DE602004004609D1 - Verfahren und Vorrichtung für die Modell-basierte Erkennung von Veränderungen von Netzwerkverkehr - Google Patents
Verfahren und Vorrichtung für die Modell-basierte Erkennung von Veränderungen von NetzwerkverkehrInfo
- Publication number
- DE602004004609D1 DE602004004609D1 DE602004004609T DE602004004609T DE602004004609D1 DE 602004004609 D1 DE602004004609 D1 DE 602004004609D1 DE 602004004609 T DE602004004609 T DE 602004004609T DE 602004004609 T DE602004004609 T DE 602004004609T DE 602004004609 D1 DE602004004609 D1 DE 602004004609D1
- Authority
- DE
- Germany
- Prior art keywords
- changes
- model
- network traffic
- based detection
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/147—Network analysis or design for predicting network behaviour
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US49531403P | 2003-08-14 | 2003-08-14 | |
| US495314P | 2003-08-14 | ||
| US867265 | 2004-06-14 | ||
| US10/867,265 US7751325B2 (en) | 2003-08-14 | 2004-06-14 | Method and apparatus for sketch-based detection of changes in network traffic |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| DE602004004609D1 true DE602004004609D1 (de) | 2007-03-22 |
| DE602004004609T2 DE602004004609T2 (de) | 2007-11-22 |
Family
ID=33567980
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| DE602004004609T Active DE602004004609T2 (de) | 2003-08-14 | 2004-08-06 | Verfahren und Vorrichtung für die Modell-basierte Erkennung von Veränderungen von Netzwerkverkehr |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US7751325B2 (de) |
| EP (1) | EP1507360B1 (de) |
| JP (1) | JP2005065294A (de) |
| DE (1) | DE602004004609T2 (de) |
Families Citing this family (58)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7639714B2 (en) * | 2003-11-12 | 2009-12-29 | The Trustees Of Columbia University In The City Of New York | Apparatus method and medium for detecting payload anomaly using n-gram distribution of normal data |
| US7424489B1 (en) * | 2004-01-23 | 2008-09-09 | At&T Corp. | Methods and apparatus for space efficient adaptive detection of multidimensional hierarchical heavy hitters |
| US7437385B1 (en) * | 2004-01-23 | 2008-10-14 | At&T Corp. | Methods and apparatus for detection of hierarchical heavy hitters |
| EP1580957A3 (de) * | 2004-03-18 | 2009-12-16 | AT&T Corp. | Methode und Gerät zur schnellen Lokalisierung von Anomalien in IP Verkehrsprotokolldateien |
| US7836111B1 (en) * | 2005-01-31 | 2010-11-16 | Hewlett-Packard Development Company, L.P. | Detecting change in data |
| WO2006130840A2 (en) * | 2005-06-02 | 2006-12-07 | Georgia Tech Research Corporation | System and method for data streaming |
| US8086708B2 (en) * | 2005-06-07 | 2011-12-27 | International Business Machines Corporation | Automated and adaptive threshold setting |
| DE102005049561A1 (de) * | 2005-10-12 | 2007-04-19 | Deutsche Telekom Ag | Verfahren zur automatischen Erkennung von Anomalien in Weitverkehrsnetzen (WAN) und lokalen Netzen (LAN) |
| US20080018884A1 (en) * | 2006-01-19 | 2008-01-24 | David Butler | Intrusion Detection in Optical Fiber Networks |
| US7663626B2 (en) * | 2006-02-28 | 2010-02-16 | At&T Corp. | Method and apparatus for providing a network traffic composite graph |
| US7738377B1 (en) * | 2006-05-22 | 2010-06-15 | At&T Intellectual Property Ii, L.P. | Method and apparatus for volumetric thresholding and alarming on internet protocol traffic |
| US8245304B1 (en) * | 2006-06-26 | 2012-08-14 | Trend Micro Incorporated | Autonomous system-based phishing and pharming detection |
| US7475214B2 (en) * | 2006-08-16 | 2009-01-06 | International Business Machines Corporation | Method and system to optimize java virtual machine performance |
| US7788198B2 (en) | 2006-12-14 | 2010-08-31 | Microsoft Corporation | Method for detecting anomalies in server behavior using operational performance and failure mode monitoring counters |
