HK1249603A1 - Systems and methods for generating network threat intelligence - Google Patents
Systems and methods for generating network threat intelligence Download PDFInfo
- Publication number
- HK1249603A1 HK1249603A1 HK18108921.7A HK18108921A HK1249603A1 HK 1249603 A1 HK1249603 A1 HK 1249603A1 HK 18108921 A HK18108921 A HK 18108921A HK 1249603 A1 HK1249603 A1 HK 1249603A1
- Authority
- HK
- Hong Kong
- Prior art keywords
- network
- content distribution
- threat
- methods
- threat intelligence
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Implementations described and claimed herein provide systems and methods for generating threat intelligence based on network security data. In one implementation, a network traffic dataset representative of network traffic for an Internet Protocol address across one or more ports of a primary network is obtained. A content distribution network log associated with a content distribution network is obtained. The content distribution network log includes a history of content requests by the Internet Protocol address. The network traffic dataset is correlated with the content distribution network log based on the Internet Protocol address to obtain network security data. One or more threat attributes representative of malicious activity are identified from the network security data. The one or more threat attributes are weighted. Network threat intelligence is generated based on the weighted threat attributes using a processing cluster.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US14/683,964 US20150215334A1 (en) | 2012-09-28 | 2015-04-10 | Systems and methods for generating network threat intelligence |
| US14/683,964 | 2015-04-10 | ||
| PCT/US2016/026131 WO2016164403A1 (en) | 2015-04-10 | 2016-04-06 | Systems and methods for generating network threat intelligence |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK1249603A1 true HK1249603A1 (en) | 2018-11-02 |
Family
ID=57072871
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| HK18108921.7A HK1249603A1 (en) | 2015-04-10 | 2016-04-06 | Systems and methods for generating network threat intelligence |
Country Status (4)
| Country | Link |
|---|---|
| EP (1) | EP3281116A4 (en) |
| CA (1) | CA2982107A1 (en) |
| HK (1) | HK1249603A1 (en) |
| WO (1) | WO2016164403A1 (en) |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11012467B2 (en) * | 2017-01-27 | 2021-05-18 | Level 3 Communications, Llc | System and method for scrubbing DNS in a telecommunications network to mitigate attacks |
| US10778645B2 (en) | 2017-06-27 | 2020-09-15 | Microsoft Technology Licensing, Llc | Firewall configuration manager |
| EP4031993A4 (en) * | 2019-09-20 | 2023-08-30 | Privva, Inc. | Methods and apparatus for data-driven vendor risk assessment |
| US11616796B2 (en) | 2019-11-11 | 2023-03-28 | Volterra, Inc. | System and method to protect resource allocation in stateful connection managers |
| CN111125539B (en) * | 2019-12-31 | 2024-02-02 | 武汉市烽视威科技有限公司 | A CDN harmful information blocking method and system based on artificial intelligence |
| CN112153009A (en) * | 2020-08-28 | 2020-12-29 | 杭州安恒信息技术股份有限公司 | IP address processing method, device, electronic device and storage medium |
| CN112272179B (en) * | 2020-10-23 | 2022-02-22 | 新华三信息安全技术有限公司 | Network security processing method, device, equipment and machine readable storage medium |
| CN113726826B (en) * | 2021-11-04 | 2022-06-17 | 北京微步在线科技有限公司 | Method and device for generating threat intelligence |
| US12373568B2 (en) * | 2022-06-29 | 2025-07-29 | Microsoft Technology Licensing, Llc | Malicious activity probability determinations for autonomous systems |
| US11968123B1 (en) | 2022-12-08 | 2024-04-23 | F5, Inc. | Methods for allocating a traffic load and devices thereof |
| CN115865526B (en) * | 2023-02-20 | 2023-05-30 | 国家工业信息安全发展研究中心 | Industrial Internet security detection method and system based on cloud edge cooperation |
| CN116760636A (en) * | 2023-08-16 | 2023-09-15 | 国网江苏省电力有限公司信息通信分公司 | An active defense system and method for unknown threats |
| CN117061199B (en) * | 2023-08-29 | 2025-08-12 | 广州大学 | IP reputation calculation method, device and medium integrating honey spot perception |
