公开(公告)号：US20130133066A1

公开(公告)日：2013-05-23

申请号：US13302395

申请日：2011-11-22

申请人： Ramesh Natarajan ,  Timothy Gordon Brown ,  Carrie Elaine Gates

发明人： Ramesh Natarajan ,  Timothy Gordon Brown ,  Carrie Elaine Gates

IPC分类号： G06F21/00

CPC分类号： H04L63/1408 ,  G06Q20/4016 ,  Y10S707/99933

摘要： Systems and methods are provided for intrusion detection. The systems and methods may include receiving transaction information related to one or more current transactions between a client entity and a resource server, accessing a database storing a plurality of transaction groups, analyzing the received transaction information with respect to information related to at least one of the plurality of transaction groups, and based on said analyzing, determining a possibility of an occurrence of an intrusion act at the resource server. The transaction groups may be formed based on a plurality of past transactions between a plurality of client entities and the resource server. Identity information of a user associated with the one or more current transactions may also be received along with the transaction information. The user may be associated with at least one of the plurality of transaction groups.

摘要翻译： 为入侵检测提供了系统和方法。 所述系统和方法可以包括接收与客户实体和资源服务器之间的一个或多个当前事务相关的交易信息，访问存储多个交易组的数据库，分析与所述客户端实体和资源服务器之间的至少一个相关的信息的接收到的交易信息 所述多个事务组，并且基于所述分析，确定在所述资源服务器处发生入侵行为的可能性。 可以基于多个客户端实体和资源服务器之间的多个过去事务来形成事务组。 与一个或多个当前事务相关联的用户的身份信息也可以与交易信息一起被接收。 用户可以与多个交易组中的至少一个相关联。

公开(公告)号：US08776228B2

公开(公告)日：2014-07-08

申请号：US13302395

申请日：2011-11-22

申请人： Ramesh Natarajan ,  Timothy Gordon Brown ,  Carrie Elaine Gates

发明人： Ramesh Natarajan ,  Timothy Gordon Brown ,  Carrie Elaine Gates

IPC分类号： G06F21/00 ,  H04L29/06

CPC分类号： H04L63/1408 ,  G06Q20/4016 ,  Y10S707/99933

摘要： Systems and methods are provided for intrusion detection. The systems and methods may include receiving transaction information related to one or more current transactions between a client entity and a resource server, accessing a database storing a plurality of transaction groups, analyzing the received transaction information with respect to information related to at least one of the plurality of transaction groups, and based on said analyzing, determining a possibility of an occurrence of an intrusion act at the resource server. The transaction groups may be formed based on a plurality of past transactions between a plurality of client entities and the resource server. Identity information of a user associated with the one or more current transactions may also be received along with the transaction information. The user may be associated with at least one of the plurality of transaction groups.

摘要翻译： 为入侵检测提供了系统和方法。 所述系统和方法可以包括接收与客户实体和资源服务器之间的一个或多个当前事务相关的交易信息，访问存储多个交易组的数据库，分析与所述客户端实体和资源服务器之间的至少一个相关的信息的接收到的交易信息 所述多个事务组，并且基于所述分析，确定在所述资源服务器处发生入侵行为的可能性。 可以基于多个客户端实体和资源服务器之间的多个过去事务来形成事务组。 与一个或多个当前事务相关联的用户的身份信息也可以与交易信息一起被接收。 用户可以与多个交易组中的至少一个相关联。