[go: up one dir, main page]

WO2016204839A3 - System and method to detect attacks on mobile wireless networks based on network controllability analysis - Google Patents

System and method to detect attacks on mobile wireless networks based on network controllability analysis Download PDF

Info

Publication number
WO2016204839A3
WO2016204839A3 PCT/US2016/023308 US2016023308W WO2016204839A3 WO 2016204839 A3 WO2016204839 A3 WO 2016204839A3 US 2016023308 W US2016023308 W US 2016023308W WO 2016204839 A3 WO2016204839 A3 WO 2016204839A3
Authority
WO
WIPO (PCT)
Prior art keywords
wireless networks
mobile wireless
network
networks based
detect attacks
Prior art date
Application number
PCT/US2016/023308
Other languages
French (fr)
Other versions
WO2016204839A2 (en
Inventor
Gavin D. HOLLAND
Michael D. Howard
Chong DING
Original Assignee
Hrl Laboratories, Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hrl Laboratories, Llc filed Critical Hrl Laboratories, Llc
Priority to EP16812078.0A priority Critical patent/EP3272075A4/en
Priority to CN201680010741.5A priority patent/CN107251519B/en
Publication of WO2016204839A2 publication Critical patent/WO2016204839A2/en
Publication of WO2016204839A3 publication Critical patent/WO2016204839A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Computer And Data Communications (AREA)

Abstract

Described is a system for detecting attacks of misinformation on communication networks. Network controllability metrics on a graphical representation of a communication network are computed. Changes in the network controllability metrics are detected, and attack of misinformation on the communication network are detected based on the detected changes in the network controllability metrics.
PCT/US2016/023308 2015-03-18 2016-03-18 System and method to detect attacks on mobile wireless networks based on network controllability analysis WO2016204839A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP16812078.0A EP3272075A4 (en) 2015-03-18 2016-03-18 System and method to detect attacks on mobile wireless networks based on network controllability analysis
CN201680010741.5A CN107251519B (en) 2015-03-18 2016-03-18 Systems, methods, and media for detecting attacks of fake information on a communication network

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201562135136P 2015-03-18 2015-03-18
US201562135142P 2015-03-18 2015-03-18
US62/135,142 2015-03-18
US62/135,136 2015-03-18

Publications (2)

Publication Number Publication Date
WO2016204839A2 WO2016204839A2 (en) 2016-12-22
WO2016204839A3 true WO2016204839A3 (en) 2017-01-26

Family

ID=57546242

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/US2016/023308 WO2016204839A2 (en) 2015-03-18 2016-03-18 System and method to detect attacks on mobile wireless networks based on network controllability analysis
PCT/US2016/023307 WO2016204838A2 (en) 2015-03-18 2016-03-18 System and method to detect attacks on mobile wireless networks based on motif analysis

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/US2016/023307 WO2016204838A2 (en) 2015-03-18 2016-03-18 System and method to detect attacks on mobile wireless networks based on motif analysis

Country Status (3)

Country Link
EP (2) EP3272075A4 (en)
CN (2) CN107409124B (en)
WO (2) WO2016204839A2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10897471B2 (en) 2018-01-30 2021-01-19 Hewlett Packard Enterprise Development Lp Indicating malicious entities based on multicast communication patterns
CN110706743A (en) * 2019-10-14 2020-01-17 福建师范大学 Protein interaction network motif detection method for balanced sampling and graph retrieval
CN119743281A (en) * 2025-02-26 2025-04-01 中国人民解放军国防科技大学 A node-based infrastructure network game strategy generation method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060010493A1 (en) * 2003-04-01 2006-01-12 Lockheed Martin Corporation Attack impact prediction system
US20070019543A1 (en) * 2005-07-06 2007-01-25 Fortinet, Inc. Systems and methods for detecting and preventing flooding attacks in a network environment
US20080301295A1 (en) * 2006-01-31 2008-12-04 International Business Machines Corporation System and method for usage-based misinformation detection and response
US20090183260A1 (en) * 2004-05-04 2009-07-16 Symantec Corporation Detecting network evasion and misinformation
US20130091573A1 (en) * 2002-12-24 2013-04-11 Frederick S.M. Herz System and method for a distributed application of a network security system (sdi-scam)