| US12432143B2 (en) | 2023-09-26 | 2025-09-30 | F5, Inc. | System and methods for selectively routing packets and devices thereof |
| CN118250105B (en) * | 2024-05-29 | 2024-08-06 | 北京长亭科技有限公司 | Network security protection method, server, security device, system and storage medium |
| CN120321043B (en) * | 2025-06-16 | 2025-08-19 | 厘壮信息科技(苏州)有限公司 | A network threat detection method and system under dynamic protocol reorganization |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8806632B2 (en) * | 2008-11-17 | 2014-08-12 | Solarwinds Worldwide, Llc | Systems, methods, and devices for detecting security vulnerabilities in IP networks |
| US8516576B2 (en) * | 2010-01-13 | 2013-08-20 | Microsoft Corporation | Network intrusion detection with distributed correlation |
| US20130074143A1 (en) * | 2011-09-15 | 2013-03-21 | Mcafee, Inc. | System and method for real-time customized threat protection |
| US20130254343A1 (en) * | 2012-03-22 | 2013-09-26 | Akamai Technologies Inc. | Server with message exchange accounting |
| US8925082B2 (en) * | 2012-08-22 | 2014-12-30 | International Business Machines Corporation | Cooperative intrusion detection ecosystem for IP reputation-based security |
| EP2901612A4 (en) * | 2012-09-28 | 2016-06-15 | Level 3 Communications Llc | Apparatus, system and method for identifying and mitigating malicious network threats |
| US8881281B1 (en) * | 2014-05-29 | 2014-11-04 | Singularity Networks, Inc. | Application and network abuse detection with adaptive mitigation utilizing multi-modal intelligence data |
-
2016
- 2016-04-06 HK HK18108921.7A patent/HK1249603A1/en unknown
- 2016-04-06 CA CA2982107A patent/CA2982107A1/en not_active Abandoned
- 2016-04-06 WO PCT/US2016/026131 patent/WO2016164403A1/en not_active Ceased
- 2016-04-06 EP EP16777161.7A patent/EP3281116A4/en not_active Withdrawn
Also Published As
| Publication number | Publication date |
|---|---|
| EP3281116A4 (en) | 2018-08-15 |
| EP3281116A1 (en) | 2018-02-14 |
| WO2016164403A1 (en) | 2016-10-13 |
| CA2982107A1 (en) | 2016-10-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| HK1249603A1 (en) | Systems and methods for generating network threat intelligence | |
| ZA202100289B (en) | Reactive and pre-emptive security system for the protection of computer networks and systems | |
| EP4614885A3 (en) | Using a blockchain for distributed denial of service attack mitigation | |
| WO2018107048A3 (en) | Prevention of malicious automation attacks on a web service | |
| PH12019501854A1 (en) | Trusted login method, server, and system | |
| EP3685297A4 (en) | Improved system, method, and computer program product for securing a computer system from threats introduced by malicious transparent network devices | |
| IL294252B2 (en) | Client(s) to cloud or remote server secure data or file object encryption gateway | |
| EP4271017A3 (en) | Secured home network | |
| MX2019002184A (en) | System for distributed intelligent remote sensing systems. | |
| AU2017275464A1 (en) | Hardware-based virtualized security isolation | |
| WO2009154945A3 (en) | Distributed security provisioning | |
| GB2573679A (en) | Cloud security stack | |
| WO2018201147A3 (en) | Methods, apparatus, and systems for controlling internet-connected devices having embedded systems with dedicated functions | |
| MX2017004292A (en) | Systems and methods for protecting network devices. | |
| WO2014052756A3 (en) | Identifying and mitigating malicious network threats | |
| MX2013009373A (en) | METHODS AND APPLIANCES TO TREAT WITH MALWARE. | |
| EP2911078A3 (en) | Security sharing system | |
| EP3734474A3 (en) | Cloud service security broker and proxy | |
| MX376229B (en) | METHODS AND SYSTEMS FOR GENERATING DYNAMIC MAPS OF MULTICAST CHANNELS. | |
| HK1243512A1 (en) | Identifying a potential ddos attack using statistical analysis | |
| EP3955229A3 (en) | Providing internet access through a property monitoring system | |
| GB2534259A (en) | Methods and Systems for Transmitting Data Packets | |
| GB2531677A (en) | A network security system | |
| HK1223709A1 (en) | Data center redundancy in a network | |
| WO2016003541A3 (en) | Dynamic computer systems and uses thereof |