-
公开(公告)号:US20140036911A1
公开(公告)日:2014-02-06
申请号:US14038069
申请日:2013-09-26
发明人: Thomas W. Edgar , Sean J. Zabriskie , Eric Y. Choi
IPC分类号: H04L29/06
摘要: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.
摘要翻译: 用于点击串行通信并将串行数据转换成适用于可路由网络的格式的装置和方法对于安全性和故障排除的目的是重要的,特别是在关键基础设施网络中。 通信水龙头应该是完全被动的,这样任何故障都不会中断串行通信。 此外,未指定的串行协议帧的自动确定允许跨各种网络或单个网络内的设备的一般实现,而不需要针对每个实现进行定制。
-
公开(公告)号:US11843634B2
公开(公告)日:2023-12-12
申请号:US17684873
申请日:2022-03-02
CPC分类号: H04L63/1491 , G06N3/044 , G06N3/08 , H04L63/1416
摘要: Methods are described for protecting a cyber-physical system against a potential attacker of the system. The methods include a method of generating a plurality of examples for a training data set and training a system model using the training data set to generate a decoy configured to generate a synthetic output that mimics historical outputs generated by the system for a given historical system context. Also described is a method including receiving a system context of a cyber-physical system; receiving an inquiry into the system by a potential attacker; applying a system model to the system context and the inquiry; obtaining from the system model a synthetic output that mimics how a component of the system would respond to the inquiry given the system context; and providing the synthetic output to the potential attacker.
-
公开(公告)号:US10833954B2
公开(公告)日:2020-11-10
申请号:US14548159
申请日:2014-11-19
发明人: Thomas E. Carroll , Satish Chikkagoudar , Thomas W. Edgar , Kiri J. Oler , Kristine M. Arthur , Daniel M. Johnson , Lars J. Kangas
摘要: A network analysis tool receives network flow information and uses deep learning—machine learning that models high-level abstractions in the network flow information—to identify dependencies between network assets. Based on the identified dependencies, the network analysis tool can discover functional relationships between network assets. For example, a network analysis tool receives network flow information, identifies dependencies between multiple network assets based on evaluation of the network flow information, and outputs results of the identification of the dependencies. When evaluating the network flow information, the network analysis tool can pre-process the network flow information to produce input vectors, use deep learning to extract patterns in the input vectors, and then determine dependencies based on the extracted patterns. The network analysis tool can repeat this process so as to update an assessment of the dependencies between network assets on a near real-time basis.
-
公开(公告)号:US20220150226A1
公开(公告)日:2022-05-12
申请号:US17584885
申请日:2022-01-26
IPC分类号: H04L9/40 , H04L67/561 , H04L67/563 , H04L41/0803 , G06F9/455 , G06F21/31
摘要: Computing system operational methods and apparatus are described. According to one aspect, a computing system operational method includes accessing user information regarding a user logging onto a computing device of the computing system, processing the user information to determine if the user information is authentic, as a result of the processing determining that the user information is authentic, first enabling the computing device to execute an application segment, and as a result of the processing determining that the user information is authentic, second enabling the application segment to communicate data externally of the computing device via one of a plurality of network segments of the computing system.
-
公开(公告)号:US20200076850A1
公开(公告)日:2020-03-05
申请号:US16389758
申请日:2019-04-19
摘要: A system is described for protecting a cyber-physical system against a potential attacker of the cyber-physical system. The system includes at least one processor configured to: collect historical information about the cyber-physical system, and train, based on the historical information, a machine-learned model to predict future conditions of at least a portion of the cyber-physical system. Responsive to detecting an input signal to the cyber-physical system, the system is configured to output an alert to the cyber-physical system indicative of a potential attacker, and respond to the input signal by simulating, based on the future conditions predicted by the machine-learned model, functionality and communications of the at least a portion of the cyber-physical system.
-
公开(公告)号:US11949762B2
公开(公告)日:2024-04-02
申请号:US17319420
申请日:2021-05-13
发明人: Thomas W. Edgar , Sean J. Zabriskie , Eric Y. Choi
摘要: Apparatuses and methods for tapping serial communications and transforming the serial data into a format appropriate for routable networks are significant for purposes of security and troubleshooting, especially in critical infrastructure networks. Communication taps should be completely passive such that any failure would not interrupt the serial communications. Furthermore, automatic determination of unspecified serial protocol frames allow general implementation across various networks, or across devices within a single network, without the need to customize for each implementation.