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7415719B2 (en) * 2003-09-26 2008-08-19 Tizor Systems, Inc. Policy specification framework for insider intrusions
US20060230450A1 (en) * 2005-03-31 2006-10-12 Tian Bu Methods and devices for defending a 3G wireless network against a signaling attack
KR100767589B1 (en) * 2006-07-20 2007-10-17 성균관대학교산학협력단 Fuzzy Logic Intrusion Detection Scheme for Directed Diffusion-based Sensor Networks
US8655939B2 (en) * 2007-01-05 2014-02-18 Digital Doors, Inc. Electromagnetic pulse (EMP) hardened information infrastructure with extractor, cloud dispersal, secure storage, content analysis and classification and method therefor
US8707431B2 (en) * 2007-04-24 2014-04-22 The Mitre Corporation Insider threat detection
CN101309180B (en) * 2008-06-21 2010-12-08 华中科技大学 A Safe Network Intrusion Detection System Suitable for Virtual Machine Environment
US8850578B2 (en) * 2008-08-06 2014-09-30 International Business Machines Corporation Network intrusion detection
US8312542B2 (en) * 2008-10-29 2012-11-13 Lockheed Martin Corporation Network intrusion detection using MDL compress for deep packet inspection
US8375452B2 (en) * 2008-12-25 2013-02-12 Check Point Software Technologies Ltd Methods for user profiling for detecting insider threats based on internet search patterns and forensics of search keywords
US8245302B2 (en) * 2009-09-15 2012-08-14 Lockheed Martin Corporation Network attack visualization and response through intelligent icons
US8245301B2 (en) * 2009-09-15 2012-08-14 Lockheed Martin Corporation Network intrusion detection visualization
CN101800989B (en) * 2010-01-19 2013-07-10 重庆邮电大学 Anti-replay-attack system for industrial wireless network
US8683591B2 (en) * 2010-11-18 2014-03-25 Nant Holdings Ip, Llc Vector-based anomaly detection
WO2012142287A2 (en) * 2011-04-14 2012-10-18 Lockheed Martin Corporation Dynamically reconfigurable 2d topology communication and verification scheme
US8560681B2 (en) * 2011-05-10 2013-10-15 Telefonica, S.A. Method of characterizing a social network communication using motifs
CN102869006B (en) * 2012-09-13 2016-02-17 柳州职业技术学院 Wireless sensor network hierarchical invasion Fault Diagnostic Expert System and method thereof
WO2014118362A1 (en) * 2013-02-01 2014-08-07 Siemens Aktiengesellschaft Method and apparatus for monitoring security intrusion of a distributed computer system
CN104144063B (en) * 2013-05-08 2018-08-10 朱烨 Web portal security monitoring and alarming system based on log analysis and firewall security matrix
CN104348811B (en) * 2013-08-05 2018-01-26 深圳市腾讯计算机系统有限公司 Detecting method of distributed denial of service attacking and device
CN103957525B (en) * 2014-05-12 2018-02-27 江苏大学 Malicious node detection method based on sub-clustering trust evaluation in car networking

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130091573A1 (en) * 2002-12-24 2013-04-11 Frederick S.M. Herz System and method for a distributed application of a network security system (sdi-scam)
US20060010493A1 (en) * 2003-04-01 2006-01-12 Lockheed Martin Corporation Attack impact prediction system
US20090183260A1 (en) * 2004-05-04 2009-07-16 Symantec Corporation Detecting network evasion and misinformation
US20070019543A1 (en) * 2005-07-06 2007-01-25 Fortinet, Inc. Systems and methods for detecting and preventing flooding attacks in a network environment
US20080301295A1 (en) * 2006-01-31 2008-12-04 International Business Machines Corporation System and method for usage-based misinformation detection and response

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3272075A4 *

Also Published As

Publication number Publication date
WO2016204838A9 (en) 2017-06-15
WO2016204838A3 (en) 2017-01-26
CN107409124A (en) 2017-11-28
CN107251519A (en) 2017-10-13
EP3272102A4 (en) 2018-11-14
EP3272075A2 (en) 2018-01-24
WO2016204839A2 (en) 2016-12-22
CN107251519B (en) 2020-06-12
WO2016204838A2 (en) 2016-12-22
EP3272075A4 (en) 2018-12-05
CN107409124B (en) 2020-09-15
EP3272102A2 (en) 2018-01-24

Similar Documents

Publication Publication Date Title
EP3128699A4 (en) Network communication system, fraud detection electronic control unit and fraud handling method
WO2016197004A3 (en) Enhancing performance of multi-path communications
EP3364595A4 (en) Key configuration method and key management center, and network element
EP3242441A4 (en) Bit-forwarding ingress router, bit-forwarding router, and operation, administration and maintenance detection method
EP3282767A4 (en) Relay-terminal selection method, performed by terminal in wireless communication system, and terminal using same method
WO2013184211A3 (en) Anomaly detection to identify coordinated group attacks in computer networks
WO2014107468A3 (en) Mobile device speaker control
EP3136249A4 (en) Log analysis device, attack detection device, attack detection method and program
WO2013009992A3 (en) Network-assisted peer discovery with network coding
WO2013036014A3 (en) Apparatus and method for setting channel in wireless network
EP3195124A4 (en) Malicious relay detection on networks
MX345323B (en) Control channel detection method and user equipment.
EP3116255A4 (en) Channel detection method, terminal and system
EP3624461A4 (en) Fault detection method, monitoring device and network device
WO2015015300A3 (en) Method of supporting security handling for dual connectivity
EP3328139A4 (en) Wireless communication method, network device, user equipment, and system
EP3116160A4 (en) Oam packet processing method, network device and network system
EP3525537A4 (en) Wireless communication system, network device, and wireless communication method
EP3152875A4 (en) Location-based network system and location-based communication method
EP3203781A4 (en) Network selection method and apparatus based on communications terminal, and terminal
EP3200491A4 (en) Method for establishing communication connection between station and access point, access point and station
WO2015140634A3 (en) Method and apparatus for enhancing phr in dual connectivity
EP3361781A4 (en) Resident cell determination method, user equipment and network device
EP3373520A4 (en) Status detection method and wireless network node
EP3160190A4 (en) Communication system, access authentication method and system based on communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16812078

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2016812078

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2016812078

Country of ref document: EP