公开(公告)号：US20050257269A1

公开(公告)日：2005-11-17

申请号：US11121359

申请日：2005-05-03

申请人： Suresh Chari ,  Pau-Chen Cheng ,  Pankaj Rohatgi ,  Charanjit Jutla ,  Josyula Rao ,  Michael Steiner

发明人： Suresh Chari ,  Pau-Chen Cheng ,  Pankaj Rohatgi ,  Charanjit Jutla ,  Josyula Rao ,  Michael Steiner

IPC分类号： H04L9/00 ,  H04L29/06

CPC分类号： H04L63/1416 ,  H04L63/145

摘要： A response system which produces strategies to contain hosts compromised by a worm. One minimizes the damage so caused and the loss of business values induced by actions taken to protect a network. The approach uses logical representation of the target network. By abstracting low level information such as switches, routers and their connectivities, theoretical algorithms are used to find the optimal containment.

摘要翻译： 一种响应系统，其产生策略以包含受蠕虫感染的主机。 一个最小化由此引起的损害，以及为保护网络而采取的行动引起的业务价值的损失。 该方法使用目标网络的逻辑表示。 通过抽象交换机，路由器及其连通性等低级别信息，可以使用理论算法来找到最优的遏制。

公开(公告)号：US20060161982A1

公开(公告)日：2006-07-20

申请号：US11037695

申请日：2005-01-18

申请人： Suresh Chari ,  Pau-Chen Cheng ,  Josyula Rao ,  Pankaj Rohatgi ,  Michael Steiner

发明人： Suresh Chari ,  Pau-Chen Cheng ,  Josyula Rao ,  Pankaj Rohatgi ,  Michael Steiner

IPC分类号： G06F12/14

CPC分类号： G06F21/554 ,  G06F21/53

摘要： An intrusion detection system (IDS), method of protecting computers against intrusions and program product therefor. The IDS determines which applications are to run in native environment (NE) and places the remaining applications in a sandbox. Some of the applications in sandboxes may be placed in a personalized virtual environment (PVE) in the sandbox. Upon detecting an attempted attack, a dynamic honeypot may be started for an application in a sandbox and not in a PVE. A virtualized copy of system resources may be created for each application in a sandbox and provided to the corresponding application in the respective sandbox.

摘要翻译： 入侵检测系统（IDS），防止计算机入侵的方法和程序产品。 IDS确定在本地环境（NE）中运行哪些应用程序，并将剩余的应用程序放在沙箱中。 砂箱中的一些应用程序可能会放置在沙箱中的个性化虚拟环境（PVE）中。 在检测到尝试的攻击时，可以为沙箱而不是PVE中的应用启动动态蜜罐。 可以为沙箱中的每个应用程序创建系统资源的虚拟副本，并提供给相应沙箱中的相应应用程序。

公开(公告)号：US20060104443A1

公开(公告)日：2006-05-18

申请号：US10987640

申请日：2004-11-12

申请人： Suresh Chari ,  Vincenzo Diluoffo ,  Paul Karger ,  Elaine Palmer ,  Tal Rabin ,  Josyula Rao ,  Pankaj Rohatgi ,  Helmut Scherzer ,  Michael Steiner ,  David Toll

发明人： Suresh Chari ,  Vincenzo Diluoffo ,  Paul Karger ,  Elaine Palmer ,  Tal Rabin ,  Josyula Rao ,  Pankaj Rohatgi ,  Helmut Scherzer ,  Michael Steiner ,  David Toll

IPC分类号： H04L9/00

CPC分类号： G06F7/582 ,  H04L9/003 ,  H04L9/0662

摘要： A random number generator (RNG) resistant to side channel attacks includes an activation pseudo random number generator (APRNG) having an activation output connected to an activation seed input to provide a next seed to the activation seed input. A second random number generator includes a second seed input, which receives the next seed and a random data output, which outputs random data in accordance with the next seed. An input seed memory is connected to the activation seed input and a feedback connection from the activation output so that the next seed is stored in the input seed memory to be used by the APRNG as the activation seed input at a next startup cycle.

公开(公告)号：US20120096549A1

公开(公告)日：2012-04-19

申请号：US12903525

申请日：2010-10-13

申请人： Lisa Amini ,  Mihai Christodorescu ,  Mitchell A. Cohen ,  Srinivasan Parthasarathy ,  Josyula Rao ,  Reiner Sailer ,  Douglas L. Schales ,  Wietse Z. Venema ,  Olivier Verscheure

发明人： Lisa Amini ,  Mihai Christodorescu ,  Mitchell A. Cohen ,  Srinivasan Parthasarathy ,  Josyula Rao ,  Reiner Sailer ,  Douglas L. Schales ,  Wietse Z. Venema ,  Olivier Verscheure

IPC分类号： G06F21/00

CPC分类号： H04L63/1433

摘要： Performing adaptive cyber-security analytics including a computer implemented method that includes receiving a report on a network activity. A score responsive to the network activity and to a scoring model is computed at a computer. The score indicates a likelihood of a security violation. The score is validated and the scoring model is automatically updated responsive to results of the validating. The network activity is reported as suspicious in response to the score being within a threshold of a security violation value.

摘要翻译： 执行自适应网络安全分析，包括计算机实现的方法，包括接收关于网络活动的报告。 在计算机上计算响应于网络活动和评分模型的评分。 分数表示安全违规的可能性。 评分得到验证，评分模型会根据验证结果自动更新。 响应于分数在安全违规值的阈值内，网络活动被报告为可疑。

公开(公告)号：US09032521B2

公开(公告)日：2015-05-12

申请号：US12903525

申请日：2010-10-13

申请人： Lisa Amini ,  Mihai Christodorescu ,  Mitchell A. Cohen ,  Srinivasan Parthasarathy ,  Josyula Rao ,  Reiner Sailer ,  Douglas L. Schales ,  Wietse Z. Venema ,  Oliver Verscheure

发明人： Lisa Amini ,  Mihai Christodorescu ,  Mitchell A. Cohen ,  Srinivasan Parthasarathy ,  Josyula Rao ,  Reiner Sailer ,  Douglas L. Schales ,  Wietse Z. Venema ,  Oliver Verscheure

IPC分类号： H04L29/06

CPC分类号： H04L63/1433

摘要： Performing adaptive cyber-security analytics including a computer implemented method that includes receiving a report on a network activity. A score responsive to the network activity and to a scoring model is computed at a computer. The score indicates a likelihood of a security violation. The score is validated and the scoring model is automatically updated responsive to results of the validating. The network activity is reported as suspicious in response to the score being within a threshold of a security violation value.

摘要翻译： 执行自适应网络安全分析，包括计算机实现的方法，包括接收关于网络活动的报告。 在计算机上计算响应于网络活动和评分模型的评分。 分数表示安全违规的可能性。 评分得到验证，评分模型会根据验证结果自动更新。 响应于分数在安全违规值的阈值内，网络活动被报告为可疑。