-
公开(公告)号:WO2018071625A1
公开(公告)日:2018-04-19
申请号:PCT/US2017/056270
申请日:2017-10-12
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: CHEN, Zhengzhang , TANG, LuAn , LIN, Ying , LI, Zhichun , CHEN, Haifeng , JIANG, Guofei
CPC classification number: H04L63/1425 , G06F21/55 , G06F21/57 , G06N7/005 , H04L63/20
Abstract: Methods and systems for detecting security intrusions include detecting alerts in monitored system data. Temporal dependencies are determined (306) between the alerts based on a prefix tree formed from the detected alerts. Content dependencies between the alerts are determined (308) based on a distance between alerts in a graph representation of the detected alerts. The alerts are ranked (310) based on an optimization problem that includes the temporal dependencies and the content dependencies. A security management action (614) is performed based on the ranked alerts.
Abstract translation: 用于检测安全入侵的方法和系统包括检测所监视的系统数据中的警报。 基于由检测到的警报形成的前缀树,在警报之间确定(306)时间依赖性。 基于检测到的警报的图表表示中的警报之间的距离来确定(308)警报之间的内容依赖性。 基于包括时间依赖性和内容依赖性的优化问题对警报进行排名(310)。 基于排名的警报执行安全管理行动(614)。
-
公开(公告)号:WO2017019391A1
公开(公告)日:2017-02-02
申请号:PCT/US2016/043040
申请日:2016-07-20
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: CHEN, Zhengzhang , TANG, LuAn , DONG, Boxiang , JIANG, Guofei , CHEN, Haifeng
IPC: G06F21/55
CPC classification number: G06F21/566 , G06F21/552
Abstract: Methods and systems for detecting malicious processes include modeling system data as a graph comprising vertices that represent system entities and edges that represent events between respective system entities. Each edge has one or more timestamps corresponding respective events between two system entities. A set of valid path patterns that relate to potential attacks is generated. One or more event sequences in the system are determined to be suspicious based on the graph and the valid path patterns using a random walk on the graph.
Abstract translation: 用于检测恶意进程的方法和系统包括将系统数据建模为包括表示系统实体的顶点和表示各个系统实体之间的事件的边的图。 每个边缘具有对应于两个系统实体之间的相应事件的一个或多个时间戳。 产生一组与潜在攻击有关的有效路径模式。 系统中的一个或多个事件序列被确定为可疑的基于图和有效的路径模式使用图形上的随机游走。
-
公开(公告)号:WO2023059868A1
公开(公告)日:2023-04-13
申请号:PCT/US2022/046020
申请日:2022-10-07
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: TANG, LuAn , CHEN, Yuncong , CHENG, Wei , CHEN, Zhengzhang , CHEN, Haifeng , KOBAYASHI, Yuji , REN, Yuxiang
IPC: G06N3/08 , G06N3/04 , G06N7/00 , B60W2420/42 , B60W2540/30 , B60W40/09 , G06F18/25 , G06N3/084
Abstract: Systems and methods for data fusion and analysis of vehicle sensor data, including receiving a multiple modality input data stream from a plurality of different types of vehicle sensors, determining latent features by extracting modality-specific features from the input data stream, and aligning a distribution of the latent features of different modalities by feature-level data fusion. Classification probabilities can be determined for the latent features using a fused modality scene classifier. A tree-organized neural network can be trained to determine path probabilities and issue driving pattern judgments, with the tree-organized neural network including a soft tree model and a hard decision leaf. One or more driving pattern judgments can be issued based on a probability of possible driving patterns derived from the modality-specific features.
-
14.发明申请
公开(公告)号:WO2023059580A1
公开(公告)日:2023-04-13
申请号:PCT/US2022/045602
申请日:2022-10-04
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: CHEN, Haifeng , YU, Wenchao , CHEN, Yuncong , CHEN, Zhengzhang , ZHANG, Xuchao , TANG, LuAn , HE, Zexue
IPC: G06F40/58 , G06F40/56 , G10L15/26 , G10L15/00 , G06F3/16 , G06N20/00 , G06N3/04 , G06F40/30 , G06F40/47 , G06N3/08
Abstract: A computer-implemented method for multi-model representation learning is provided. The method includes encoding, by a trained time series (TS) encoder, an input TS segment into a TS-shared latent representation and a TS-private latent representation. The method further includes generating, by a trained text generator, a natural language text that explains the input TS segment, responsive to the TS-shared latent representation, the TS-private latent representation, and a text-private latent representation.
-
公开(公告)号:WO2021055007A1
公开(公告)日:2021-03-25
申请号:PCT/US2020/022541
申请日:2020-03-13
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: KIM, Chung Hwan , RHEE, Junghwan , YU, Xiao , TANG, LuAn , CHEN, Haifeng , KIM, Kyungtae
Abstract: A computer-implemented method for efficient and scalable enclave protection for machine learning (ML) programs includes tailoring at least one ML program to generate at least one tailored ML program for execution within at least one enclave, and executing the at least one tailored ML program within the at least one enclave.
