公开(公告)号：US09866426B2

公开(公告)日：2018-01-09

申请号：US14613159

申请日：2015-02-03

申请人： HAWK Network Defense Inc.

发明人： Tim Shelton ,  David Harris ,  Todd Jason Wheeler, Jr.

IPC分类号： G06F17/00 ,  G06N5/02 ,  H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  H04L12/26

CPC分类号： H04L41/0604 ,  H04L41/0631 ,  H04L41/0636 ,  H04L41/145 ,  H04L43/026 ,  H04L63/1408 ,  H04L63/20 ,  H04L67/30

摘要： Apparatus and methods facilitate analysis of events associated with network and computer systems. Event data, such as security threats, are comparison matched with event rules of event rule sets associated with each network or computer system to determine whether the items are potentially significant. Additionally, the system-event data may be scored where the score is used for prioritizing system-event data as to their significance. Associated with the comparison matching are various analytics that further analyze event data for measuring and analyzing the system-event data according to various algorithms.

公开(公告)号：US11695787B2

公开(公告)日：2023-07-04

申请号：US16918935

申请日：2020-07-01

申请人： HAWK NETWORK DEFENSE, INC.

发明人： Timothy J. Shelton ,  David Edwin Harris ,  Todd Jason Wheeler, Jr.

IPC分类号： H04L9/40 ,  G06F16/22

CPC分类号： H04L63/1416 ,  G06F16/2282

摘要： Disclosed are apparatus and methods that facilitate analysis of events associated with network and computer systems. The methodology includes determining at least one lookup key in a host device for an event occurring in the host device and determining whether the at least one lookup key is used in a memory to determine if at least one key-value pair exists for the event. The methodology also includes appending the at least one key-value pair to the event, and storing the at least one key-value pair in the memory based on the at least one lookup key including replacing existing keys found for the at least one lookup key.