-
公开(公告)号:US20120198277A1
公开(公告)日:2012-08-02
申请号:US13497461
申请日:2010-08-12
CPC分类号: H04L63/1416 , G06N99/005 , H04L43/08 , H04L63/1408 , H04L63/1425 , H04L63/1433
摘要: A method for monitoring and controlling, industrial or building automation to detect anomalies in a control network, wherein a technology of an intrusion detection system (IDS) is configured to analyze a time sequence and time intervals of correct messages in the network traffic and to use the messages to train an anomaly detection system. Detecting a time sequence and a rhythm of correct messages allows for the detection of malfunctions or manipulations of devices and attacks that are performed using regular monitoring or control stations that have been taken over by attackers or that are defect, and that cannot be detected using content-based methods or by a considerable increase of data traffic. An additional security barrier is thus provided that can continue monitoring and protecting a technical unit from possible acts of sabotage, even if the control network of the technical unit has already been corrupted.
摘要翻译: 一种用于监测和控制工业或楼宇自动化以检测控制网络中的异常的方法,其中入侵检测系统(IDS)的技术被配置为分析网络业务中正确消息的时间序列和时间间隔并使用 消息来训练异常检测系统。 检测时间序列和正确消息的节奏允许检测使用由攻击者接管或缺陷的常规监视或控制站执行的设备和攻击的故障或攻击,并且无法使用内容检测到 的方法或大量增加的数据流量。 因此,提供了一个附加的安全屏障,即使技术单元的控制网络已经被破坏,它可以继续监视和保护技术单元免受可能的破坏行为。
-
公开(公告)号:US20090202061A1
公开(公告)日:2009-08-13
申请号:US12281935
申请日:2007-03-02
IPC分类号: H04M3/42
CPC分类号: H04M3/436 , H04L65/1079 , H04M7/006
摘要: The invention relates to a method for the computer-assisted identification of a class of VoIP calls of a first type (spam) in a communication network (internet). Said communication network has a plurality (N) of first subscribers (Tn1-1, . . . , Tn1-5) and a plurality (M) of second subscribers (Tn2-1, . . . , Tn2-7), the first and the second subscribers being allocated a definite characteristic (IP address, telephone number, e-mail address) wherein, at least some of the first subscribers (Tn1-1, . . . , Tn1-5) are allocated, respectively, with at least one list (white list, black list) which contains at least one definite characteristic of the second subscriber. During a call of one of the second subscribers to one of the first subscribers, a control screens to see whether the characteristic of the second subscriber is on the list of the first subscriber and in the event that the second subscriber is not on the list of the called first subscribers, the lists of the additional first subscriber are used to make a decision whether the call is classified as a call of the first type (spam or trusted caller).
摘要翻译: 本发明涉及一种用于计算机辅助识别通信网络(互联网)中的第一类型(垃圾邮件)的VoIP呼叫的方法。 所述通信网络具有多个(N)个第一用户(Tn1-1,...,Tn1-5)和多个(M)个第二用户(Tn2-1,...,Tn2-7),第一 并且第二用户被分配有明确的特征(IP地址,电话号码,电子邮件地址),其中分别分配了第一用户(Tn1-1,...,Tn1-5)中的至少一些,具有 至少包含第二用户的至少一个确定特征的列表(白名单,黑名单)。 在第一用户之一的第二用户之一的呼叫期间,控制屏幕,以查看第二用户的特征是否在第一用户的列表上,以及在第二用户不在第 被叫的第一用户,附加的第一用户的列表被用于决定呼叫是否被分类为第一类型的呼叫(垃圾邮件或受信任的呼叫者)。
-
公开(公告)号:US20150339345A1
公开(公告)日:2015-11-26
申请号:US14404322
申请日:2013-03-25
CPC分类号: G06F17/30398 , G06F17/30389 , G06F17/30395 , G06N99/005
摘要: At least one hit in a large volume of data is found using a graphical search pattern. The graphical search pattern is created afresh or modified by a user using a graphical interface. The user may implement complex searches and use a graphical representation of properties and/or correlations for the search in a directed manner. The method may be used, for example, in data mining, in the monitoring of states, or in automated alerting.
摘要翻译: 使用图形搜索模式找到大量数据中的至少一次命中。 图形搜索模式是由用户使用图形界面重新创建或修改的。 用户可以实现复杂的搜索并且以有针对性的方式使用属性和/或相关性的图形表示来进行搜索。 该方法可以用于例如数据挖掘,状态监视或自动警报中。
-
公开(公告)号:US10191938B2
公开(公告)日:2019-01-29
申请号:US14404322
申请日:2013-03-25
摘要: At least one hit in a large volume of data is found using a graphical search pattern. The graphical search pattern is created afresh or modified by a user using a graphical interface. The user may implement complex searches and use a graphical representation of properties and/or correlations for the search in a directed manner. The method may be used, for example, in data mining, in the monitoring of states, or in automated alerting.
-
公开(公告)号:US09197652B2
公开(公告)日:2015-11-24
申请号:US13497461
申请日:2010-08-12
CPC分类号: H04L63/1416 , G06N99/005 , H04L43/08 , H04L63/1408 , H04L63/1425 , H04L63/1433
摘要: A method for monitoring and controlling, industrial or building automation to detect anomalies in a control network, wherein a technology of an intrusion detection system (IDS) is configured to analyze a time sequence and time intervals of correct messages in the network traffic and to use the messages to train an anomaly detection system. Detecting a time sequence and a rhythm of correct messages allows for the detection of malfunctions or manipulations of devices and attacks that are performed using regular monitoring or control stations that have been taken over by attackers or that are defect, and that cannot be detected using content-based methods or by a considerable increase of data traffic. An additional security barrier is thus provided that can continue monitoring and protecting a technical unit from possible acts of sabotage, even if the control network of the technical unit has already been corrupted.
摘要翻译: 一种用于监测和控制工业或楼宇自动化以检测控制网络中的异常的方法,其中入侵检测系统(IDS)的技术被配置为分析网络业务中正确消息的时间序列和时间间隔并使用 消息来训练异常检测系统。 检测时间序列和正确消息的节奏允许检测使用由攻击者接管或缺陷的常规监视或控制站执行的设备和攻击的故障或攻击,并且无法使用内容检测到 的方法或大量增加的数据流量。 因此,提供了一个附加的安全屏障,即使技术单元的控制网络已经被破坏,它可以继续监视和保护技术单元免受可能的破坏行为。
-
-
-
-
搜索结果
5 条记录 (耗时 0.021 秒)
