Hellerstein, 2007 - Google Patents
Efficient Analysis of Live and Historical Streaming Data and its Application to CybersecurityHellerstein, 2007
- Document ID
- 2069756746410038361
- Author
- Hellerstein J
- Publication year
External Links
- 238000004458 analytical method 0 title description 27
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
- G06F17/30424—Query processing
- G06F17/30477—Query execution
- G06F17/30483—Query execution of query operations
- G06F17/30486—Unary operations; data partitioning operations
- G06F17/30489—Aggregation and duplicate elimination
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30312—Storage and indexing structures; Management thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30289—Database design, administration or maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3466—Performance evaluation by tracing or monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/30144—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Error detection; Error correction; Monitoring responding to the occurence of a fault, e.g. fault tolerance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hassan et al. | Tactical provenance analysis for endpoint detection and response systems | |
| US12206696B1 (en) | Detecting anomalies in a network environment | |
| US11989707B1 (en) | Assigning raw data size of source data to storage consumption of an account | |
| Hossain et al. | {Dependence-Preserving} data compaction for scalable forensic analysis | |
| Hassan et al. | Towards scalable cluster auditing through grammatical inference over provenance graphs | |
| Reiss et al. | Enabling real-time querying of live and historical stream data | |
| Xie et al. | Pagoda: A hybrid approach to enable efficient real-time provenance based intrusion detection in big data environments | |
| Zhu et al. | General, efficient, and real-time data compaction strategy for apt forensic analysis | |
| US10984010B2 (en) | Query summary generation using row-column data storage | |
| Zhu et al. | Aptshield: A stable, efficient and real-time apt detection system for linux hosts | |
| Dong et al. | {DISTDET}: A {Cost-Effective} distributed cyber threat detection system | |
| EP2939173B1 (en) | Real-time representation of security-relevant system state | |
| US9922113B2 (en) | Systems and methods for indexing and aggregating data records | |
| US8984633B2 (en) | Automated security analytics platform with visualization agnostic selection linked portlets | |
| CN104871171B (en) | Distributed mode is found | |
| CN112287340B (en) | Evidence obtaining and tracing method and device for terminal attack and computer equipment | |
| Baumgärtner et al. | Complex event processing for reactive security monitoring in virtualized computer systems | |
| CN115543951B (en) | A Log Collection, Compression and Storage Method Based on Origin Graph | |
| Gandhi et al. | Shield: Apt detection and intelligent explanation using llm | |
| Reiss et al. | Efficient analysis of live and historical streaming data and its application to cybersecurity | |
| Hellerstein | Efficient Analysis of Live and Historical Streaming Data and its Application to Cybersecurity | |
| Sun et al. | AudiTrim: A Real-time, General, Efficient, and Low-overhead Data Compaction System for Intrusion Detection | |
| Wu | Efficient analysis of live and historical streaming data and its application to cybersecurity | |
| Nissan | MemTraceDB: Reconstructing MySQL User Activity Using ActiviTimeTrace Algorithm | |
| Bi et al. | Tengu: A Distributed Audit Log Storage System |