| US7779143B2 (en) * | 2007-06-28 | 2010-08-17 | Alcatel-Lucent Usa Inc. | Scalable methods for detecting significant traffic patterns in a data network |
| JP2009065277A (ja) | 2007-09-04 | 2009-03-26 | Kddi Corp | 情報収集装置、通信異常検知装置およびコンピュータプログラム |
| KR100935861B1 (ko) * | 2007-11-12 | 2010-01-07 | 한국전자통신연구원 | 네트워크 보안 위험도 예측 방법 및 장치 |
| US8009559B1 (en) * | 2008-08-28 | 2011-08-30 | Juniper Networks, Inc. | Global flow tracking system |
| JP4735729B2 (ja) * | 2009-03-12 | 2011-07-27 | 沖電気工業株式会社 | 近似計算処理装置、近似ウェーブレット係数計算処理装置、及び近似ウェーブレット係数計算処理方法 |
| US8843221B2 (en) * | 2009-12-09 | 2014-09-23 | Comau Spa | Automation management system and method |
| US9264321B2 (en) | 2009-12-23 | 2016-02-16 | Juniper Networks, Inc. | Methods and apparatus for tracking data flow based on flow state values |
| US8572746B2 (en) * | 2010-01-21 | 2013-10-29 | The Regents Of The University Of California | Predictive blacklisting using implicit recommendation |
| US8904241B2 (en) * | 2011-07-27 | 2014-12-02 | Oracle International Corporation | Proactive and adaptive cloud monitoring |
| US8310922B2 (en) | 2010-04-15 | 2012-11-13 | International Business Machines Corporation | Summarizing internet traffic patterns |
| US8495087B2 (en) | 2011-02-22 | 2013-07-23 | International Business Machines Corporation | Aggregate contribution of iceberg queries |
| US11030562B1 (en) | 2011-10-31 | 2021-06-08 | Consumerinfo.Com, Inc. | Pre-data breach monitoring |
| TWI437850B (zh) * | 2012-05-30 | 2014-05-11 | 中原大學 | 網路流量異常偵測系統及其方法 |
| US8677485B2 (en) * | 2012-07-13 | 2014-03-18 | Hewlett-Packard Development Company, L.P. | Detecting network anomaly |
| WO2014026220A1 (en) * | 2012-08-13 | 2014-02-20 | Mts Consulting Pty Limited | Analysis of time series data |
| CN103093616B (zh) * | 2012-12-30 | 2015-10-07 | 西安费斯达自动化工程有限公司 | 基于宏观交通流粘滞模型的交通拥堵监控预报方法 |
| IN2013MU01779A (de) | 2013-05-20 | 2015-05-29 | Tata Consultancy Services Ltd | |
| US9191400B1 (en) * | 2013-06-12 | 2015-11-17 | The United States Of America, As Represented By The Secretary Of The Navy | Cyphertext (CT) analytic engine and method for network anomaly detection |
| US9262485B2 (en) | 2013-08-13 | 2016-02-16 | International Business Machines Corporation | Identifying a sketching matrix used by a linear sketch |
| CN103532776B (zh) * | 2013-09-30 | 2016-06-22 | 广东电网公司电力调度控制中心 | 业务流量检测方法及系统 |
| US10489711B1 (en) * | 2013-10-22 | 2019-11-26 | EMC IP Holding Company LLC | Method and apparatus for predictive behavioral analytics for IT operations |
| US9210181B1 (en) * | 2014-05-26 | 2015-12-08 | Solana Networks Inc. | Detection of anomaly in network flow data |
| US9779361B2 (en) * | 2014-06-05 | 2017-10-03 | Mitsubishi Electric Research Laboratories, Inc. | Method for learning exemplars for anomaly detection |
| US9996623B1 (en) | 2014-06-27 | 2018-06-12 | Pubsonic, Inc. | Computer-implemented method of carrying out a search for information available over a network |
| EP3012695B1 (de) | 2014-10-23 | 2017-10-11 | Comau S.p.A. | System zur Überwachung und Steuerung einer Industrieanlage |
| US10339527B1 (en) | 2014-10-31 | 2019-07-02 | Experian Information Solutions, Inc. | System and architecture for electronic fraud detection |
| WO2016136215A1 (ja) * | 2015-02-27 | 2016-09-01 | 日本電気株式会社 | 制御装置およびトラフィック制御方法、並びにコンピュータ・プログラムを記録する記録媒体 |
| US11151468B1 (en) * | 2015-07-02 | 2021-10-19 | Experian Information Solutions, Inc. | Behavior analysis using distributed representations of event data |
| US9906551B2 (en) * | 2016-02-09 | 2018-02-27 | International Business Machines Corporation | Forecasting and classifying cyber-attacks using crossover neural embeddings |
| CN106657038B (zh) * | 2016-12-08 | 2019-12-27 | 西安交通大学 | 一种基于对称度Sketch的网络流量异常检测与定位方法 |
| CN106850558A (zh) * | 2016-12-24 | 2017-06-13 | 国网江苏省电力公司信息通信分公司 | 基于季节模型时间序列的智能电表状态异常检测方法 |
