公开(公告)号：GB2455201A

公开(公告)日：2009-06-03

申请号：GB0821799

申请日：2008-11-28

Applicant: BANK OF AMERICA

Inventor： ZHOU MIAN ,  CATLETT SEAN KENRIC

IPC: G06F21/00

Abstract: A system and method for analyzing Intrusion Detection System (IDS) alert data associated with a computer network. The method includes applying first association rules to obtained IDS alert data associated with a computer network and processing the obtained IDS alert data with the first association rules. Analyst feedback data associated with the processed obtained IDS alert data is received, and a training data set from the analyst feedback data is received. New association rules are determined based upon the training data set, and the new association rules are outputted to a display of a computing device. Outputting the new association rules may include outputting patterns within the IDS alert data of false positive alerts. The new association rules may be applied back to the obtained IDS alert data.

公开(公告)号：GB2457573A

公开(公告)日：2009-08-26

申请号：GB0902485

申请日：2009-02-13

Applicant: BANK OF AMERICA

Inventor： TREADWELL WILLIAM S ,  CATLETT SEAN KENRIC

IPC: G06F17/24 ,  G06F17/21 ,  G06F17/27

Abstract: Rules 206 defining a set of expression patterns - e.g. search patterns or regular expressions - represent predetermined confidential information. The rules are loaded 204 into a computerised document production/editing application, e.g. Microsoft ¹ Word, and a document 210 is analysed for the presence of at least one of the patterns, detection being indicated visually. The application includes an inline module to monitor 212 occurrences of the patterns. Rules are served from a rules server and the expression patterns are incorporated into the application via a plug-in. One of the patterns may define the format of a US social security number, being 9 numeric characters in 3 hyphen-separated groups distributed over 11 character positions, e.g. 123-45-6789. A detected expression pattern may be modified according to a predetermined format or style or may be otherwise redacted, perhaps according to a user- or system-defined template. The analysis may proceed without knowledge of the document user.