-
公开(公告)号:US20180060665A1
公开(公告)日:2018-03-01
申请号:US15688094
申请日:2017-08-28
Applicant: NEC Laboratories America, Inc.
Inventor: Dongjin Song , Haifeng Chen , Guofei Jiang , Yao Qin
CPC classification number: G06K9/00718 , G06F16/2423 , G06F17/18 , G06K9/00744 , G06K9/6271 , G06K2009/00738 , G06N3/02 , G06N3/04 , G06N3/0445 , G06N3/0454 , G06N3/049 , G06N3/084 , G06N20/00 , G06Q10/06375 , G06T2207/20084 , G08B23/00 , G08B31/00
Abstract: Systems and methods for time series prediction are described. The systems and methods include encoding driving series into encoded hidden states, the encoding including adaptively prioritizing driving series at each timestamp using input attention, the driving series including data sequences collected from sensors. The systems and methods further includes decoding the encoded hidden states to generate a predicting model, the decoding including adaptively prioritizing encoded hidden states using temporal attention. The systems and methods further include generating predictions of future events using the predicting model based on the data sequences. The systems and methods further include generating signals for initiating an action to devices based on the predictions.
-
公开(公告)号:US20180060385A1
公开(公告)日:2018-03-01
申请号:US15684273
申请日:2017-08-23
Applicant: NEC Laboratories America, Inc.
Inventor: Xusheng Xiao , Zhichun Li , Mu Zhang , Guofei Jiang , Jiaping Gui
IPC: G06F17/30
CPC classification number: G06F16/24532 , G06F16/22 , G06F16/245 , G06F16/24535 , G06F16/24545 , G06F21/57 , G06F21/6227 , G06F2221/034
Abstract: Methods for querying a database and database systems include optimizing a database query for parallel execution using spatial and temporal information relating to elements in the database, the optimized database query being split into sub-queries with sub-queries being divided spatially according to host and temporally according to time window. The sub-queries are executed in parallel. The results of the database query are outputted progressively.
-
公开(公告)号:US20180054445A1
公开(公告)日:2018-02-22
申请号:US15623538
申请日:2017-06-15
Applicant: NEC Laboratories America, Inc.
Inventor: Junghwan Rhee , Yuseok Jeon , Zhichun Li , Kangkook Jee , Zhenyu Wu , Guofei Jiang
IPC: H04L29/06
CPC classification number: H04L63/1425 , G06F21/55 , G06F21/606 , G06F2221/2141 , G06F2221/2145 , H04L63/1433
Abstract: A computer-implemented method for performing privilege flow analysis is presented. The computer-implemented method includes monitoring at least one program operating system (OS) event handled by a program, generating a privilege flow graph, determining an inferred program behavior context, and generating, based on a combination of the privilege flow graph and the inferred program behavior context, an inferred behavior context-aware privilege flow graph to distinguish different roles of processes and/or threads within the program.
-
公开(公告)号:US20170314961A1
公开(公告)日:2017-11-02
申请号:US15653115
申请日:2017-07-18
Applicant: NEC Laboratories America, Inc.
Inventor: Haifeng Chen , Kenji Yoshihira , Guofei Jiang
CPC classification number: G01D3/08 , G06F11/3055 , G06F11/3072 , G06F11/3447 , G06F17/18 , G06F17/5009 , G06F2201/805 , G06F2201/81 , G06K9/00536 , G06K9/6247 , G06K9/6252 , G06N5/04 , G06N7/08 , G06N20/00
Abstract: Systems and methods for anomaly detection in complex physical systems, including extracting features representative of a temporal evolution of the complex physical system, and analyzing the extracted features by deriving vector trajectories using sliding window segmentation of time series, applying a linear test to determine whether the vector trajectories are linear, and performing subspace decomposition on the vector trajectory based on the linear test. A system evolution model is generated from an ensemble of models, and a fitness score is determined by analyzing different data properties of the system based on specific data dependency relationships. An alarm is generated if the fitness score exceeds a predetermined number of threshold violations for the different data properties.
-
公开(公告)号:US20170277997A1
公开(公告)日:2017-09-28
申请号:US15430024
申请日:2017-02-10
Applicant: NEC Laboratories America, Inc.
Inventor: Bo Zong , Jianwu Xu , Guofei Jiang
CPC classification number: G06F16/2477 , G06F11/3072 , G06F16/35 , G06N5/045
Abstract: A method is provided that is performed in a network having nodes that generate heterogeneous logs including performance logs and text logs. The method includes performing, during a heterogeneous log training stage, (i) a log-to-time sequence conversion process for transforming clustered ones of training logs, from among the heterogeneous logs, into a set of time sequences that are each formed as a plurality of data pairs of a first configuration and a second configuration based on cluster type, (ii) a time series generation process for synchronizing particular ones of the time sequences in the set based on a set of criteria to output a set of fused time series, and (iii) an invariant model generation process for building invariant models for each time series data pair in the set of fused time series. The method includes controlling an anomaly-initiating one of the plurality of nodes based on the invariant models.