-
公开(公告)号:US11805104B2
公开(公告)日:2023-10-31
申请号:US16221293
申请日:2018-12-14
IPC分类号: H04L9/40 , H04L41/0803 , G06F9/455 , G06F21/31 , H04L67/561 , H04L67/563
CPC分类号: H04L63/0428 , G06F9/45558 , G06F21/316 , H04L41/0803 , H04L63/102 , H04L63/164 , H04L63/20 , H04L67/561 , H04L67/563 , G06F2009/45587
摘要: Computing system operational methods and apparatus are described. According to one aspect, a computing system operational method includes accessing user information regarding a user logging onto a computing device of the computing system, processing the user information to determine if the user information is authentic, as a result of the processing determining that the user information is authentic, first enabling the computing device to execute an application segment, and as a result of the processing determining that the user information is authentic, second enabling the application segment to communicate data externally of the computing device via one of a plurality of network segments of the computing system.
-
公开(公告)号:US20220191246A1
公开(公告)日:2022-06-16
申请号:US17684873
申请日:2022-03-02
摘要: Methods are described for protecting a cyber-physical system against a potential attacker of the system. The methods include a method of generating a plurality of examples for a training data set and training a system model using the training data set to generate a decoy configured to generate a synthetic output that mimics historical outputs generated by the system for a given historical system context. Also described is a method including receiving a system context of a cyber-physical system; receiving an inquiry into the system by a potential attacker; applying a system model to the system context and the inquiry; obtaining from the system model a synthetic output that mimics how a component of the system would respond to the inquiry given the system context; and providing the synthetic output to the potential attacker.
-
9.发明申请公开(公告)号:US20160142266A1
公开(公告)日:2016-05-19
申请号:US14548159
申请日:2014-11-19
发明人: Thomas E. Carroll , Satish Chikkagoudar , Thomas W. Edgar , Kiri J. Oler , Kristine M. Arthur , Daniel M. Johnson , Lars J. Kangas
CPC分类号: H04L41/16 , H04L41/14 , H04L43/026
摘要: A network analysis tool receives network flow information and uses deep learning—machine learning that models high-level abstractions in the network flow information—to identify dependencies between network assets. Based on the identified dependencies, the network analysis tool can discover functional relationships between network assets. For example, a network analysis tool receives network flow information, identifies dependencies between multiple network assets based on evaluation of the network flow information, and outputs results of the identification of the dependencies. When evaluating the network flow information, the network analysis tool can pre-process the network flow information to produce input vectors, use deep learning to extract patterns in the input vectors, and then determine dependencies based on the extracted patterns. The network analysis tool can repeat this process so as to update an assessment of the dependencies between network assets on a near real-time basis.
摘要翻译: 网络分析工具接收网络流量信息,并使用深入学习机器学习,对网络流量信息中的高级抽象进行建模,以识别网络资产之间的依赖关系。 基于确定的依赖关系,网络分析工具可以发现网络资产之间的功能关系。 例如,网络分析工具接收网络流信息,基于网络流信息的评估来识别多个网络资产之间的依赖关系,并输出依赖关系的识别结果。 在评估网络流量信息时,网络分析工具可以预处理网络流信息以产生输入向量,使用深度学习提取输入向量中的模式,然后基于提取的模式确定依赖关系。 网络分析工具可以重复此过程,以便更新几乎实时的网络资产之间的依赖关系的评估。
-
公开(公告)号:US11985113B2
公开(公告)日:2024-05-14
申请号:US17584885
申请日:2022-01-26
IPC分类号: H04L9/40 , G06F9/455 , G06F21/31 , H04L41/0803 , H04L67/561 , H04L67/563
CPC分类号: H04L63/0428 , G06F9/45558 , G06F21/316 , H04L41/0803 , H04L63/102 , H04L63/164 , H04L63/20 , H04L67/561 , H04L67/563 , G06F2009/45587
摘要: Computing system operational methods and apparatus are described. According to one aspect, a computing system operational method includes accessing user information regarding a user logging onto a computing device of the computing system, processing the user information to determine if the user information is authentic, as a result of the processing determining that the user information is authentic, first enabling the computing device to execute an application segment, and as a result of the processing determining that the user information is authentic, second enabling the application segment to communicate data externally of the computing device via one of a plurality of network segments of the computing system.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.014 秒)
