Stelly et al., 2019 - Google Patents
Language-based integration of digital forensics & incident responseStelly et al., 2019
View PDF- Document ID
- 9411424699894542394
- Author
- Stelly C
- Roussev V
- Publication year
- Publication venue
- Proceedings of the 14th International Conference on Availability, Reliability and Security
External Links
Snippet
In the cybersecurity domain, the level of standardization and interoperability among cybersecurity products from different vendors, including open-source ones, is fairly low. Although understandable from a business perspective, this deficiency makes it difficult and …
- 230000004044 response 0 title description 25
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/30144—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogramme communication; Intertask communication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network-specific arrangements or communication protocols supporting networked applications
- H04L67/02—Network-specific arrangements or communication protocols supporting networked applications involving the use of web-based technology, e.g. hyper text transfer protocol [HTTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce, e.g. shopping or e-commerce
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11755390B1 (en) | Using keep-alive markers to extend redelivery deadlines | |
| US11922232B2 (en) | Responding to incidents identified by an information technology and security operations application using a mobile application | |
| US11870795B1 (en) | Identifying attack behavior based on scripting language activity | |
| US11695803B2 (en) | Extension framework for an information technology and security operations application | |
| US9122510B2 (en) | Querying and managing computing resources in a networked computing environment | |
| US11809397B1 (en) | Managing slot requests for query execution in hybrid cloud deployments | |
| EP3048772B1 (en) | Representing identity data relationships using graphs | |
| CN109074454B (en) | Automatic malware grouping based on artifacts | |
| US20170223030A1 (en) | Detection of security transactions | |
| US12118334B1 (en) | Determination of schema compatibility between neighboring operators within a search query statement | |
| US11748634B1 (en) | Systems and methods for integration of machine learning components within a pipelined search query to generate a graphic visualization | |
| US11714683B1 (en) | Information technology and security application automation architecture | |
| US11455314B2 (en) | Management of queries in a hybrid cloud deployment of a query system | |
| US11552868B1 (en) | Collect and forward | |
| US11792157B1 (en) | Detection of DNS beaconing through time-to-live and transmission analyses | |
| US11934869B1 (en) | Enhancing efficiency of data collection using a discover process | |
| CN120129896A (en) | Use machine learning to automatically detect observables and automatically dispose of alerts in endpoint detection and response (EDR) systems | |
| KR20240019739A (en) | Apparatus for processing cyber threat information, method for processing cyber threat information, and medium for storing a program processing cyber threat information | |
| US12056169B1 (en) | Systems and methods for DNS text classification | |
| Stelly et al. | Language-based integration of digital forensics & incident response | |
| US12131233B1 (en) | Systems and methods for auto-deployment of a machine learning component within a pipelined search query | |
| CN118170961A (en) | Cloud native environment information processing method, device, equipment, storage medium and program product | |
| US12432064B1 (en) | Maintaining cryptographically verifiable data share traces for services of a provider network | |
| Hui et al. | Research and development of centrlized log management system based on syslog protocol | |
| Jaeger | Enabling Big Data security analytics for advanced network attack detection |