-
1.发明授权公开(公告)号:US07424742B1
公开(公告)日:2008-09-09
申请号:US10976075
申请日:2004-10-27
申请人: Debabrata Dash , Christian Beedgen
发明人: Debabrata Dash , Christian Beedgen
IPC分类号: G06F11/00
CPC分类号: H04L63/1425 , G06F21/55
摘要: A query for security event can be represented as an event channel. The event channel may be displayed as a grid of events. In one embodiment, the events included in the event channel are dynamic and can change after initial observation. In one embodiment, the present invention includes creating an event channel defined by a timeframe and an event filter, the event channel including security events stored in an event database that satisfy the timeframe and the event filter. When a security event changes after the event channel has been created, one embodiment of the invention further includes observing a change to a security event stored in the event database, and dynamically updating the event channel based on the observed change.
摘要翻译: 对安全事件的查询可以表示为事件通道。 事件通道可以显示为事件网格。 在一个实施例中,包括在事件通道中的事件是动态的,并且可以在初始观察之后改变。 在一个实施例中,本发明包括创建由时间帧和事件过滤器定义的事件通道,事件通道包括存储在满足时间框架和事件过滤器的事件数据库中的安全事件。 当安全事件在事件通道被创建之后改变时,本发明的一个实施例还包括观察对存储在事件数据库中的安全事件的改变,以及基于观察到的改变来动态地更新事件通道。
-
2.发明授权System and method to anonymize data transmitted to a destination computing device 有权用于对发送到目的地计算设备的数据进行匿名化的系统和方法公开(公告)号:US09292696B1
公开(公告)日:2016-03-22
申请号:US13843925
申请日:2013-03-15
IPC分类号: G06F21/60
CPC分类号: G06F21/60 , H04L63/0227 , H04L63/0435
摘要: A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Data to be transmitted is received from a user computer. The data includes a plurality of fields of data. One or more fields of data are selected for anonymization. The selected one or more fields are anonymized. The data with one or more fields anonymized is transmitted to the destination computing device.
摘要翻译: 公开了一种用于将要发送到目的地计算设备的数据进行匿名化的方法和系统。 从用户计算机接收要发送的数据。 数据包括多个数据字段。 选择一个或多个数据字段进行匿名化。 所选的一个或多个字段是匿名的。 具有一个或多个匿名字段的数据被发送到目的地计算设备。
-
3.发明授权System and method to anonymize data transmitted to a destination computing device 有权用于对发送到目的地计算设备的数据进行匿名化的系统和方法公开(公告)号:US08694646B1
公开(公告)日:2014-04-08
申请号:US13042459
申请日:2011-03-08
申请人: Pravin Kothari , Debabrata Dash , Yuh-wen Soung , Theron Tock
发明人: Pravin Kothari , Debabrata Dash , Yuh-wen Soung , Theron Tock
IPC分类号: G06F15/16
CPC分类号: G06F17/30569 , G06F21/602 , H04L63/0421 , H04L63/0435
摘要: A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. Selective anonymization of the data is performed, based on the anonymization strategy, using an anonymization module. Anonymized data is transmitted to the destination computing device over a network.
摘要翻译: 公开了一种用于将要发送到目的地计算设备的数据进行匿名化的方法和系统。 提供数据匿名化的匿名化策略。 从用户计算机接收要发送的数据。 基于匿名化策略,使用匿名化模块来执行数据的选择性匿名化。 匿名数据通过网络传输到目标计算设备。
-
公开(公告)号:US07644438B1
公开(公告)日:2010-01-05
申请号:US10975962
申请日:2004-10-27
IPC分类号: G08B23/00
CPC分类号: H04L63/0218 , H04L63/1416
摘要: A network security system can have a plurality of distributed software agents configured to collect security events from network devices. In one embodiment, the agents are configured to aggregate the security events. In one embodiment of the present invention, an agent includes a device interface to receive a security event from a network device, a plurality of aggregation profiles, and an agent aggregate module to select one of the plurality of aggregation profiles, and increment an event count of an aggregate event representing the received security event using the selected aggregation profile.
摘要翻译: 网络安全系统可以具有被配置为从网络设备收集安全事件的多个分布式软件代理。 在一个实施例中,代理被配置为聚合安全事件。 在本发明的一个实施例中,代理包括从网络设备接收安全事件的设备接口,多个聚合简档和代理聚合模块,用于选择多个聚合简档中的一个,并且增加事件计数 使用所选择的聚合简档表示所接收的安全事件的聚合事件。
-
公开(公告)号:US09853986B2
公开(公告)日:2017-12-26
申请号:US14359261
申请日:2012-01-26
申请人: Debabrata Dash , Wenting Tang , Marylou Orayani
发明人: Debabrata Dash , Wenting Tang , Marylou Orayani
CPC分类号: H04L63/1416 , G06F11/3476 , G06F17/30699 , G06F17/30705 , G06F21/552 , G06F2201/86 , G06F2221/2151 , H04L63/1408 , H04L63/1441
摘要: Systems and methods for processing log data are provided. A set of data chunks is determined. Each data chunk is associated with a set of events, which are grouped according to a primary time dimension field of each event of the set of events. A metadata structure is determined for each of the data chunks. The metadata structure includes comprises a range of the primary time dimension field of all of the events in the data chunk and a range of a secondary time dimension field of all of the events in the data chunk. A subset of the data chunks is selected. A data chunk associated with at least one event of the plurality of events is generated according to the secondary time dimension field of the at least one event.
