公开(公告)号：US20110173359A1

公开(公告)日：2011-07-14

申请号：US13037870

申请日：2011-03-01

Applicant: Dipto CHAKRAVARTY ,  Usman Choudhary ,  Ofer Zajicek ,  Srinivasa Phanindra Mallapragada ,  John Paul Gassner ,  Frank Anthony Pellegrino ,  John Melvin Antony ,  Tao Yu ,  Michael Howard Cooper ,  William Matthew Weiner ,  Magdalence Ramona Merritt ,  Peng Liu ,  Raghunath Boyalakuntla ,  Srivani Sangita ,  Vasile Adiaconitei ,  Shahid Saied Malik ,  Karthik Ramu ,  Prathap Adusumilli ,  Walter Mathews ,  Adedoyin Akinnurun ,  Brett Hankins

Inventor： Dipto CHAKRAVARTY ,  Usman Choudhary ,  Ofer Zajicek ,  Srinivasa Phanindra Mallapragada ,  John Paul Gassner ,  Frank Anthony Pellegrino ,  John Melvin Antony ,  Tao Yu ,  Michael Howard Cooper ,  William Matthew Weiner ,  Magdalence Ramona Merritt ,  Peng Liu ,  Raghunath Boyalakuntla ,  Srivani Sangita ,  Vasile Adiaconitei ,  Shahid Saied Malik ,  Karthik Ramu ,  Prathap Adusumilli ,  Walter Mathews ,  Adedoyin Akinnurun ,  Brett Hankins

IPC: G06F13/14

CPC classification number: G06F9/542 ,  G06F2209/544

Abstract: A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport unit, responsive to the security events in the message bus, to transport the plurality of security events in the message bus to a plurality of subscribers.

Abstract translation: 计算机实现的设备向发布者提供安全事件给用户。 提供了一种消息总线，其被配置为包含多个安全事件。 还提供了响应于多个发布者从发布者接收多个安全事件的接收器单元。 还存在响应于接收到安全事件的队列单元来排队消息总线中的多个安全事件。 此外，存在响应于消息总线中的安全事件的传送单元，将消息总线中的多个安全事件传送到多个订户。

公开(公告)号：US20130055145A1

公开(公告)日：2013-02-28

申请号：US13219843

申请日：2011-08-29

Applicant: John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli ,  Usman Choudhary

Inventor： John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli ,  Usman Choudhary

IPC: G06F3/048

CPC classification number: G05B19/41875 ,  G05B23/024 ,  H04L63/1408

Abstract: Apparatus, systems, and methods may operate to generate a reference statistical model of an operating system, such as a computer system, and display the reference statistical model as a hierarchical, segmented time series event stream graph, along with a graph representing current behavior of the system. The event stream graph may be derived from one or more streams of security events. Additional operations may include receiving requests to display further detail respecting discrepancies between the reference statistical model and the current behavior. Other apparatus, systems, and methods are disclosed.

Abstract translation: 设备，系统和方法可以操作以产生诸如计算机系统的操作系统的参考统计模型，并且将参考统计模型显示为分层的，分段的时间序列事件流图，以及表示当前行为的图 系统。 事件流图可以从一个或多个安全事件流导出。 附加操作可以包括接收关于参考统计模型和当前行为之间的差异的进一步细节的请求。 公开了其他装置，系统和方法。

公开(公告)号：US08966392B2

公开(公告)日：2015-02-24

申请号：US13219843

申请日：2011-08-29

Applicant: John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli ,  Usman Choudhary

Inventor： John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli ,  Usman Choudhary

IPC: G09G5/14 ,  G05B19/418 ,  G05B23/02 ,  H04L29/06

CPC classification number: G05B19/41875 ,  G05B23/024 ,  H04L63/1408

Abstract: Apparatus, systems, and methods may operate to generate a reference statistical model of an operating system, such as a computer system, and display the reference statistical model as a hierarchical, segmented time series event stream graph, along with a graph representing current behavior of the system. The event stream graph may be derived from one or more streams of security events. Additional operations may include receiving requests to display further detail respecting discrepancies between the reference statistical model and the current behavior. Other apparatus, systems, and methods are disclosed.

