ATE511296T1 - Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet - Google Patents

Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet

Info

Publication number: ATE511296T1
Authority: AT; Austria
Prior art keywords: packet flow; detecting anomalies; communications system; flow portion; dispersion
Prior art date: 2007-12-31

Application number

AT07857164T

Other languages

English (en)

Inventor

Jovan Golic

Alessandro Rosalia D

Original Assignee

Telecom Italia Spa

Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)

2007-12-31

Filing date

2007-12-31

Publication date

2011-06-15

2007-12-31 Application filed by Telecom Italia Spa filed Critical Telecom Italia Spa

2011-06-15 Application granted granted Critical

2011-06-15 Publication of ATE511296T1 publication Critical patent/ATE511296T1/de

Links

239000006185 dispersion Substances 0.000 abstract 4

Classifications

- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network

Landscapes

Engineering & Computer Science (AREA)
Computer Security & Cryptography (AREA)
Computer Hardware Design (AREA)
Computing Systems (AREA)
General Engineering & Computer Science (AREA)
Computer Networks & Wireless Communication (AREA)
Signal Processing (AREA)
Data Exchanges In Wide-Area Networks (AREA)

AT07857164T 2007-12-31 2007-12-31 Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet ATE511296T1 (de)

Applications Claiming Priority (1)

Application Number	Priority Date	Filing Date	Title
PCT/EP2007/011473 WO2009083022A1 (en)	2007-12-31	2007-12-31	Method of detecting anomalies in a communication system using numerical packet features

Publications (1)

Publication Number	Publication Date
ATE511296T1 true ATE511296T1 (de)	2011-06-15

Family

ID=39734170

Family Applications (1)

Application Number	Title	Priority Date	Filing Date
AT07857164T ATE511296T1 (de)	2007-12-31	2007-12-31	Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet

Country Status (4)

Country	Link
US (1)	US8503302B2 (de)
EP (1)	EP2241072B1 (de)
AT (1)	ATE511296T1 (de)
WO (1)	WO2009083022A1 (de)

