[go: up one dir, main page]

EP3281116A4 - Systems and methods for generating network threat intelligence - Google Patents

Systems and methods for generating network threat intelligence Download PDF

Info

Publication number
EP3281116A4
EP3281116A4 EP16777161.7A EP16777161A EP3281116A4 EP 3281116 A4 EP3281116 A4 EP 3281116A4 EP 16777161 A EP16777161 A EP 16777161A EP 3281116 A4 EP3281116 A4 EP 3281116A4
Authority
EP
European Patent Office
Prior art keywords
systems
methods
threat intelligence
generating network
network threat
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP16777161.7A
Other languages
German (de)
French (fr)
Other versions
EP3281116A1 (en
Inventor
Skyler J. Bingham
Mahendra K. Chandrakar
Lawrence W. Gowin
Ryan T. Korte
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Level 3 Communications LLC
Original Assignee
Level 3 Communications LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US14/683,964 external-priority patent/US20150215334A1/en
Application filed by Level 3 Communications LLC filed Critical Level 3 Communications LLC
Publication of EP3281116A1 publication Critical patent/EP3281116A1/en
Publication of EP3281116A4 publication Critical patent/EP3281116A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
EP16777161.7A 2015-04-10 2016-04-06 Systems and methods for generating network threat intelligence Withdrawn EP3281116A4 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/683,964 US20150215334A1 (en) 2012-09-28 2015-04-10 Systems and methods for generating network threat intelligence
PCT/US2016/026131 WO2016164403A1 (en) 2015-04-10 2016-04-06 Systems and methods for generating network threat intelligence

Publications (2)

Publication Number Publication Date
EP3281116A1 EP3281116A1 (en) 2018-02-14
EP3281116A4 true EP3281116A4 (en) 2018-08-15

Family

ID=57072871

Family Applications (1)

Application Number Title Priority Date Filing Date
EP16777161.7A Withdrawn EP3281116A4 (en) 2015-04-10 2016-04-06 Systems and methods for generating network threat intelligence

Country Status (4)

Country Link
EP (1) EP3281116A4 (en)
CA (1) CA2982107A1 (en)
HK (1) HK1249603A1 (en)
WO (1) WO2016164403A1 (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3574412B1 (en) * 2017-01-27 2023-04-05 Level 3 Communications, LLC System and method for scrubbing dns in a telecommunications network to mitigate attacks
US10778645B2 (en) 2017-06-27 2020-09-15 Microsoft Technology Licensing, Llc Firewall configuration manager
US12118492B2 (en) 2019-09-20 2024-10-15 Privva, Inc. Methods and apparatus for data-driven vendor risk assessment
US11616796B2 (en) * 2019-11-11 2023-03-28 Volterra, Inc. System and method to protect resource allocation in stateful connection managers
CN111125539B (en) * 2019-12-31 2024-02-02 武汉市烽视威科技有限公司 CDN harmful information blocking method and system based on artificial intelligence
CN112153009A (en) * 2020-08-28 2020-12-29 杭州安恒信息技术股份有限公司 IP address processing method, device, electronic device and storage medium
CN112272179B (en) * 2020-10-23 2022-02-22 新华三信息安全技术有限公司 Network security processing method, device, equipment and machine readable storage medium
CN113726826B (en) * 2021-11-04 2022-06-17 北京微步在线科技有限公司 Method and device for generating threat intelligence
US12373568B2 (en) * 2022-06-29 2025-07-29 Microsoft Technology Licensing, Llc Malicious activity probability determinations for autonomous systems
US11968123B1 (en) 2022-12-08 2024-04-23 F5, Inc. Methods for allocating a traffic load and devices thereof
CN115865526B (en) * 2023-02-20 2023-05-30 国家工业信息安全发展研究中心 Industrial Internet security detection method and system based on cloud edge cooperation
CN116760636A (en) * 2023-08-16 2023-09-15 国网江苏省电力有限公司信息通信分公司 An active defense system and method for unknown threats
CN117061199B (en) * 2023-08-29 2025-08-12 广州大学 IP reputation calculation method, device and medium integrating honey spot perception
US12432143B2 (en) 2023-09-26 2025-09-30 F5, Inc. System and methods for selectively routing packets and devices thereof
CN118250105B (en) * 2024-05-29 2024-08-06 北京长亭科技有限公司 Network security protection method, server, security device, system and storage medium
CN120321043B (en) * 2025-06-16 2025-08-19 厘壮信息科技(苏州)有限公司 A network threat detection method and system under dynamic protocol reorganization

