[go: up one dir, main page]

WO2020242417A1 - Système pour créer une annotation pour des cas contenant une anomalie - Google Patents

Système pour créer une annotation pour des cas contenant une anomalie Download PDF

Info

Publication number
WO2020242417A1
WO2020242417A1 PCT/TR2020/050432 TR2020050432W WO2020242417A1 WO 2020242417 A1 WO2020242417 A1 WO 2020242417A1 TR 2020050432 W TR2020050432 W TR 2020050432W WO 2020242417 A1 WO2020242417 A1 WO 2020242417A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
annotation
anomaly
module
anomaly detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/TR2020/050432
Other languages
English (en)
Inventor
Samet Alkent
Ahmet YUKSEL
Berna SAYI
Yunus KALKAN
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Turkcell Teknoloji Arastirma Ve Gelistirme AS
Original Assignee
Turkcell Teknoloji Arastirma Ve Gelistirme AS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Turkcell Teknoloji Arastirma Ve Gelistirme AS filed Critical Turkcell Teknoloji Arastirma Ve Gelistirme AS
Publication of WO2020242417A1 publication Critical patent/WO2020242417A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/302Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a software system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/3006Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system is distributed, e.g. networked systems, clusters, multiprocessor systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3065Monitoring arrangements determined by the means or processing involved in reporting the monitored data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/16Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services

Definitions

  • the present invention relates to a system for associating anomaly cases detected in digital environment and open source data, creating a smart annotation automatically, sending the created annotation to a data subject.
  • various sources such as Internet sites, e-mail distribution lists and e-mail listserves, Usenets, chat room dialogues, government documents in order to collect data.
  • the collected data are filtered and categorized according to keyword searching, pattern matching, and content recognition functions.
  • Data filtering is performed in accordance with a predefined retention criteria in the inventive system.
  • the data are queued and reviewed by an analyst respectively.
  • the analyst stores the data by tagging and a final decision is made by a senior analyst. In accordance with the decision of the senior analyst, final form of the cyber-threat information is created and delivered to a user.
  • An objective of the present invention is to realize a module for performing anomaly detection and creating alarm about an anomaly, and a system for creating a visual annotation about an anomaly case automatically and transmitting it to a user by processing the data received from an open source data repository in a mechanism making decision by means of artificial intelligence.
  • Figure l is a schematic view of the inventive system. The components illustrated in the figure are individually numbered, where the numbers refer to the following:
  • the inventive system (1) for associating anomaly cases detected in digital environment and open source data, creating an annotation automatically, sending the created annotation to a data subject comprises:
  • At least one anomaly detection module (2) which is configured to detect anomaly cases, and to create an alarm related to the anomaly;
  • At least one data collection module (3) which is configured to collect data from open source software, and to store data
  • At least one data processing module (4) which is configured to correlate outputs of the anomaly detection module (2) and the data collection module
  • At least one server (5) which is configured to make a decision on whether to create an annotation about an anomaly or not by receiving outputs of the data processing module (4), and to transmit the related note to the user visually in case where an annotation is created.
  • the anomaly detection module (2) included in the inventive system (1) is configured to detect cases of data presence being incompatible with predetermined data by carrying out analysis on data included in digital environment such as web pages, applications.
  • the anomaly detection module (2) is configured to create alarm about anomaly cases detected by using machine learning algorithms.
  • the data collection module (3) included in the inventive system (1) is configured to collect and store data included in digital environment such as open source web pages, applications.
  • the data processing module (4) included in the inventive system (1) is in communication with the anomaly detection module (2) and the data collection module (3), and configured to correlate outputs of the anomaly detection module (2) and the data collection module (3) by means of artificial intelligence algorithms.
  • the server (5) included in the inventive system (1) is in communication with the data processing module (4), and is configured to decide on whether annotation will be created in accordance with the correlation determined by the data processing module (4), by means of artificial intelligence algorithms.
  • the server (5) is configured to receive visual data over the anomaly detection module (2) -in case where it decides to create annotation- to process the received visual data by means of image processing algorithm, and to transmit the said annotation to an authorized user by creating visual annotation.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Quality & Reliability (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • Databases & Information Systems (AREA)
  • Algebra (AREA)
  • Probability & Statistics with Applications (AREA)
  • Pure & Applied Mathematics (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Mathematical Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Debugging And Monitoring (AREA)
  • Testing, Inspecting, Measuring Of Stereoscopic Televisions And Televisions (AREA)
  • Alarm Systems (AREA)

