translation: 用于事件相关的方法包括捕获事件并且在至少一个维度中顺序排列事件。 由计算设备实现的事件相关器将核心密度函数与每个事件相结合，以产生每个事件的卷积函数。 通过计算卷积函数之间的重叠来发现事件之间的共同事件。

公开(公告)号：US20150371044A1

公开(公告)日：2015-12-24

申请号：US14764670

申请日：2013-01-31

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： William Horne ,  Tomas Sander ,  Krishnamurthy Viswanathan ,  Siva Raj Rajagopalan ,  Anurag Singla

IPC: G06F21/57 ,  H04L29/06

CPC classification number: G06F21/57 ,  G06F21/577 ,  G06F2221/034 ,  H04L63/1408 ,  H04L63/20

Abstract: Providing a targeted security alert can include collecting participant data from a plurality of participants within a threat exchange community, calculating, using a threat exchange server, a threat relevancy score of a participant among the plurality of participants within the threat exchange community using the collected participant data, and providing, from the threat exchange server to the participant, the targeted security alert based on the calculated threat relevancy score via a communication link within the threat exchange community.

Abstract translation: 提供有针对性的安全警报可以包括从威胁交换社区内的多个参与者收集参与者数据，使用所收集的参与者在威胁交换社区内的多个参与者中使用威胁交换服务器计算参与者的威胁相关性得分 数据，并且通过威胁交换社区内的通信链路，从威胁交换服务器向参与者提供基于所计算的威胁相关性得分的目标安全警报。

公开(公告)号：US09063802B2

公开(公告)日：2015-06-23

申请号：US13756126

申请日：2013-01-31

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Krishnamurthy Viswanathan ,  Chetan Kumar Gupta

IPC: G06F3/00 ,  G06F11/00 ,  G06F9/54

CPC classification number: G06F9/542 ,  G06F11/3072 ,  G06F17/3061 ,  G06F2201/835 ,  G06F2201/86

Abstract: Event determination can include selecting a time lag, calculating a dependency value at the time lag between event pairs within a first textual stream and a second textual stream, and ordering the event pairs based on the dependency value.

Abstract translation: 事件确定可以包括选择时滞，在第一文本流和第二文本流之间的事件对之间的时间滞后计算依赖性值，以及基于依赖性值对事件对进行排序。

公开(公告)号：US20140215493A1

公开(公告)日：2014-07-31

申请号：US13756126

申请日：2013-01-31

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Krishnamurthy Viswanathan ,  Chetan Kumar Gupta

IPC: G06F9/54

CPC classification number: G06F9/542 ,  G06F11/3072 ,  G06F17/3061 ,  G06F2201/835 ,  G06F2201/86

Abstract: Event determination can include selecting a time lag, calculating a dependency value at the time lag between event pairs within a first textual stream and a second textual stream, and ordering the event pairs based on the dependency value.

Abstract translation: 事件确定可以包括选择时滞，在第一文本流和第二文本流之间的事件对之间的时间滞后计算依赖性值，以及基于依赖性值对事件对进行排序。

公开(公告)号：US20150205647A1

公开(公告)日：2015-07-23

申请号：US14418307

申请日：2012-10-25

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Chetan Kumar Gupta ,  Craig Peter Sayers ,  Umeshwar Dayal ,  Krishnamurthy Viswanathan

IPC: G06F9/54 ,  G06F9/44

CPC classification number: G06F9/542 ,  G06F9/448 ,  G06F11/008 ,  G06F2201/86

Abstract: A method for event correlation includes capturing events and arranging the events sequentially in at least one dimension. An event correlator implemented by a computational device convolves a kernel density function with each of the events to produce a convolved function for each event. Co-occurrences between events are found by calculating overlap between convolved functions.

Abstract translation: 用于事件相关的方法包括捕获事件并且在至少一个维度中顺序排列事件。 由计算设备实现的事件相关器将核心密度函数与每个事件相结合，以产生每个事件的卷积函数。 通过计算卷积函数之间的重叠来发现事件之间的共同事件。