ATE511296T1 - Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet - Google Patents

Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet

Info

Publication number: ATE511296T1
Authority: AT; Austria
Prior art keywords: packet flow; detecting anomalies; communications system; flow portion; dispersion
Prior art date: 2007-12-31

Application number

AT07857164T

Other languages

English (en)

Inventor

Jovan Golic

Alessandro Rosalia D

Original Assignee

Telecom Italia Spa

Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)

2007-12-31

Filing date

2007-12-31

Publication date

2011-06-15

2007-12-31 Application filed by Telecom Italia Spa filed Critical Telecom Italia Spa

2011-06-15 Application granted granted Critical

2011-06-15 Publication of ATE511296T1 publication Critical patent/ATE511296T1/de

Classifications

- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network

Landscapes

Engineering & Computer Science (AREA)
Computer Security & Cryptography (AREA)
Computer Hardware Design (AREA)
Computing Systems (AREA)
General Engineering & Computer Science (AREA)
Computer Networks & Wireless Communication (AREA)
Signal Processing (AREA)
Data Exchanges In Wide-Area Networks (AREA)

AT07857164T 2007-12-31 2007-12-31 Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet ATE511296T1 (de)

Applications Claiming Priority (1)

Application Number	Priority Date	Filing Date	Title
PCT/EP2007/011473 WO2009083022A1 (en)	2007-12-31	2007-12-31	Method of detecting anomalies in a communication system using numerical packet features

Publications (1)

Publication Number	Publication Date
ATE511296T1 true ATE511296T1 (de)	2011-06-15

Family

ID=39734170

Family Applications (1)

Application Number	Title	Priority Date	Filing Date
AT07857164T ATE511296T1 (de)	2007-12-31	2007-12-31	Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet

Country Status (4)

Country	Link
US (1)	US8503302B2 (de)
EP (1)	EP2241072B1 (de)
AT (1)	ATE511296T1 (de)
WO (1)	WO2009083022A1 (de)

