-
公开(公告)号:US10333952B2
公开(公告)日:2019-06-25
申请号:US15729030
申请日:2017-10-10
Applicant: NEC Laboratories America, Inc.
Inventor: Zhengzhang Chen , LuAn Tang , Ying Lin , Zhichun Li , Haifeng Chen , Guofei Jiang
Abstract: Methods and systems for detecting security intrusions include detecting alerts in monitored system data. Temporal dependencies are determined between the alerts based on a prefix tree formed from the detected alerts. Content dependencies between the alerts are determined based on a distance between alerts in a graph representation of the detected alerts. The alerts are ranked based on an optimization problem that includes the temporal dependencies and the content dependencies. A security management action is performed based on the ranked alerts.
-
公开(公告)号:US20180034836A1
公开(公告)日:2018-02-01
申请号:US15729030
申请日:2017-10-10
Applicant: NEC Laboratories America, Inc.
Inventor: Zhengzhang Chen , LuAn Tang , Ying Lin , Zhichun Li , Haifeng Chen , Guofei Jiang
IPC: H04L29/06
CPC classification number: H04L63/1416 , G06F21/554 , H04L41/12 , H04L41/142 , H04L41/145 , H04L63/1425
Abstract: Methods and systems for detecting security intrusions include detecting alerts in monitored system data. Temporal dependencies are determined between the alerts based on a prefix tree formed from the detected alerts. Content dependencies between the alerts are determined based on a distance between alerts in a graph representation of the detected alerts. The alerts are ranked based on an optimization problem that includes the temporal dependencies and the content dependencies. A security management action is performed based on the ranked alerts.
-
Search Results
2
records
(took 0.014 seconds)
