Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2011-05-10
2011-05-10
Truong, Thanhnga B (Department: 2438)
Information security
Monitoring or scanning of software or data including attack...
C726S023000, C726S024000, C726S025000, C713S188000
Reexamination Certificate
active
07941851
ABSTRACT:
The invention is a comprehensive conceptual and computational architecture that enables monitoring accumulated time-oriented data using knowledge related to the operation of elements of a computer network and deriving temporal abstractions from the accumulated data and the knowledge in order to identify electronic threat patterns and create alerts. The architecture of the invention supports two main modes of operation:a. an automated, continuous mode for monitoring, recognition and detection of known eThreats; andb. an interactive, human-operated intelligent tool for dynamic exploration of the contents of a security storage service to identify new temporal patterns that characterize such threats, and to add them to the monitoring database.The architecture of the invention can analyze data collected from various sources, such as end-user devices, network element, network links etc., to identify potentially infected devices, files, sub-streams or network segments.
REFERENCES:
patent: 7010696 (2006-03-01), Cambridge et al.
patent: 2003/0131256 (2003-07-01), Ackroyd
patent: 2004/0128267 (2004-07-01), Berger et al.
patent: 2007/0152854 (2007-07-01), Copley
Shahar, Y. et al: “Model-based visualization of temporal abstractions”; May 16-17, 1998; pp. 11-20; XP002437464.
Abdullah, K. et al: “IDS Rainstorm: Visualizing IDS alarms”; IEEE workshop Oct. 26, 2005; XP 010852592.
D. Boaz, and Y. Shahar “A distributed temporal-abstraction mediation architecture for medical databases”, Artificial Intelligence in Medicine, 2005. 34 (1), 3-24.
Y. Shahar, “A Framework for knowledge-based temporal abstraction”, Artificial intelligence, 1997. 90(1-2): p. 79-133.
Y. Shahar et al., “KNAVE II: A distributed architecture for interactive visualization and . . . data”, Intelligent Data Analysis in Medicine and Pharmacology. 2003, Cyprus.
D. Klimov and Y. Shahar “A Framework for Intelligent Visualization of Multiple Time-Oriented Medical Records”, AMIA. 2005.
A. Spokoiny et al., “Momentum—An active time-oriented database for intelligent abstraction . . . data”, Medical Informatics (MEDINFO). 2004. San Francisco, CA.
Elovici Yuval
Shabtai Assaf
Shahar Yuval
Tahan Gil
Deutsche Telekom AG
Holmes Angela
McCarthy Kevin D.
Roach Brown McCarthy & Gruber P.C.
Truong Thanhnga B
LandOfFree
Architecture for identifying electronic threat patterns does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Architecture for identifying electronic threat patterns, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Architecture for identifying electronic threat patterns will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2652593