公开(公告)号：US20150371044A1

公开(公告)日：2015-12-24

申请号：US14764670

申请日：2013-01-31

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： William Horne ,  Tomas Sander ,  Krishnamurthy Viswanathan ,  Siva Raj Rajagopalan ,  Anurag Singla

IPC: G06F21/57 ,  H04L29/06

CPC classification number: G06F21/57 ,  G06F21/577 ,  G06F2221/034 ,  H04L63/1408 ,  H04L63/20

Abstract: Providing a targeted security alert can include collecting participant data from a plurality of participants within a threat exchange community, calculating, using a threat exchange server, a threat relevancy score of a participant among the plurality of participants within the threat exchange community using the collected participant data, and providing, from the threat exchange server to the participant, the targeted security alert based on the calculated threat relevancy score via a communication link within the threat exchange community.

Abstract translation: 提供有针对性的安全警报可以包括从威胁交换社区内的多个参与者收集参与者数据，使用所收集的参与者在威胁交换社区内的多个参与者中使用威胁交换服务器计算参与者的威胁相关性得分 数据，并且通过威胁交换社区内的通信链路，从威胁交换服务器向参与者提供基于所计算的威胁相关性得分的目标安全警报。

公开(公告)号：US20140143868A1

公开(公告)日：2014-05-22

申请号：US13680731

申请日：2012-11-19

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： SM PRAKASH SHIVA ,  Siva Raj Rajagopalan

IPC: G06F21/55

CPC classification number: G06F21/552 ,  H04L63/14

Abstract: A method of monitoring for anomalies in a computing environment comprises, with a processor building an anomaly detection system based on topology guided statistical analysis, and creating a number of correlation rules based on a number of detected anomalies and information provided by a security alerts database.

Abstract translation: 监视计算环境中的异常的方法包括：利用构建基于拓扑引导的统计分析的异常检测系统的处理器，并且基于检测到的异常的数量和由安全警报数据库提供的信息来创建多个相关规则。

公开(公告)号：US09729505B2

公开(公告)日：2017-08-08

申请号：US13755195

申请日：2013-01-31

Applicant: Hewlett-Packard Development Company, L.P.

Inventor： Siva Raj Rajagopalan ,  Tomas Sander ,  Suranjan Pramanik

IPC: H04L9/00 ,  H04L29/06 ,  G06Q10/00

CPC classification number: H04L63/00 ,  G06Q10/00 ,  H04L63/14

Abstract: An example of security threat analysis can include generating a security threat hypothesis based on security data in a threat exchange server. A request for analysis based on the security data can be sent via communication links to at least one security monitored participant to analyze the security data. A response can be received from the at least one security monitored participant with information related to the completed security related task.

公开(公告)号：US20140215608A1

公开(公告)日：2014-07-31

申请号：US13755195

申请日：2013-01-31

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Siva Raj Rajagopalan ,  Tomas Sander ,  Suranjan Pramanik

IPC: H04L29/06

CPC classification number: H04L63/00 ,  G06Q10/00 ,  H04L63/14

Abstract: An example of security threat analysis can include generating a security threat hypothesis based on security data in a threat exchange server. A request for analysis based on the security data can be sent via communication links to at least one security monitored participant to analyze the security data. A response can be received from the at least one security monitored participant with information related to the completed security related task.

Abstract translation: 安全威胁分析的示例可以包括基于威胁交换服务器中的安全数据生成安全威胁假设。 基于安全数据的分析请求可以经由通信链路发送到至少一个安全监控的参与者以分析安全数据。 可以从至少一个安全监视的参与者接收到与完成的安全相关任务相关的信息的响应。

公开(公告)号：US20150373040A1

公开(公告)日：2015-12-24

申请号：US14764596

申请日：2013-01-31

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： Tomas Sander ,  William G. Horne ,  Prasad V. Rao ,  Suranjan Pramanik ,  Siva Raj Rajagopalan ,  Daniel L. Moor ,  Krishnamurthy Viswanathan

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  H04L63/1433 ,  H04L63/1441

Abstract: Sharing information can include identifying, utilizing a threat exchange server, a security occurrence associated with a participant within a threat exchange community. Sharing information can also include determining what participant-related information to share with the threat exchange server in response to the identified security occurrence, and receiving, at the threat exchange server, information associated with the determined participant-related information via communication links within the threat exchange community.

Abstract translation: 共享信息可以包括识别利用威胁交换服务器与威胁交换社区内的参与者相关联的安全事件。 共享信息还可以包括响应于所识别的安全事件来确定与威胁交换服务器共享的参与者相关信息，以及在威胁交换服务器处通过威胁中的通信链路接收与所确定的参与者相关信息相关联的信息 交流社区。

公开(公告)号：US09141791B2

公开(公告)日：2015-09-22

申请号：US13680731

申请日：2012-11-19

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： SM Prakash Shiva ,  Siva Raj Rajagopalan

IPC: G06F21/55 ,  G06F11/00 ,  H04L29/06

CPC classification number: G06F21/552 ,  H04L63/14

Abstract: A method of monitoring for anomalies in a computing environment comprises, with a processor building an anomaly detection system based on topology guided statistical analysis, and creating a number of correlation rules based on a number of detected anomalies and information provided by a security alerts database.

Abstract translation: 监视计算环境中的异常的方法包括：利用构建基于拓扑引导的统计分析的异常检测系统的处理器，并且基于检测到的异常的数量和由安全警报数据库提供的信息来创建多个相关规则。