-
Patent Agency Ranking
公开(公告)号:WO2020060854A1
公开(公告)日:2020-03-26
申请号:PCT/US2019/050974
申请日:2019-09-13
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: TANG, LuAn , NI, Jingchao , CHENG, Wei , CHEN, Haifeng , SONG, Dongjin , ZONG, Bo , YU, Wenchao
Abstract: Systems and methods for implementing dynamic graph analysis (DGA) to detect anomalous network traffic are provided. The method includes processing (510) communications and profile data associated with multiple devices to determine dynamic graphs. The method includes generating (520) features to model temporal behaviors of network traffic generated by the multiple devices based on the dynamic graphs. The method also includes formulating (550) a list of prediction results for sources of the anomalous network traffic from the multiple devices based on the temporal behaviors.
-
公开(公告)号:WO2017176676A1
公开(公告)日:2017-10-12
申请号:PCT/US2017/025846
申请日:2017-04-04
Applicant: NEC LABORATORIES AMERICA, INC
Inventor: TANG, LuAn , CHEN, Zhengzhang , JIANG, Guofei , LI, Zhichun , CHEN, Haifeng , YOSHIHIRA, Kenji
Abstract: Methods and systems for reporting anomalous events include intra-host clustering a set of alerts based on a process graph that models states of process-level events in a network. Hidden relationship clustering is performed on the intra-host clustered alerts based on hidden relationships between alerts in respective clusters. Inter-host clustering is performed on the hidden relationship clustered alerts based on a topology graph that models source and destination relationships between connection events in the network. Inter-host clustered alerts that exceed a threshold level of trustworthiness are reported.
Abstract translation: 用于报告异常事件的方法和系统包括基于对网络中的过程级事件的状态建模的过程图的主机内集群化一组警报。 基于各个群集中警报之间的隐藏关系,在主机内群集警报上执行隐藏关系群集。 基于模拟网络中的连接事件之间的源和目标关系的拓扑图,在隐藏关系群集警报上执行主机间群集。 报告超过可信赖阈值水平的主机间群集警报。
-
公开(公告)号:WO2023086533A1
公开(公告)日:2023-05-19
申请号:PCT/US2022/049646
申请日:2022-11-11
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: TANG, LuAn , CHEN, Yuncong , CHENG, Wei , CHEN, Haifeng , CHEN, Zhengzhang , KOBAYASHI, Yuji
Abstract: Systems and methods for defect detection for vehicle operations, including collecting a multiple modality input data stream from a plurality of different types of vehicle sensors, extracting one or more features from the input data stream using a grid-based feature extractor, and retrieving spatial attributes of objects positioned in any of a plurality of cells of the grid-based feature extractor. One or more anomalies are detected based on residual scores generated by each of cross attention-based anomaly detection and time-series-based anomaly detection. One or more defects are identified based on a generated overall defect score determined by integrating the residual scores for the cross attention-based anomaly detection and the time-series based anomaly detection being above a predetermined defect score threshold. Operation of the vehicle is controlled based on the one or more defects identified.
-
公开(公告)号:WO2022055783A1
公开(公告)日:2022-03-17
申请号:PCT/US2021/048817
申请日:2021-09-02
Applicant: NEC LABORATORIES AMERICA, INC. , NEC CORPORATION
Inventor: TANG, LuAn , CHENG, Wei , CHEN, Haifeng , KOBAYASHI, Yuji , CHEN, Zhengzhang
Abstract: A method for early warning is provided. The method clusters (810) normal historical data of normal cars into groups based on the car subsystem to which they belong. The method extracts (820) (i) features based on group membership and (ii) feature correlations based on correlation graphs formed from the groups. The method trains (830) an Auto-Encoder and Auto Decoder (AE&AD) model based on the features and the feature correlations to reconstruct the normal historical data with minimum reconstruction errors. The method reconstructs (840), using the trained AE&AD model, historical data of specific car fault types with reconstruction errors, normalizes the reconstruction errors, and selects features of the car faults with a top k large errors as fault signatures. The method reconstructs (850) streaming data of monitored cars using the trained AE&AD model to determine streaming reconstruction errors, comparing the streaming reconstruction errors with the fault signatures to predict and provide alerts for impending known faults.
-
公开(公告)号:WO2021225841A1
公开(公告)日:2021-11-11
申请号:PCT/US2021/029583
申请日:2021-04-28
Applicant: NEC LABORATORIES AMERICA, INC.
Inventor: TANG, LuAn , CHEN, Haifeng , CHENG, Wei , RHEE, Junghwan , KAMIMURA, Jumpei
Abstract: Methods and systems for training a neural network model include processing (302) a set of normal state training data and a set of fault state training data to generate respective normal state inputs and fault state inputs that each include data features and sensor correlation graph information. A neural network model is trained (304), using the normal state inputs and the fault state inputs, to generate a fault score that provides a similarity of an input to the fault state training data and an anomaly score that provides a dissimilarity of the input to the normal state training data.
-
-
-
-
-
-
-
-
-
Search Results
25
records
(took 0.03 seconds)