Families Citing this family (47)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US8095983B2 (en)	2005-03-15	2012-01-10	Mu Dynamics, Inc.	Platform for analyzing the security of communication protocols and channels
US8095982B1 (en) *	2005-03-15	2012-01-10	Mu Dynamics, Inc.	Analyzing the security of communication protocols and channels for a pass-through device
US7958230B2 (en)	2008-09-19	2011-06-07	Mu Dynamics, Inc.	Test driven deployment and monitoring of heterogeneous network systems
US9172611B2 (en)	2006-09-01	2015-10-27	Spirent Communications, Inc.	System and method for discovering assets and functional relationships in a network
US7774637B1 (en)	2007-09-05	2010-08-10	Mu Dynamics, Inc.	Meta-instrumentation for security analysis
US9736172B2 (en)	2007-09-12	2017-08-15	Avaya Inc.	Signature-free intrusion detection
US9438641B2 (en) *	2007-09-12	2016-09-06	Avaya Inc.	State machine profiling for voice over IP calls
US9100417B2 (en) *	2007-09-12	2015-08-04	Avaya Inc.	Multi-node and multi-call state machine profiling for detecting SPIT
US20100031156A1 (en) *	2008-07-31	2010-02-04	Mazu Networks, Inc.	User Interface For Network Events and Tuning
US9258217B2 (en) *	2008-12-16	2016-02-09	At&T Intellectual Property I, L.P.	Systems and methods for rule-based anomaly detection on IP network flow
US20110087771A1 (en) *	2009-10-05	2011-04-14	Vss Monitoring, Inc.	Method, apparatus and system for a layer of stacked network captured traffic distribution devices
US8547974B1 (en)	2010-05-05	2013-10-01	Mu Dynamics	Generating communication protocol test cases based on network traffic
US8463860B1 (en)	2010-05-05	2013-06-11	Spirent Communications, Inc.	Scenario based scale testing
WO2012046135A2 (en) *	2010-10-08	2012-04-12	Id Quantique S.A.	Apparatus and method for the detection of attacks taking control of the single photon detectors of a quantum cryptography apparatus by randomly changing their efficiency
US8682812B1 (en) *	2010-12-23	2014-03-25	Narus, Inc.	Machine learning based botnet detection using real-time extracted traffic features
US9106514B1 (en)	2010-12-30	2015-08-11	Spirent Communications, Inc.	Hybrid network software provision
US8935383B2 (en)	2010-12-31	2015-01-13	Verisign, Inc.	Systems, apparatus, and methods for network data analysis
US20120174220A1 (en)	2010-12-31	2012-07-05	Verisign, Inc.	Detecting and mitigating denial of service attacks
KR101036750B1 (ko) *	2011-01-04	2011-05-23	주식회사 엔피코어	좀비행위 차단 시스템 및 방법
WO2012134563A1 (en) *	2011-03-31	2012-10-04	Verisign, Inc.	Systems, apparatus, and methods for network data analysis
US8464219B1 (en)	2011-04-27	2013-06-11	Spirent Communications, Inc.	Scalable control system for test execution and monitoring utilizing multiple processors
US8934352B2 (en)	2011-08-30	2015-01-13	At&T Intellectual Property I, L.P.	Hierarchical anomaly localization and prioritization
US9843488B2 (en)	2011-11-07	2017-12-12	Netflow Logic Corporation	Method and system for confident anomaly detection in computer network traffic
US20140075557A1 (en) *	2012-09-11	2014-03-13	Netflow Logic Corporation	Streaming Method and System for Processing Network Metadata
CN102523223B (zh) *	2011-12-20	2014-08-27	北京神州绿盟信息安全科技股份有限公司	一种木马检测的方法及装置
CN103366119B (zh)	2012-04-09	2016-08-03	腾讯科技（深圳）有限公司	病毒趋势异常的监控方法及装置
US8972543B1 (en)	2012-04-11	2015-03-03	Spirent Communications, Inc.	Managing clients utilizing reverse transactions
US8929236B2 (en)	2012-07-30	2015-01-06	Hewlett-Packard Development Company, L.P.	Network flow analysis
KR101410233B1 (ko) *	2012-11-01	2014-06-20	주식회사 윈스	네트워크 세션 행위 패턴 모델링 탐지방법 및 모델링탐지시스템
KR20140098390A (ko) *	2013-01-31	2014-08-08	삼성전자주식회사	네트워크 시스템의 공격 탐지 장치 및 방법
FR3009407B1 (fr) *	2013-07-31	2017-01-06	Thales Sa	Procede de detection d'evenements suspects dans un fichier de collecte d'informations relatives a un flux de donnees; support d'enregistrement et systeme associes
FR3012637B1 (fr) *	2013-10-28	2015-12-25	Commissariat Energie Atomique	Procede et dispositif de detection d'attaque d'une source d'entropie
US9288220B2 (en) *	2013-11-07	2016-03-15	Cyberpoint International Llc	Methods and systems for malware detection
WO2015095974A1 (en)	2013-12-27	2015-07-02	Metafor Software Inc.	System and method for anomaly detection in information technology operations
EP3108683B1 (de) *	2014-02-17	2018-01-03	Telefonaktiebolaget LM Ericsson (publ)	Handhabung von drahtlosen backhaul-verbindungen
US9900342B2 (en) *	2014-07-23	2018-02-20	Cisco Technology, Inc.	Behavioral white labeling
FR3025040B1 (fr) *	2014-08-22	2020-10-09	Thales Sa	Procede et dispositif de detection d'evenements suspects parmi un ensemble d'evenements relatifs a une session d'execution d'un systeme
CN105429950B (zh) *	2015-10-29	2019-04-23	国家计算机网络与信息安全管理中心	一种基于动态数据包采样的网络流量识别系统和方法
US10055336B1 (en) *	2016-06-23	2018-08-21	VCE IP Holding Company LLC	Computer implemented system and method and computer program product for testing a software component by simulating an interface to a computing component using randomized network packet information
US10375143B2 (en) *	2016-08-26	2019-08-06	Cisco Technology, Inc.	Learning indicators of compromise with hierarchical models
US10524141B2 (en) *	2017-03-20	2019-12-31	T-Mobile Usa, Inc.	Destructive testing of network nodes
US10447713B2 (en)	2017-04-26	2019-10-15	At&T Intellectual Property I, L.P.	Internet traffic classification via time-frequency analysis
US11271954B2 (en)	2017-07-14	2022-03-08	Cisco Technology, Inc.	Generating a vector representative of user behavior in a network
CN110110160B (zh)	2017-12-29	2020-04-14	阿里巴巴集团控股有限公司	确定数据异常的方法及装置
EP3511856A1 (de) *	2018-01-16	2019-07-17	Nokia Solutions and Networks Oy	Verfahren, vorrichtung und computerlesbares medium zur erkennung von mindestens einer änderung kontinuierlicher daten
JP7512208B2 (ja)	2019-02-08	2024-07-08	パナソニックインテレクチュアルプロパティコーポレーションオブアメリカ	異常判定方法、異常判定装置およびプログラム
US12008444B2 (en)	2020-06-19	2024-06-11	Hewlett Packard Enterprise Development Lp	Unclassified traffic detection in a network