Families Citing this family (48)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US8095983B2 (en)	2005-03-15	2012-01-10	Mu Dynamics, Inc.	Platform for analyzing the security of communication protocols and channels
US8095982B1 (en)	2005-03-15	2012-01-10	Mu Dynamics, Inc.	Analyzing the security of communication protocols and channels for a pass-through device
US9172611B2 (en)	2006-09-01	2015-10-27	Spirent Communications, Inc.	System and method for discovering assets and functional relationships in a network
US7958230B2 (en)	2008-09-19	2011-06-07	Mu Dynamics, Inc.	Test driven deployment and monitoring of heterogeneous network systems
US7774637B1 (en)	2007-09-05	2010-08-10	Mu Dynamics, Inc.	Meta-instrumentation for security analysis
US9736172B2 (en)	2007-09-12	2017-08-15	Avaya Inc.	Signature-free intrusion detection
US9438641B2 (en) *	2007-09-12	2016-09-06	Avaya Inc.	State machine profiling for voice over IP calls
US9100417B2 (en) *	2007-09-12	2015-08-04	Avaya Inc.	Multi-node and multi-call state machine profiling for detecting SPIT
US20100031156A1 (en) *	2008-07-31	2010-02-04	Mazu Networks, Inc.	User Interface For Network Events and Tuning
US9258217B2 (en)	2008-12-16	2016-02-09	At&T Intellectual Property I, L.P.	Systems and methods for rule-based anomaly detection on IP network flow
US20110080829A1 (en) *	2009-10-05	2011-04-07	Vss Monitoring, Inc.	Method, apparatus and system for monitoring network conditions via a stacked topology of network captured traffic distribution devices
US8463860B1 (en)	2010-05-05	2013-06-11	Spirent Communications, Inc.	Scenario based scale testing
US8547974B1 (en)	2010-05-05	2013-10-01	Mu Dynamics	Generating communication protocol test cases based on network traffic
KR101767232B1 (ko) *	2010-10-08	2017-08-23	아이디 퀀티크 에스.에이.	임의로 효율을 변경함으로써, 양자 암호화 장치의 단일 광자 검출기들의 제어권을 가져가는 공격들의 검출을 위한 장치 및 방법
US8682812B1 (en) *	2010-12-23	2014-03-25	Narus, Inc.	Machine learning based botnet detection using real-time extracted traffic features
US9106514B1 (en)	2010-12-30	2015-08-11	Spirent Communications, Inc.	Hybrid network software provision
US20120174220A1 (en) *	2010-12-31	2012-07-05	Verisign, Inc.	Detecting and mitigating denial of service attacks
US8935383B2 (en)	2010-12-31	2015-01-13	Verisign, Inc.	Systems, apparatus, and methods for network data analysis
KR101036750B1 (ko) *	2011-01-04	2011-05-23	주식회사 엔피코어	좀비행위 차단 시스템 및 방법
WO2012134563A1 (en) *	2011-03-31	2012-10-04	Verisign, Inc.	Systems, apparatus, and methods for network data analysis
US8464219B1 (en)	2011-04-27	2013-06-11	Spirent Communications, Inc.	Scalable control system for test execution and monitoring utilizing multiple processors
US8934352B2 (en)	2011-08-30	2015-01-13	At&T Intellectual Property I, L.P.	Hierarchical anomaly localization and prioritization
US20140075557A1 (en) *	2012-09-11	2014-03-13	Netflow Logic Corporation	Streaming Method and System for Processing Network Metadata
US9843488B2 (en)	2011-11-07	2017-12-12	Netflow Logic Corporation	Method and system for confident anomaly detection in computer network traffic
CN102523223B (zh) *	2011-12-20	2014-08-27	北京神州绿盟信息安全科技股份有限公司	一种木马检测的方法及装置
CN103366119B (zh) *	2012-04-09	2016-08-03	腾讯科技（深圳）有限公司	病毒趋势异常的监控方法及装置
US8972543B1 (en)	2012-04-11	2015-03-03	Spirent Communications, Inc.	Managing clients utilizing reverse transactions
US8929236B2 (en)	2012-07-30	2015-01-06	Hewlett-Packard Development Company, L.P.	Network flow analysis
KR101410233B1 (ko) *	2012-11-01	2014-06-20	주식회사 윈스	네트워크 세션 행위 패턴 모델링 탐지방법 및 모델링탐지시스템
KR20140098390A (ko) *	2013-01-31	2014-08-08	삼성전자주식회사	네트워크 시스템의 공격 탐지 장치 및 방법
FR3009407B1 (fr) *	2013-07-31	2017-01-06	Thales Sa	Procede de detection d'evenements suspects dans un fichier de collecte d'informations relatives a un flux de donnees; support d'enregistrement et systeme associes
FR3012637B1 (fr) *	2013-10-28	2015-12-25	Commissariat Energie Atomique	Procede et dispositif de detection d'attaque d'une source d'entropie
US9288220B2 (en) *	2013-11-07	2016-03-15	Cyberpoint International Llc	Methods and systems for malware detection
WO2015095974A1 (en) *	2013-12-27	2015-07-02	Metafor Software Inc.	System and method for anomaly detection in information technology operations
US9955382B2 (en) *	2014-02-17	2018-04-24	Telefonaktiebolaget Lm Ericsson (Publ)	Handling of wireless backhaul links
US9900342B2 (en) *	2014-07-23	2018-02-20	Cisco Technology, Inc.	Behavioral white labeling
FR3025040B1 (fr) *	2014-08-22	2020-10-09	Thales Sa	Procede et dispositif de detection d'evenements suspects parmi un ensemble d'evenements relatifs a une session d'execution d'un systeme
CN105429950B (zh) *	2015-10-29	2019-04-23	国家计算机网络与信息安全管理中心	一种基于动态数据包采样的网络流量识别系统和方法
US10055336B1 (en) *	2016-06-23	2018-08-21	VCE IP Holding Company LLC	Computer implemented system and method and computer program product for testing a software component by simulating an interface to a computing component using randomized network packet information
US10375143B2 (en) *	2016-08-26	2019-08-06	Cisco Technology, Inc.	Learning indicators of compromise with hierarchical models
US10524141B2 (en) *	2017-03-20	2019-12-31	T-Mobile Usa, Inc.	Destructive testing of network nodes
US10447713B2 (en)	2017-04-26	2019-10-15	At&T Intellectual Property I, L.P.	Internet traffic classification via time-frequency analysis
US11271954B2 (en)	2017-07-14	2022-03-08	Cisco Technology, Inc.	Generating a vector representative of user behavior in a network
CN110110160B (zh) *	2017-12-29	2020-04-14	阿里巴巴集团控股有限公司	确定数据异常的方法及装置
EP3511856A1 (de) *	2018-01-16	2019-07-17	Nokia Solutions and Networks Oy	Verfahren, vorrichtung und computerlesbares medium zur erkennung von mindestens einer änderung kontinuierlicher daten
CN117118776A (zh) *	2019-02-08	2023-11-24	松下电器（美国）知识产权公司	异常判定方法、异常判定装置以及程序
US12008444B2 (en)	2020-06-19	2024-06-11	Hewlett Packard Enterprise Development Lp	Unclassified traffic detection in a network
US20240396913A1 (en) *	2023-05-23	2024-11-28	University Of South Florida	Sequential packets image-based network intrusion detection system

