[go: up one dir, main page]

GB2563280B - Anomaly detection in computer networks - Google Patents

Anomaly detection in computer networks Download PDF

Info

Publication number
GB2563280B
GB2563280B GB1709228.9A GB201709228A GB2563280B GB 2563280 B GB2563280 B GB 2563280B GB 201709228 A GB201709228 A GB 201709228A GB 2563280 B GB2563280 B GB 2563280B
Authority
GB
United Kingdom
Prior art keywords
computer networks
anomaly detection
anomaly
detection
networks
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
GB1709228.9A
Other versions
GB201709228D0 (en
GB2563280A (en
Inventor
Servajean Maximilien
Cheng Yipeng
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
British Telecommunications PLC
Original Assignee
British Telecommunications PLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by British Telecommunications PLC filed Critical British Telecommunications PLC
Priority to GB1709228.9A priority Critical patent/GB2563280B/en
Publication of GB201709228D0 publication Critical patent/GB201709228D0/en
Publication of GB2563280A publication Critical patent/GB2563280A/en
Application granted granted Critical
Publication of GB2563280B publication Critical patent/GB2563280B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • G06N3/0455Auto-encoder networks; Encoder-decoder networks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/047Probabilistic or stochastic networks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/084Backpropagation, e.g. using gradient descent
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N7/00Computing arrangements based on specific mathematical models
    • G06N7/01Probabilistic graphical models, e.g. probabilistic networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • General Health & Medical Sciences (AREA)
  • Evolutionary Computation (AREA)
  • Data Mining & Analysis (AREA)
  • Artificial Intelligence (AREA)
  • Health & Medical Sciences (AREA)
  • Biophysics (AREA)
  • Molecular Biology (AREA)
  • Computational Linguistics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biomedical Technology (AREA)
  • Probability & Statistics with Applications (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Pure & Applied Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Optimization (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
GB1709228.9A 2017-06-09 2017-06-09 Anomaly detection in computer networks Active GB2563280B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1709228.9A GB2563280B (en) 2017-06-09 2017-06-09 Anomaly detection in computer networks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1709228.9A GB2563280B (en) 2017-06-09 2017-06-09 Anomaly detection in computer networks

Publications (3)

Publication Number Publication Date
GB201709228D0 GB201709228D0 (en) 2017-07-26
GB2563280A GB2563280A (en) 2018-12-12
GB2563280B true GB2563280B (en) 2021-05-26

Family

ID=59358165

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1709228.9A Active GB2563280B (en) 2017-06-09 2017-06-09 Anomaly detection in computer networks

Country Status (1)

Country Link
GB (1) GB2563280B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3919996A1 (en) 2020-06-02 2021-12-08 Siemens Aktiengesellschaft Method and apparatus for monitoring of industrial devices

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2833594A1 (en) * 2013-07-31 2015-02-04 Siemens Aktiengesellschaft Feature based three stage neural networks intrusion detection method and system
US20160127405A1 (en) * 2014-10-29 2016-05-05 Ricoh Company, Ltd. Information processing system, information processing apparatus, and information processing method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2833594A1 (en) * 2013-07-31 2015-02-04 Siemens Aktiengesellschaft Feature based three stage neural networks intrusion detection method and system
US20160127405A1 (en) * 2014-10-29 2016-05-05 Ricoh Company, Ltd. Information processing system, information processing apparatus, and information processing method

Also Published As

Publication number Publication date
GB201709228D0 (en) 2017-07-26
GB2563280A (en) 2018-12-12

Similar Documents

Publication Publication Date Title
IL272764A (en) Improved anomaly detection
IL296189B2 (en) Virus-free cell lines and methods for obtaining same
EP3731489B8 (en) Improved network anomaly detection
IL253523A0 (en) Proactive emerging threat detection
GB2537457B (en) Anomaly detection in industrial communications networks
ZA201606180B (en) FAULT PROCESSING METHOD, RELATED apparatus ,AND COMPUTER
SG11201803568VA (en) Anomaly detection in a data stream
EP3144839A4 (en) Detection device, detection method and detection program
EP3296722A4 (en) Detection device and detection method
EP3159823A4 (en) Vulnerability detection device, vulnerability detection method, and vulnerability detection program
EP3101436A4 (en) Interface insertion anomaly detection circuit and method
EP3369382A4 (en) Elasticity detection method and device
EP3113061A4 (en) Attack detection device, attack detection method, and attack detection program
GB201419814D0 (en) Data traffic processing and analysis
EP3139550A4 (en) Attack detection device, attack detection method, and attack detection program
GB201316143D0 (en) Network anomaly detection
GB201418499D0 (en) Malware detection method
GB201713977D0 (en) Anomaly detection
EP3176724A4 (en) Tag detection program, equipment inspection device and equipment inspection method
EP3159693A4 (en) Detection device and method, and program
EP3191840A4 (en) Metal-antibody tagging and plasma-based detection
EP3376468A4 (en) Object detection device and object detection method
GB201519164D0 (en) Improved malware detection
EP3321688A4 (en) Detection device and detection method
EP3255452A4 (en) Detection device and detection method