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US6601014B1 (en)	1999-11-30	2003-07-29	Cerebrus Solutions Ltd.	Dynamic deviation
US20030200441A1 (en)	2002-04-19	2003-10-23	International Business Machines Corporation	Detecting randomness in computer network traffic
US8191136B2 (en)	2002-11-04	2012-05-29	Riverbed Technology, Inc.	Connection based denial of service detection
US7272853B2 (en) *	2003-06-04	2007-09-18	Microsoft Corporation	Origination/destination features and lists for spam prevention
US8869276B2 (en)	2005-06-29	2014-10-21	Trustees Of Boston University	Method and apparatus for whole-network anomaly diagnosis and method to detect and classify network anomalies using traffic feature distributions
US8069182B2 (en) *	2006-04-24	2011-11-29	Working Research, Inc.	Relevancy-based domain classification
US8248946B2 (en) *	2006-06-06	2012-08-21	Polytechnic Institute of New York Unversity	Providing a high-speed defense against distributed denial of service (DDoS) attacks

2007
- 2007-12-31 WO PCT/EP2007/011473 patent/WO2009083022A1/en active Application Filing
- 2007-12-31 EP EP07857164A patent/EP2241072B1/de not_active Not-in-force
- 2007-12-31 AT AT07857164T patent/ATE511296T1/de not_active IP Right Cessation
- 2007-12-31 US US12/811,204 patent/US8503302B2/en active Active

Also Published As

Publication number	Publication date
US20100284283A1 (en)	2010-11-11
WO2009083022A1 (en)	2009-07-09
US8503302B2 (en)	2013-08-06
EP2241072A1 (de)	2010-10-20
EP2241072B1 (de)	2011-05-25

Similar Documents

Publication	Publication Date	Title
ATE511296T1 (de)	2011-06-15	Verfahren zum detektieren von anomalien in einem kommunikationssystem, das numerische paketmerkmale verwendet
ATE516655T1 (de)	2011-07-15	Verfahren zur detektion von anomalien in einem kommunikationssystem, das symbolische paketmerkmale verwendet
WO2014177952A3 (en)	2015-06-25	A method and system to dynamically detect traffic anomalies in a network
WO2012116236A3 (en)	2013-04-04	System and method for analyzing messages in a network or across networks
GB2509036A (en)	2014-06-18	Providing a network-accessible malware analysis
MY180874A (en)	2020-12-10	Control of flow networks
WO2013102932A3 (en)	2014-06-26	System and method facilitating forecasting, optimization and visualization of energy data for industry
EP2337266A3 (de)	2011-07-27	Nachweis und Klassifizierung von Anomalien in Kommunikationsnetzwerken
WO2014028648A3 (en)	2014-05-08	System and method for forming predictions using event-based sentiment analysis
GB2513732A (en)	2014-11-05	Methods and compositions for sample identification
GB2536560A (en)	2016-09-21	Creating virtual production logging tool profiles for improved history matching
AU2016204397A1 (en)	2016-07-14	System, method, and computer-readable program for real-time monitoring of activity
WO2007098405A3 (en)	2008-04-10	Systems and methods for determining a flow of data
GB2529097A (en)	2016-02-10	Method of website optimisation for a website hosted on a server system, and a server system
WO2010009766A8 (en)	2010-04-01	Lawful interception for 2g/3g equipment interworking with evolved packet system
Xu et al.	2008	Stability and Hopf bifurcation in a predator–prey model with stage structure for the predator
GB2519237A (en)	2015-04-15	Methods and systems for transmitting packets through network interfaces
ATE541390T1 (de)	2012-01-15	Verfahren und system für einheitliche überlastungs- und überflusssteuerung zur unterstützung von voip- und mehrfach-qos- flussverkehr in einem kommunikationsnetz
MX2017012758A (es)	2018-01-30	Metodo y aparato para estimar la cantidad de microorganismos en una unidad taxonomica en una muestra.
SG179043A1 (en)	2012-04-27	Supervision of a communication session comprising several flows over a data network
WO2008111424A1 (ja)	2008-09-18	フィールド照合方法及びシステムと、そのプログラム
Chatanantavet et al.	2013	Linked Modeling Approach to Assess Climate Change Effects on Hydrogeomorphic Processes and Aquatic Ecosystems: Example for a Watershed in Western Montana
Åkesson et al.	2013	Physically based parameterisation of streamflow response functions in flooded stream networks
Andrews et al.	2016	SOILWAT: A mechanistic ecohydrological model for ecosystem classification and prediction
Klaus et al.	2015	On the value of terrestrial diatoms as a tracer for fast flow path connectivity of source areas in a nested catchment setup

Legal Events

Date	Code	Title	Description
2011-11-15	RER	Ceased as to paragraph 5 lit. 3 law introducing patent treaties