公开(公告)号：US20230179601A1

公开(公告)日：2023-06-08

申请号：US17563647

申请日：2021-12-28

Applicant: INDUSTRIAL TECHNOLOGY RESEARCH INSTITUTE

Inventor： Tzy-Shiah WANG ,  Shih-Ming HUANG ,  Chuan-Yu CHO ,  Nien-Chi LIU ,  Che-Hao LIU

IPC: H04L9/40 ,  G06N20/00

CPC classification number: H04L63/101 ,  G06N20/00

Abstract: A method for generating an application white list is applicable to a server. The method is performed by a computing device communicably connected to the server and includes following steps: collecting a network log and a system log of the server, performing an analysis procedure to extract a plurality of application attributes from the network log and the system log with one of the application attributes being an application identifier, performing a training procedure according to the plurality of application attributes to generate a candidate rule, according to a plurality of behaviors in the network log and the system log, calculating the ratio of the number of behaviors among said plurality of behaviors that conforming to the candidate rule to a number of all of said plurality of behaviors, and storing the candidate rule to a whitelist when the ratio falls within a trust interval.

公开(公告)号：US20240364661A1

公开(公告)日：2024-10-31

申请号：US18644066

申请日：2024-04-23

Applicant: INDUSTRIAL TECHNOLOGY RESEARCH INSTITUTE

Inventor： Che-Hao LIU ,  Chuan-Yu CHO ,  Yi-Ping LUO ,  Chen Yi HO

IPC: H04L9/40

CPC classification number: H04L63/0263

Abstract: A network management device and method are provided. In response to at least one electronic device transmitting a plurality of network packets, the network management device retrieves a plurality of network packet information corresponding to the network packets. The network management device determines a plurality of first packet features corresponding to the at least one electronic device based on the network packet information. The network management device generates at least one first candidate rule corresponding to the at least one electronic device based on the first packet features. The network management device manages the network packets transmitted by the at least one electronic device on the network based on the at least one first candidate rule.