Graph-based techniques for detecting coordinated network attacks

Invention Grant

US09942252B1 Graph-based techniques for detecting coordinated network attacks 有权

Please log in to see more content

Patent Title: Graph-based techniques for detecting coordinated network attacks
Application No.: US14976168

Application Date: 2015-12-21
Publication No.: US09942252B1

Publication Date: 2018-04-10
Inventor: Anirudh Kondaveeti , Jin Yu
Applicant: EMC Corporation
Applicant Address: US MA Hopkinton
Assignee: EMC IP Holding Co. LLC
Current Assignee: EMC IP Holding Co. LLC
Current Assignee Address: US MA Hopkinton
Agent Barry N. Young
Main IPC: G06F11/00
IPC: G06F11/00 ; G06F12/14 ; G08B23/00 ; H04L29/06

Graph-based techniques for detecting coordinated network attacks

Abstract:

One or more proxy logs are processed in order to generate a graph of domains, wherein those domain pairs in the graph that are connected have low support and high confidence. One or more domains within the graph that are highly connected to other domains in the graph are identified. The identified domains are flagged as suspicious domains.

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F11/00	错误检测；错误校正；监控（在记录载体上作出核对其正确性的方法或装置入G06K5/00；基于记录载体和传感器之间的相对运动而实现的信息存储中所用的方法或装置入G11B，例如G11B20/18；静态存储中所用的方法或装置入G11C29/00）