-
公开(公告)号:US09106689B2
公开(公告)日:2015-08-11
申请号:US13102899
申请日:2011-05-06
申请人: Eric Steinbrecher , Jeremy Impson , Bruce Barnett , Scott Charles Evans , Bernhard Scholz , Weizhong Yan , Thomas Markham , Stephen J. Dill
发明人: Eric Steinbrecher , Jeremy Impson , Bruce Barnett , Scott Charles Evans , Bernhard Scholz , Weizhong Yan , Thomas Markham , Stephen J. Dill
CPC分类号: H04L63/1425 , G06F21/552 , G06F21/554 , H04L63/14 , H04L63/1408
摘要: An intrusion detection method, system and computer-readable media are disclosed. The system can include a processor programmed to perform computer network intrusion detection. The intrusion detection can include an identification module and a detection module. The identification module can be adapted to perform semi-supervised machine learning to identify key components of a network attack and develop MDL models representing those attack components. The detection module can cluster the MDL models and use the clustered MDL models to classify network activity and detect polymorphic or zero-day attacks.
摘要翻译: 公开了入侵检测方法,系统和计算机可读介质。 该系统可以包括被编程为执行计算机网络入侵检测的处理器。 入侵检测可以包括识别模块和检测模块。 识别模块可以适用于执行半监督机器学习,以识别网络攻击的关键组件,并开发代表这些攻击组件的MDL模型。 检测模块可以集中MDL模型,并使用群集MDL模型对网络活动进行分类,并检测多态或零日攻击。
-
公开(公告)号:US20120284793A1
公开(公告)日:2012-11-08
申请号:US13102899
申请日:2011-05-06
申请人: Eric Steinbrecher , Jeremy Impson , Bruce Barnett , Scott Charles Evans , Bernhard Scholz , Weizhong Yang , Thomas Markham , Stephen J. Dill
发明人: Eric Steinbrecher , Jeremy Impson , Bruce Barnett , Scott Charles Evans , Bernhard Scholz , Weizhong Yang , Thomas Markham , Stephen J. Dill
CPC分类号: H04L63/1425 , G06F21/552 , G06F21/554 , H04L63/14 , H04L63/1408
摘要: An intrusion detection method, system and computer-readable media are disclosed. The system can include a processor programmed to perform computer network intrusion detection. The intrusion detection can include an identification module and a detection module. The identification module can be adapted to perform semi-supervised machine learning to identify key components of a network attack and develop MDL models representing those attack components. The detection module can cluster the MDL models and use the clustered MDL models to classify network activity and detect polymorphic or zero-day attacks.
摘要翻译: 公开了入侵检测方法,系统和计算机可读介质。 该系统可以包括被编程为执行计算机网络入侵检测的处理器。 入侵检测可以包括识别模块和检测模块。 识别模块可以适用于执行半监督机器学习,以识别网络攻击的关键组件,并开发代表这些攻击组件的MDL模型。 检测模块可以集中MDL模型,并使用群集MDL模型对网络活动进行分类,并检测多态或零日攻击。
-
3.发明授权Method and apparatus for monitoring and analyzing degree of trust and information assurance attributes information in a data providence architecture workflow 有权用于监视和分析数据存在架构工作流程中的信任度和信息保证属性信息的方法和装置公开(公告)号:US08281141B2
公开(公告)日:2012-10-02
申请号:US12652356
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: H04L9/32
摘要: A method and apparatus that monitors and analyzes degree of trust and information assurance attributes information in a data providence architecture workflow is disclosed. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, and presenting the degree of trust and information assurance attributes information to the user on a display.
摘要翻译: 公开了一种在数据存储架构工作流程中监视和分析信任度和信息保证属性信息的方法和装置。 该方法可以包括接收具有数据来源包装器的消息,检查消息的每个数据来源记录和用于差异的任何附件,识别对消息的每个数据来源记录和任何附件的检查中的任何差异; 基于在消息和任何附件的每个数据来源记录的检查中识别的任何差异,以及在显示器上向用户呈现信任度和信息保证属性信息来计算信任度。
-
4.发明授权Method and apparatus for simulating a workflow and analyzing the behavior of information assurance attributes through a data providence architecture 有权用于模拟工作流并通过数据保护架构分析信息保证属性的行为的方法和装置公开(公告)号:US08452962B2
公开(公告)日:2013-05-28
申请号:US12652266
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: H04L9/32
摘要: A method and apparatus that simulates a workflow and analyzes the behavior of information assurance attributes through a data providence architecture is disclosed. The method may include injecting one or more faults into a simulated workflow, receiving a message in the simulated workflow having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, analyzing the calculated degree of trust with respect to the one or more injected faults and the information assurance attributes, and outputting the analysis to a user.
摘要翻译: 公开了一种模拟工作流并通过数据保护架构分析信息保证属性的行为的方法和装置。 该方法可以包括将一个或多个故障注入到模拟工作流中,在具有数据来源的包装器的模拟工作流中接收消息,检查消息的每个数据来源记录和用于差异的任何附件,识别每个数据的检查中的任何差异 消息和任何附件的出处记录; 根据在消息和任何附件的每个数据来源记录的检查中识别的任何差异来计算信任度,分析关于一个或多个注入的故障和信息保证属性的计算的信任度,并输出分析 给用户
-
5.发明授权Method and apparatus for generating a figure of merit for use in transmission of messages in a multi-level secure environment 有权用于在多级安全环境中生成用于消息传输的品质因数的方法和装置公开(公告)号:US08166122B2
公开(公告)日:2012-04-24
申请号:US12652327
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: G06F15/16
摘要: A method and apparatus that generate a figure of merit for use in transmission of messages in a multi-level secure environment. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments, generating a figure of merit based on objective and subjective information, substituting the figure of merit for the data provenance information, and transmitting the figure of merit with the message across the security domain.
摘要翻译: 一种在多级安全环境中产生用于消息传输的品质因数的方法和装置。 该方法可以包括接收具有数据来源包装器的消息,检查消息的每个数据来源记录和用于差异的任何附件,识别检查消息的每个数据来源记录和任何附件的任何差异,生成品质因数 基于客观和主观信息,将品质因数替换为数据来源信息,并通过该安全域中的消息传递品质因数。
-
6.发明授权公开(公告)号:US08495736B2
公开(公告)日:2013-07-23
申请号:US12652298
申请日:2010-01-05
申请人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
发明人: Stephen J. Dill , Bruce Barnett , Andrew Crapo , Abha Moitra
IPC分类号: H04L29/06
摘要: A method and apparatus that provides information assurance attributes through a data providence architecture is disclosed. The method may include receiving a message having a data provenance wrapper, examining each data provenance record of the message and any attachments for discrepancies, identifying any discrepancies in the examination of each data provenance record of the message and any attachments; calculating a degree of trust based on any discrepancies identified in the examination of each data provenance record of the message and any attachments, and outputting the degree of trust to the user.
摘要翻译: 公开了一种通过数据保护架构提供信息保证属性的方法和装置。 该方法可以包括接收具有数据来源包装器的消息,检查消息的每个数据来源记录和用于差异的任何附件,识别对消息的每个数据来源记录和任何附件的检查中的任何差异; 根据对消息和任何附件的每个数据来源记录的检查中识别的任何差异计算信任度,并向用户输出信任度。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.034 秒)