Abstract

La présente invention concerne un système (1) pour associer des cas d'anomalie détectés dans un environnement numérique et des données de source ouverte, créer une annotation intelligente automatiquement et envoyer l'annotation créée à une personne concernée.
PCT/TR2020/050432 2019-05-30 2020-05-18 Système pour créer une annotation pour des cas contenant une anomalie Ceased WO2020242417A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
TR2019/08288 2019-05-30
TR2019/08288A TR201908288A2 (tr) 2019-05-30 2019-05-30 Anomali̇ i̇çeren durumlar i̇çi̇n düzeltme notu oluşturulmasini sağlayan bi̇r si̇stem

Publications (1)

Publication Number Publication Date
WO2020242417A1 true WO2020242417A1 (fr) 2020-12-03

Family

ID=67952600

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/TR2020/050432 Ceased WO2020242417A1 (fr) 2019-05-30 2020-05-18 Système pour créer une annotation pour des cas contenant une anomalie

Country Status (2)

Country Link
TR (1) TR201908288A2 (fr)
WO (1) WO2020242417A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0153504B2 (fr) * 1983-06-09 1989-11-14 Rohm Kk
WO2014152469A1 (fr) * 2013-03-18 2014-09-25 The Trustees Of Columbia University In The City Of New York Détection de logiciel malveillant reposant sur une anomalie non supervisée à l'aide de caractéristiques de matériel
KR20170056045A (ko) * 2015-11-12 2017-05-23 주식회사 엔젠소프트 다양한 웹 서비스 환경에서 사용자의 행위 패턴 분석을 통한 이상행위 탐지 방법과 그를 위한 장치

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0153504B2 (fr) * 1983-06-09 1989-11-14 Rohm Kk
WO2014152469A1 (fr) * 2013-03-18 2014-09-25 The Trustees Of Columbia University In The City Of New York Détection de logiciel malveillant reposant sur une anomalie non supervisée à l'aide de caractéristiques de matériel
KR20170056045A (ko) * 2015-11-12 2017-05-23 주식회사 엔젠소프트 다양한 웹 서비스 환경에서 사용자의 행위 패턴 분석을 통한 이상행위 탐지 방법과 그를 위한 장치

Also Published As

Publication number Publication date
TR201908288A2 (tr) 2019-06-21

Similar Documents

Publication Publication Date Title
US11948379B2 (en) Systems and methods of detecting email-based attacks through machine learning
Raturi Machine learning implementation for identifying fake accounts in social network
US20210273950A1 (en) Method and system for determining and acting on a structured document cyber threat risk
Mohamad et al. An evaluation on the efficiency of hybrid feature selection in spam email classification
CN113408281B (zh) 邮箱账号异常检测方法、装置、电子设备及存储介质
KR101469009B1 (ko) 스팸 그룹 추출 장치 및 그 방법
US10657603B1 (en) Intelligent routing control
CN103843003A (zh) 句法指纹识别
GB2424969A (en) Training an anti-spam filter
Derakhshan et al. Detecting telephone-based social engineering attacks using scam signatures
US20250337781A1 (en) Using Neural Networks to Process Forensics and Generate Threat Intelligence Information
Redondo-Gutierrez et al. Detecting malware using text documents extracted from spam email through machine learning
Wa Nkongolo RFSA: A Ransomware feature selection algorithm for multivariate analysis of malware behavior in cryptocurrency
Jain et al. Detecting email spam with NLP: A machine learning approach
Airlangga Optimizing SMS spam detection using machine learning: A comparative analysis of ensemble and traditional classifiers
WO2020242417A1 (fr) Système pour créer une annotation pour des cas contenant une anomalie
US11997138B1 (en) Detecting and analyzing phishing attacks through artificial intelligence
Jones et al. Detection of Twitter Spam with Language Models: A Case Study on How to Use BERT to Protect Children from Spam on Twitter
Ahmed et al. Effective phishing emails detection method
Rayala et al. Malicious URL detection using logistic regression
WO2025000074A1 (fr) Modération d'examen de client à l'aide d'une intelligence artificielle
Al-Saaidah Detecting phishing emails using machine learning techniques
Manek et al. ReP-ETD: A Repetitive Preprocessing technique for Embedded Text Detection from images in spam emails
Manzoor et al. Mitigating online harassment: machine learning approaches for hate speech detection in transliterated Bengali comments
Pham et al. Phishing attacks detection using genetic programming

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20812630

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20812630

Country of ref document: EP

Kind code of ref document: A1