| JP2018173944A (ja) * | 2017-03-30 | 2018-11-08 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America | 情報処理装置および情報処理方法 |
| DE102017206631A1 (de) * | 2017-04-20 | 2018-10-25 | Audi Ag | Verfahren zur Erfassung und Bestimmung einer Ausfallwahrscheinlichkeit eines Funknetzwerkes und Zentralrechner |
| US10699028B1 (en) | 2017-09-28 | 2020-06-30 | Csidentity Corporation | Identity security architecture systems and methods |
| US10637756B2 (en) | 2017-11-13 | 2020-04-28 | Cisco Technology, Inc. | Traffic analytics service for telemetry routers and monitoring systems |
| WO2019161541A1 (en) | 2018-02-23 | 2019-08-29 | Nokia Technologies Oy | Network security |
| US10719359B2 (en) | 2018-05-02 | 2020-07-21 | Servicenow, Inc. | Periodic task execution in an automated context |
| IT201800005091A1 (it) | 2018-05-04 | 2019-11-04 | "Procedimento per monitorare lo stato di funzionamento di una stazione di lavorazione, relativo sistema di monitoraggio e prodotto informatico" | |
| US20210056451A1 (en) * | 2019-08-19 | 2021-02-25 | International Business Machines Corporation | Outlier processing in time series data |
| CN111241482B (zh) * | 2020-01-10 | 2023-05-02 | 合肥工业大学 | 面向多参数系统异常工作状态检测的方法和系统 |
| CN112272121B (zh) * | 2020-09-21 | 2022-01-18 | 中国科学院信息工程研究所 | 一种用于流量监测的效果验证方法及系统 |
| CN112134738B (zh) * | 2020-09-24 | 2023-03-24 | 中电科思仪科技股份有限公司 | 基于复合二维Sketch的网络多维度数据流仿真装置 |
| US11343373B1 (en) | 2021-01-29 | 2022-05-24 | T-Mobile Usa, Inc. | Machine intelligent isolation of international calling performance degradation |
| US11934401B2 (en) | 2022-08-04 | 2024-03-19 | International Business Machines Corporation | Scalable count based interpretability for database artificial intelligence (AI) |
Family Cites Families (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4769761A (en) | 1986-10-09 | 1988-09-06 | International Business Machines Corporation | Apparatus and method for isolating and predicting errors in a local area network |
| JP3767954B2 (ja) * | 1996-11-07 | 2006-04-19 | 富士通株式会社 | 需要予測装置 |
| US6035348A (en) * | 1997-06-30 | 2000-03-07 | Sun Microsystems, Inc. | Method for managing multiple ordered sets by dequeuing selected data packet from single memory structure |
| US6269362B1 (en) | 1997-12-19 | 2001-07-31 | Alta Vista Company | System and method for monitoring web pages by comparing generated abstracts |
| US6611726B1 (en) * | 1999-09-17 | 2003-08-26 | Carl E. Crosswhite | Method for determining optimal time series forecasting parameters |
| WO2001031514A2 (en) | 1999-10-28 | 2001-05-03 | General Electric Company | A process for the monitoring and diagnostics of data from a remote asset |
| US7246370B2 (en) * | 2000-01-07 | 2007-07-17 | Security, Inc. | PDstudio design system and method |
| US6731990B1 (en) | 2000-01-27 | 2004-05-04 | Nortel Networks Limited | Predicting values of a series of data |
| DE60113218T2 (de) | 2000-11-08 | 2006-07-06 | Infonet Services Corp., A California Corp., El Segundo | Verfahren und Vorrichtung für automatische Dienststufenübereinkommen |
| US6952696B1 (en) * | 2000-11-28 | 2005-10-04 | Altera Corporation | Data structure and method for sorting using heap-supernodes |
| US7068998B2 (en) * | 2001-04-13 | 2006-06-27 | Northrop Grumman Corp. | Methodology for the detection of intrusion into radio frequency (RF) based networks including tactical data links and the tactical internet |
| US20020181419A1 (en) * | 2001-06-01 | 2002-12-05 | Tao Zhang | Method for handoff in multimedia wireless networks |
| US7158961B1 (en) * | 2001-12-31 | 2007-01-02 | Google, Inc. | Methods and apparatus for estimating similarity |
| US6928472B1 (en) * | 2002-07-23 | 2005-08-09 | Network Physics | Method for correlating congestion to performance metrics in internet traffic |
| GB0228447D0 (en) * | 2002-12-06 | 2003-01-08 | Nicholls Charles M | System for detecting and interpreting transactions events or changes in computer systems |