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US6601014B1 (en)	1999-11-30	2003-07-29	Cerebrus Solutions Ltd.	Dynamic deviation
US20030200441A1 (en)	2002-04-19	2003-10-23	International Business Machines Corporation	Detecting randomness in computer network traffic
US8191136B2 (en)	2002-11-04	2012-05-29	Riverbed Technology, Inc.	Connection based denial of service detection
US7272853B2 (en) *	2003-06-04	2007-09-18	Microsoft Corporation	Origination/destination features and lists for spam prevention
KR20080066653A (ko)	2005-06-29	2008-07-16	트러스티스 오브 보스턴 유니버시티	완전한 네트워크 변칙 진단을 위한 방법 및 장치와 트래픽피쳐 분포를 사용하여 네트워크 변칙들을 검출하고분류하기 위한 방법
US8069182B2 (en) *	2006-04-24	2011-11-29	Working Research, Inc.	Relevancy-based domain classification
US8248946B2 (en) *	2006-06-06	2012-08-21	Polytechnic Institute of New York Unversity	Providing a high-speed defense against distributed denial of service (DDoS) attacks

2007
- 2007-12-31 US US12/811,204 patent/US8503302B2/en active Active
- 2007-12-31 EP EP07857164A patent/EP2241072B1/de not_active Not-in-force
- 2007-12-31 AT AT07857164T patent/ATE511296T1/de not_active IP Right Cessation
- 2007-12-31 WO PCT/EP2007/011473 patent/WO2009083022A1/en not_active Ceased

Also Published As

Publication number	Publication date
US8503302B2 (en)	2013-08-06
EP2241072B1 (de)	2011-05-25
WO2009083022A1 (en)	2009-07-09
US20100284283A1 (en)	2010-11-11
EP2241072A1 (de)	2010-10-20

Legal Events

Date	Code	Title	Description
2011-11-15	RER	Ceased as to paragraph 5 lit. 3 law introducing patent treaties

Publication	Publication Date	Title
ATE511296T1 (de)	2011-06-15	Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet
ATE516655T1 (de)	2011-07-15	Verfahren zur detektion von anomalien in einem kommunikationssystem, das symbolische paketmerkmale verwendet
Zhu et al.	2016	Complex dynamic behavior of a rumor propagation model with spatial-temporal diffusion terms
Rattan et al.	2013	Software clone detection: A systematic review
WO2014177952A3 (en)	2015-06-25	A method and system to dynamically detect traffic anomalies in a network
WO2008118895A3 (en)	2008-11-13	Methods and apparatus for performing channel tree operations
TW200746338A (en)	2007-12-16	Methods and systems for semiconductor testing using a testing scenario language
GB2509036A (en)	2014-06-18	Providing a network-accessible malware analysis
MX2007011510A (es)	2007-10-11	Metodo y aparato para proveer informacion de tiempo de viaje y congestion a usuarios.
WO2013062620A3 (en)	2013-07-11	Methods and systems for analyzing data of an online social network
WO2013102932A3 (en)	2014-06-26	System and method facilitating forecasting, optimization and visualization of energy data for industry
EP2337266A3 (de)	2011-07-27	Nachweis und Klassifizierung von Anomalien in Kommunikationsnetzwerken
EP2350933A4 (de)	2012-05-23	Analyse der leistungsfähigkeit von anwendungen
MY166071A (en)	2018-05-23	Lawful interception for 2g/3g equipment interworking with evolved packet system
WO2014028648A3 (en)	2014-05-08	System and method for forming predictions using event-based sentiment analysis
GB2536560A (en)	2016-09-21	Creating virtual production logging tool profiles for improved history matching
GB2529097A (en)	2016-02-10	Method of website optimisation for a website hosted on a server system, and a server system
WO2007098405A3 (en)	2008-04-10	Systems and methods for determining a flow of data
WO2013061162A3 (en)	2013-07-25	System and method of operating mode self-adaptation
WO2011160217A3 (en)	2012-02-16	Equation-based assessment grading method and participant response system employing same
Xu et al.	2008	Stability and Hopf bifurcation in a predator–prey model with stage structure for the predator
WO2011017419A3 (en)	2011-05-05	Systems and methods for monitoring corrosion in a well
BRPI1105734A2 (pt)	2014-06-17	Previsão de desempenho de um centro de chamadas
ATE541390T1 (de)	2012-01-15	Verfahren und system für einheitliche überlastungs- und überflusssteuerung zur unterstützung von voip- und mehrfach-qos- flussverkehr in einem kommunikationsnetz
WO2014030833A8 (ko)	2014-05-08	소셜정보를 이용한 자살수 예측 방법 및 장치