Abstract translation: 装置，系统和方法可以操作以产生诸如计算机系统的操作系统的参考统计模型，并且将参考统计模型显示为分层的，分段的时间序列事件流图，以及表示当前行为的图 系统。 事件流图可以从一个或多个安全事件流导出。 附加操作可以包括接收关于参考统计模型和当前行为之间的差异的进一步细节的请求。 公开了其他装置，系统和方法。

公开(公告)号：US07926099B1

公开(公告)日：2011-04-12

申请号：US11317231

申请日：2005-12-27

Applicant: Dipto Chakravarty ,  Usman Choudhary ,  Ofer Zajicek ,  Srinivasa Phanindra Mallapragada ,  John Paul Gassner ,  Frank Anthony Pellegrino ,  John Melvin Antony ,  Tao Yu ,  Michael Howard Cooper ,  William Matthew Weiner ,  Magdalene Ramona Merritt ,  Peng Liu ,  Raghunath Boyalakuntla ,  Srivani Sangita ,  Vasile Adiaconitei ,  Shahid Saied Malik ,  Karthik Ramu ,  Prathap Adusumilli ,  Walter Mathews ,  Adedoyin Akinnurun ,  Brett Hankins

Inventor： Dipto Chakravarty ,  Usman Choudhary ,  Ofer Zajicek ,  Srinivasa Phanindra Mallapragada ,  John Paul Gassner ,  Frank Anthony Pellegrino ,  John Melvin Antony ,  Tao Yu ,  Michael Howard Cooper ,  William Matthew Weiner ,  Magdalene Ramona Merritt ,  Peng Liu ,  Raghunath Boyalakuntla ,  Srivani Sangita ,  Vasile Adiaconitei ,  Shahid Saied Malik ,  Karthik Ramu ,  Prathap Adusumilli ,  Walter Mathews ,  Adedoyin Akinnurun ,  Brett Hankins

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/00

CPC classification number: G06F9/542 ,  G06F2209/544

Abstract: A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport unit, responsive to the security events in the message bus, to transport the plurality of security events in the message bus to a plurality of subscribers.

Abstract translation: 计算机实现的设备向发布者提供安全事件给用户。 提供了一种消息总线，其被配置为包含多个安全事件。 还提供了响应于多个发布者从发布者接收多个安全事件的接收器单元。 还存在响应于接收到安全事件的队列单元来排队消息总线中的多个安全事件。 此外，存在响应于消息总线中的安全事件的传送单元，将消息总线中的多个安全事件传送到多个订户。

公开(公告)号：US08595837B2

公开(公告)日：2013-11-26

申请号：US13220377

申请日：2011-08-29

Applicant: John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli

Inventor： John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli

IPC: G06F11/00 ,  G06F21/00 ,  G06F15/16

CPC classification number: G06F21/552 ,  G06F21/577

Abstract: Apparatus, systems, and methods may operate to receive multiple security event data streams from a plurality of hardware processing nodes, the multiple security event data streams comprising multiple security events. Additional operations may include extracting multiple security events from multiple security event data streams, and classifying the extracted multiple security events to form domain-specific, categorized data streams. A hierarchy of statistical data streams may then be generated from the domain-specific, categorized data streams. Additional apparatus, systems, and methods are disclosed.

Abstract translation: 设备，系统和方法可以操作以从多个硬件处理节点接收多个安全事件数据流，所述多个安全事件数据流包括多个安全事件。 附加操作可以包括从多个安全事件数据流中提取多个安全事件，并且将所提取的多个安全事件分类以形成特定于域的分类数据流。 然后可以从特定于领域的分类数据流生成统计数据流的层级。 公开了附加装置，系统和方法。

公开(公告)号：US20130055385A1

公开(公告)日：2013-02-28

申请号：US13220377

申请日：2011-08-29

Applicant: John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli

Inventor： John Melvin Antony ,  Paul Apostolescu ,  Pattabiraman Srinivasan ,  Prathap Adusumilli

IPC: G06F21/20

CPC classification number: G06F21/552 ,  G06F21/577

Abstract: Apparatus, systems, and methods may operate to receive multiple security event data streams from a plurality of hardware processing nodes, the multiple security event data streams comprising multiple security events. Additional operations may include extracting multiple security events from multiple security event data streams, and classifying the extracted multiple security events to form domain-specific, categorized data streams. A hierarchy of statistical data streams may then be generated from the domain-specific, categorized data streams. Additional apparatus, systems, and methods are disclosed.

Abstract translation: 设备，系统和方法可以操作以从多个硬件处理节点接收多个安全事件数据流，所述多个安全事件数据流包括多个安全事件。 附加操作可以包括从多个安全事件数据流中提取多个安全事件，并且将所提取的多个安全事件分类以形成特定于域的分类数据流。 然后可以从特定于领域的分类数据流生成统计数据流的层级。 公开了附加装置，系统和方法。