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110173699A1 (en) * 2010-01-13 2011-07-14 Igal Figlin Network intrusion detection with distributed correlation
US20130074143A1 (en) * 2011-09-15 2013-03-21 Mcafee, Inc. System and method for real-time customized threat protection
US20130254260A1 (en) * 2012-03-22 2013-09-26 Akamai Technologies Inc. Network threat assessment system with servers performing message exchange accounting
US20140059683A1 (en) * 2012-08-22 2014-02-27 International Business Machines Corporation Cooperative intrusion detection ecosystem for IP reputation-based security
US8881281B1 (en) * 2014-05-29 2014-11-04 Singularity Networks, Inc. Application and network abuse detection with adaptive mitigation utilizing multi-modal intelligence data

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8806632B2 (en) * 2008-11-17 2014-08-12 Solarwinds Worldwide, Llc Systems, methods, and devices for detecting security vulnerabilities in IP networks
HK1213107A1 (en) * 2012-09-28 2016-06-24 Level 3 Communications, Llc Apparatus, system and method for identifying and mitigating malicious network threats

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110173699A1 (en) * 2010-01-13 2011-07-14 Igal Figlin Network intrusion detection with distributed correlation
US20130074143A1 (en) * 2011-09-15 2013-03-21 Mcafee, Inc. System and method for real-time customized threat protection
US20130254260A1 (en) * 2012-03-22 2013-09-26 Akamai Technologies Inc. Network threat assessment system with servers performing message exchange accounting
US20140059683A1 (en) * 2012-08-22 2014-02-27 International Business Machines Corporation Cooperative intrusion detection ecosystem for IP reputation-based security
US8881281B1 (en) * 2014-05-29 2014-11-04 Singularity Networks, Inc. Application and network abuse detection with adaptive mitigation utilizing multi-modal intelligence data

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MANOS ANTONAKAKIS ET AL: "Building a Dynamic Reputation System for DNS", USENIX,, 4 June 2010 (2010-06-04), pages 1 - 17, XP061011124 *
See also references of WO2016164403A1 *

Also Published As

Publication number Publication date
EP3281116A1 (en) 2018-02-14
HK1249603A1 (en) 2018-11-02
CA2982107A1 (en) 2016-10-13
WO2016164403A1 (en) 2016-10-13

Similar Documents

Publication Publication Date Title
EP3281116A4 (en) Systems and methods for generating network threat intelligence
EP3105888A4 (en) Network security systems and methods
EP3391620A4 (en) Systems and methods for secure multi-party communications using a proxy
EP3175579A4 (en) Systems and methods for network management
EP3205073A4 (en) Systems and methods for protecting network devices
EP3548456A4 (en) Ethylene-to-liquids systems and methods
EP3360320B8 (en) Projection systems and methods
EP3357249A4 (en) Methods and systems for enabling communications between devices
EP3289476A4 (en) Computer network security system
EP3157466A4 (en) Prostheticcapsular devices, systems, and methods
EP3245380A4 (en) Externally-orientated internally-corrected perforating gun system and method
EP3417314A4 (en) Systems, methods and devices for geo-localization
EP3108375A4 (en) Resource management systems and methods
EP3234852A4 (en) Systems and methods for using extended hardware security modules
GB2529509B (en) Adaptive beam forming devices, methods, and systems
EP3100405A4 (en) Systems and methods for protecting communications
EP3335161A4 (en) Systems and methods for creating and using higher degree interactions between quantum devices
EP3259726A4 (en) Cloud encryption key broker apparatuses, methods and systems
EP3238369A4 (en) Systems and methods for authentication using multiple devices
EP3092286A4 (en) Ethylene-to-liquids systems and methods
EP3129903A4 (en) Systems and methods for fault tolerant communications
EP3134816A4 (en) Threat and defense evasion modeling system and method
EP3238109A4 (en) Systems and methods for generating virtual contexts
EP3132356A4 (en) Systems and methods for generating network intelligence through real-time analytics
EP3143582A4 (en) Social relation management apparatuses, methods and systems

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20170926

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20180718

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 12/00 20060101AFI20180712BHEP

Ipc: H04L 29/06 20060101ALI20180712BHEP

Ipc: H04W 12/12 20090101ALI20180712BHEP

REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1249603

Country of ref document: HK

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20190214

REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1249603

Country of ref document: HK