-
公开(公告)号:US09535961B2
公开(公告)日:2017-01-03
申请号:US14358500
申请日:2011-11-18
IPC分类号: G06F17/30
CPC分类号: G06F17/30554 , G06F17/30315 , G06F17/30477 , G06F17/30536
摘要: A data storage system includes a column store and a row store. The data storage system may generate a query summary. The data storage system determines query summary fields comprised of a subset of fields from a schema used to store data in the row store. The data storage system searches the column store or the row store for query results in the query summary fields. A query summary field is generated from the query results in the query summary fields.
摘要翻译: 数据存储系统包括列存储和行存储。 数据存储系统可以生成查询摘要。 数据存储系统确定由来自用于存储行存储中的数据的模式的字段子集构成的查询摘要字段。 数据存储系统在查询摘要字段中搜索列存储或行存储中的查询结果。 查询摘要字段从查询摘要字段中的查询结果生成。
-
7.发明申请公开(公告)号:US20110145711A1
公开(公告)日:2011-06-16
申请号:US13031079
申请日:2011-02-18
申请人: Hugh S. Njemanze , Debabrata Dash , Shijie Wang
发明人: Hugh S. Njemanze , Debabrata Dash , Shijie Wang
IPC分类号: G06F15/177 , G06F15/173 , G06F3/048
CPC分类号: G06F21/552
摘要: A selected time interval of previously stored events generated by a number of computer network devices are replayed and cross-correlated according to rules. Meta-events are generated when the events satisfy conditions associated with one or more of the rules. The rules used during replay may differ from prior rules used at a time when the events occurred within a computer network that included the computer network devices. In this way, new rules can be tested against true event data streams to determine whether or not the rules should be used in a live environment (i.e., the efficacy of the rules can be tested an tor debugged against actual event data).
摘要翻译: 由多个计算机网络设备产生的先前存储的事件的选定时间间隔根据规则被重放和交叉相关。 当事件满足与一个或多个规则相关联的条件时,生成元事件。 在播放期间使用的规则可能与在计算机网络中包含计算机网络设备的事件发生时所使用的先前规则不同。 以这种方式,可以针对真实事件数据流来测试新规则,以确定在活动环境中是否应该使用规则(即,可以针对实际事件数据来调试规则的功效)。
-
公开(公告)号:US20090106244A1
公开(公告)日:2009-04-23
申请号:US12200981
申请日:2008-08-29
申请人: Debabrata Dash , Guy M. Lohman , Nimrod Megiddo , Jun Rao
发明人: Debabrata Dash , Guy M. Lohman , Nimrod Megiddo , Jun Rao
IPC分类号: G06F17/30
CPC分类号: G06F16/2465 , Y10S707/99931 , Y10S707/99932 , Y10S707/99933 , Y10S707/99934 , Y10S707/99935 , Y10S707/99937 , Y10S707/99938 , Y10S707/99942 , Y10S707/99943 , Y10S707/99944
摘要: Exemplary embodiments of the present invention relate to enhanced faceted search support for OLAP queries over unstructured text as well as structured dimensions by the dynamic and automatic discovery of dimensions that are determined to be most “interesting” to a user based upon the data. Within the exemplary embodiments “interestingness” is defined as how surprising a summary along some dimensions is from a user's expectation. Further, multi-attribute facets are determined and a user is optionally permitted to specify the distribution of values that she expects, and/or the distance metric by which actual and expected distributions are to be compared.
摘要翻译: 本发明的示例性实施例涉及通过基于数据被确定为对用户最“有趣”的维度的动态和自动发现的针对非结构化文本的OLAP查询的增强的分面搜索支持以及结构化维度。 在示例性实施例中,“兴趣”被定义为从用户的期望来看,某些维度上的摘要令人惊讶。 此外,确定多属性小平面,并且可选地允许用户指定她期望的值的分布,和/或要比较实际和预期分布的距离度量。
-
公开(公告)号:US07260844B1
公开(公告)日:2007-08-21
申请号:US10655062
申请日:2003-09-03
IPC分类号: G06F11/00
CPC分类号: H04L63/1433 , G06F21/577 , H04L63/1425
摘要: A network security system is provided that receives information from various sensors and can analyse the received information. In one embodiment of the present invention, such a system receives a security event from a software agent. The received security event includes a target address and an event signature, as generated by the software agent. The event signature can be used to determine a set of vulnerabilities exploited by the received security event, and the target address can be used to identify a target asset within the network. By accessing a model of the target asset, a set of vulnerabilities exposed by the target asset can be retrieved. Then, a threat can be detected by comparing the set of vulnerabilities exploited by the security event to the set of vulnerabilities exposed by the target asset.
摘要翻译: 提供一种从各种传感器接收信息并且可以分析所接收的信息的网络安全系统。 在本发明的一个实施例中,这样的系统从软件代理接收安全事件。 所接收的安全事件包括由软件代理产生的目标地址和事件签名。 可以使用事件签名来确定接收的安全事件利用的一组漏洞,并且可以使用目标地址来识别网络内的目标资产。 通过访问目标资产的模型,可以检索目标资产公开的一组漏洞。 然后,可以通过将安全事件利用的一组漏洞与目标资产公开的一组漏洞进行比较来检测威胁。
-
公开(公告)号:US09667741B1
公开(公告)日:2017-05-30
申请号:US13844161
申请日:2013-03-15
CPC分类号: H04L67/32 , G06F17/30569 , G06F21/6254 , H04L63/0407 , H04L63/0421 , H04L63/0435
摘要: A method and system for anonymizing data to be transmitted to a destination computing device is disclosed. Anonymization strategy for data anonymization is provided. Data to be transmitted is received from a user computer. A context sensing word is appended to the anonymized data. The anonymized data and the context sensing word are transmitted to the destination computing device. In one embodiment, the data includes a plurality of normal words and a plurality of stop words. A compacted stop word representative of each of the stop word and their relative position in the data is created. Anonymized normal words and anonymized compacted stop word is transmitted to the destination computing device.
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.018 秒)