| US7617115B2 (en) * | 2003-02-11 | 2009-11-10 | Cerner Innovation, Inc. | System and method for risk-adjusting indicators of access and utilization based on metrics of distance and time |
| US7150044B2 (en) * | 2003-03-10 | 2006-12-12 | Mci, Llc | Secure self-organizing and self-provisioning anomalous event detection systems |
| WO2008148099A1 (en) * | 2007-05-25 | 2008-12-04 | New Jersey Institute Of Technology | Method and system to mitigate low rate denial of service (dos) attacks |
| US8321579B2 (en) * | 2007-07-26 | 2012-11-27 | International Business Machines Corporation | System and method for analyzing streams and counting stream items on multi-core processors |
-
2004
- 2004-06-14 US US10/867,265 patent/US7751325B2/en not_active Expired - Fee Related
- 2004-08-06 DE DE602004004609T patent/DE602004004609T2/de active Active
- 2004-08-06 EP EP04103814A patent/EP1507360B1/de not_active Expired - Fee Related
- 2004-08-13 JP JP2004235759A patent/JP2005065294A/ja active Pending
Also Published As
| Publication number | Publication date |
|---|---|
| DE602004004609T2 (de) | 2007-11-22 |
| US7751325B2 (en) | 2010-07-06 |
| EP1507360B1 (de) | 2007-02-07 |
| JP2005065294A (ja) | 2005-03-10 |
| US20050039086A1 (en) | 2005-02-17 |
| EP1507360A1 (de) | 2005-02-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| DE602004004609D1 (de) | Verfahren und Vorrichtung für die Modell-basierte Erkennung von Veränderungen von Netzwerkverkehr | |
| DE602004010984D1 (de) | Vorrichtung, System und Verfahren für die Anzeige von einem Verkehrszustand | |
| DE602005012015D1 (de) | Vorrichtung und Verfahren zur Verarbeitung von Verkehrsinformationen | |
| DE602004011153D1 (de) | Eine Vorrichtung, System und Verfahren für die Verarbeitung von statistischen Verkehrsinformationen | |
| DE602005022008D1 (de) | Gerät und Verfahren zur Verarbeitung von markierten Flüssen in einem Kommunikationszugangsnetzwerk | |
| DE60134383D1 (de) | Vorrichtung und Verfahren zum Sammeln von Datenverkehrsinformationen | |
| DE60311677D1 (de) | Verfahren und vorrichtung zur durchführung von netzwerkverarbeitungsfunktionen | |
| DE602004027325D1 (de) | Vorrichtung und Verfahren zur Vorverarbeitung für Bildzeichenerkennung | |
| DE602004017948D1 (de) | Vorrichtung und Verfahren zur Wiedergabe von Ereignisvorkommnisinformationen | |
| DE602004029853D1 (de) | Vorrichtung und Verfahren zur Aufbereitung von Proben | |
| DE60303763D1 (de) | Verfahren und Vorrichtung zur Berechnung von Mehrfachsendungsleitwegen | |
| DE60318651D1 (de) | Verfahren und Vorrichtung zur dynamischen Konfigurationsverwaltung | |
| DE602005009884D1 (de) | Verfahren und Vorrichtung zur Entfernung von Stickstoff aus Abwasser | |
| DE602004002495D1 (de) | Vorrichtung und Verfahren zur Berechnung von Klopfindexwerten | |
| DE602005026347D1 (de) | Vorrichtung und Verfahren zur Verarbeitung von urheberrechtlich geschützten Daten | |
| DE602004025322D1 (de) | Verfahren und Vorrichtung für die Spinnvliesherstellung | |
| DE60304078D1 (de) | Verfahren und Vorrichtung zur Durchfürung von Interfrequenz-Messungen | |
| DE60319370D1 (de) | Verfahren und vorrichtung für genaue phasendetektion | |
| DE602005000282D1 (de) | Verfahren und Vorrichtung zur automatischen Erkennung der Bitrate von CAN-Bus-Netzwerk | |
| DE60131949D1 (de) | Verfahren und Vorrichtung für Grauwertänderungen | |
| DE602004009656D1 (de) | Vorrichtung und Verfahren zur gemeinsamen Nutzung von Diensten in einem Netzwerk | |
| DE60333896D1 (de) | Verfahren und Vorrichtung für Rückwärtswiedergabe | |
| DE60313244D1 (de) | Vorrichtung und Verfahren zur Verkehrsmessung | |
| DE60205450D1 (de) | Verfahren und Vorrichtung für die Bereitstellung von Konfigurationsdaten | |
| DE60208817D1 (de) | Verfahren und Vorrichtung zur Buchstabenseparation für deren Erkennung |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 8364 | No opposition during term of opposition |