-
Patent Agency Ranking
公开(公告)号:US20170244620A1
公开(公告)日:2017-08-24
申请号:US15416346
申请日:2017-01-26
Applicant: NEC Laboratories America, Inc.
Inventor: Zhenyu Wu , Zhichun Li , Jungwhan Rhee , Fengyuan Xu , Guofei Jiang , Kangkook Jee , Xusheng Xiao , Zhang Xu
CPC classification number: H04L63/1425 , G06F21/55 , G06F21/552 , H04L63/1416
Abstract: Methods and systems for dependency tracking include identifying a hot process that generates bursts of events with interleaved dependencies. Events related to the hot process are aggregated according to a process-centric dependency approximation that ignores dependencies between the events related to the hot process. Causality in a reduced event stream that comprises the aggregated events is tracked.
-
公开(公告)号:US20170236023A1
公开(公告)日:2017-08-17
申请号:US15351452
申请日:2016-11-15
Applicant: NEC Laboratories America, Inc.
Inventor: Biplob Debnath , Jianwu Xu , Hui Zhang , Guofei Jiang , Hossein Hamooni
CPC classification number: G06K9/4604 , G06F11/34 , G06F16/322 , G06F17/40
Abstract: Systems and methods are disclosed for parsing logs from arbitrary or unknown systems or applications by capturing heterogeneous logs from the arbitrary or unknown systems or applications; generating one pattern for every unique log message; building a pattern hierarchy tree by grouping patterns based on similarity metrics, and for every group it generates one pattern by combing all constituting patterns of that group; and selecting a set of patterns from the pattern hierarchy tree.
-
公开(公告)号:US09736173B2
公开(公告)日:2017-08-15
申请号:US14879876
申请日:2015-10-09
Applicant: NEC Laboratories America, Inc.
Inventor: Zhichun Li , Zhenyu Wu , Zhiyun Qian , Guofei Jiang , Masoud Akhoondi , Markus Kusano
CPC classification number: H04L63/1416 , G06F17/30958 , H04L63/1425 , H04L63/1441 , H04L2463/146
Abstract: Methods and systems for intrusion attack recovery include monitoring two or more hosts in a network to generate audit logs of system events. One or more dependency graphs (DGraphs) is generated based on the audit logs. A relevancy score for each edge of the DGraphs is determined. Irrelevant events from the DGraphs are pruned to generate a condensed backtracking graph. An origin is located by backtracking from an attack detection point in the condensed backtracking graph.
-
49.发明申请公开(公告)号:US20170228277A1
公开(公告)日:2017-08-10
申请号:US15420949
申请日:2017-01-31
Applicant: NEC Laboratories America, Inc.
Inventor: Wei Cheng , Kai Zhang , Haifeng Chen , Guofei Jiang
CPC classification number: G06F11/079 , G06F11/0709 , G06F11/0751 , G06F2201/805 , G06F2201/81 , G06N99/005
Abstract: A method is provided for root cause anomaly detection in an invariant network having a plurality of nodes that generate time series data. The method includes modeling anomaly propagation in the network. The method includes reconstructing broken invariant links in an invariant graph based on causal anomaly ranking vectors. Each broken invariant link involves a respective node pair formed from the plurality of nodes such that one of the nodes in the respective node pair has an anomaly. Each causal anomaly ranking vector is for indicating a respective node anomaly status for a given one of the plurality of nodes when paired. The method includes calculating a sparse penalty of the casual anomaly ranking vectors to obtain a set of time-dependent anomaly rankings. The method includes performing temporal smoothing of the set of rankings, and controlling an anomaly-initiating one of the plurality of nodes based on the set of rankings.
-
50.发明授权公开(公告)号:US09652716B2
公开(公告)日:2017-05-16
申请号:US14527413
申请日:2014-10-29
Applicant: NEC Laboratories America, Inc.
Inventor: Abhishek Sharma , Haifeng Chen , Guofei Jiang , Om Prasad Patri
Abstract: A method and system are provided. The method includes extracting shapelets from each of a plurality of time series dimensions of multi-dimensional time series data. The method further includes building a plurality of decision-tree classifiers, one for each time series dimension, responsive to the shapelets extracted therefrom. The method also includes generating a pairwise similarity matrix between respective different ones of the plurality of time series dimensions using the shapelets as intermediaries for determining similarity. The method additionally includes applying a feature selection technique to the matrix to determine respective feature weights for each of shapelet features of the shapelets and respective classifier weights for each of the decision-tree classifiers that uses the shapelet features. The method further includes combining decisions issued from the decision-tree classifiers to generate a final verdict of classification for a time series dimension responsive to the respective feature weights and the respective classifier weights.
-
-
-
-
-
-
-
-
-
Search Results
176
records
(took 0.025 seconds)
