-
公开(公告)号:US20230168668A1
公开(公告)日:2023-06-01
申请号:US17997421
申请日:2021-04-21
Inventor: Giulio GIACONI , Samuel MOORE , Christopher NUGENT , Shuai ZHANG , lan CLELAND
IPC: G05B23/02
CPC classification number: G05B23/0254 , G05B23/024 , G05B23/027
Abstract: A method of identifying anomalous data obtained by at least one sensor of a plurality of sensors located within an environment. The method includes identifying, based on sensor data obtained from the plurality of sensors, at least one instance of a sequence of events that occurred within the environment. A probability of the sequence of events occurring within the environment under non-anomalous conditions is obtained. A frequency characteristic dependent on a frequency at which the sequence of events occurred within the environment is determined. A likelihood of the sequence of events occurring within the environment at the frequency is determined, based on a combination of the probability and the frequency characteristic. It is identified, based on the likelihood, that at least a portion of the sensor data is anomalous.
-
公开(公告)号:US20230171277A1
公开(公告)日:2023-06-01
申请号:US17997424
申请日:2021-04-21
Inventor: Giulio GIACONI , Samuel MOORE , Christopher NUGENT , Shuai ZHANG , lan CLELAND
CPC classification number: H04L63/1425 , H04L43/16 , G06F21/554
Abstract: A method of identifying anomalous network activity. The method includes identifying, based on network data representative of network activity within a network, at least one instance of a sequence of events that occurred within the network. A probability of the sequence of events occurring during non-anomalous network activity is obtained based on transition probabilities between events in the sequence of events. A frequency characteristic dependent on a frequency at which the sequence of events occurred within the network is determined. A likelihood of the sequence of events occurring within the network at the frequency is determined based on a combination of the probability and the frequency characteristic. It is identified, based on the likelihood, that at least a portion of the network data is anomalous.
-
公开(公告)号:US20220027478A1
公开(公告)日:2022-01-27
申请号:US17309530
申请日:2019-12-01
Inventor: Robert HERCOCK , Giulio GIACONI
Abstract: A computer implemented method of detecting an increased vulnerability of a software system including a plurality of software components, the method including generating a vector representation of each software component derived from a neural network trained using training data defined from known vulnerabilities of the software components in the software system, wherein the training data is augmented by replicating each of one or more training data items in the training data responsive to one or more attributes of a vulnerability corresponding to the training data item; aggregating the vector representations for the software component to an aggregate vector representation for a particular time; repeating the generating and the aggregating for a plurality of points in time to generate multiple generations of aggregate vector representations; comparing the multiple generations of aggregate vector representations to detect a change in an aggregate vector representation exceeding a maximum threshold degree of change as an indication of an increased vulnerability of the software system.
-
Patent Agency Ranking
公开(公告)号:US20230125203A1
公开(公告)日:2023-04-27
申请号:US17915458
申请日:2021-03-12
Inventor: Ahmed SAEED , Giulio GIACONI
IPC: H04L9/40
Abstract: A computer implemented method for detecting anomalies in a computer network is provided together with a network monitoring system and computer programs for carrying out the method. The method obtains a model representing normal characteristics of network traffic associated with a set of devices within the computer network. The method analyses network traffic using the model to identify anomalous network traffic associated with the set of devices. The method clusters the anomalous network traffic into clusters of network traffic that share similar characteristics. The method provides an indication that either (i) the network traffic associated with a cluster relates to a new type of anomaly involving the set of devices or (ii) that no new types of anomaly are present.
-
公开(公告)号:US20220027465A1
公开(公告)日:2022-01-27
申请号:US17309531
申请日:2019-12-01
Inventor: Robert HERCOCK , Giulio GIACONI
Abstract: A computer implemented method of remediating an increased vulnerability of a software system including a plurality of software components, the method including generating a vector representation of each software component derived from a neural network trained using training data defined from known vulnerabilities of the software components in the software system; aggregating the vector representations for the software component to an aggregate vector representation for a particular time; repeating the generating and the aggregating for a plurality of points in time to generate multiple generations of aggregate vector representations; comparing the multiple generations of aggregate vector representations to detect a change in an aggregate vector representation exceeding a maximum threshold degree of change as an indication of an increased vulnerability of the software system, responsive to which iteratively adjusting the software components in the software system and, at each iteration, regenerating an aggregate vector representation for the software system so adjusted to compare with the multiple generations of aggregate vector representations to identify a software component adjustment leading to a change in vector representation not exceeding the maximum threshold degree of change so as to reduce the vulnerability of the software system.
-
公开(公告)号:US20240102828A1
公开(公告)日:2024-03-28
申请号:US18255637
申请日:2021-11-27
Inventor: Giulio GIACONI , Fadi EL-MOUSSA
IPC: G01D4/00
CPC classification number: G01D4/004 , G01D2204/24
Abstract: A device identification method, a device identification system and a device prediction component. The method can include determining, based on first power consumption data indicative of a first power consumption associated with a premises within a first time period, a predicted identity of an active device at the premises within a second time period subsequent to the first time period. A detected identity of the active device at the premises within the second time period is determined, based on second power consumption data indicative of a second power consumption associated with the premises within the second time period. A determined identity of the active device at the premises within the second time period is determined, based on at least one of the predicted identity and the detected identity.
-
公开(公告)号:US20220060492A1
公开(公告)日:2022-02-24
申请号:US17309528
申请日:2019-12-01
Inventor: Giulio GIACONI , Yipeng CHENG
Abstract: A computer implemented method of detecting anomalous behavior within a computer network, the method including accessing data records each corresponding to an occurrence of communication occurring via the computer network and including a plurality of attributes of the communication; generating, for each of at least a subset of the data records, a training data item for a neural network, the training data item being derived from at least a portion of the attributes of the record and the neural network having input units and output units corresponding to items in a corpus of attribute values for communications occurring via the network; augmenting the training data by replicating each of one or more training data items responsive to one or more attributes of the data record corresponding to the training data item; training the neural network using the augmented training data so as to define a vector representation for each attribute value in the corpus based on weights in the neural network for an input unit corresponding to the attribute value; repeating the accessing, the generating, the augmenting and the training to generate multiple generations of vector representations for each attribute value in the corpus, each generation corresponding to data records received during a different time period; and for at least a subset of attribute values in the corpus, comparing the multiple generations of vector representations to identify a change in one or more vector representation as an indication of an anomalous change of behavior in the computer network.
-
公开(公告)号:US20220027477A1
公开(公告)日:2022-01-27
申请号:US17309529
申请日:2019-12-01
Inventor: Robert HERCOCK , Giulio GIACONI
Abstract: A computer implemented method of detecting an increased vulnerability of a software system including a plurality of software components, the method including generating a vector representation of each software component derived from a neural network trained using training data defined from known vulnerabilities of the software components in the software system; aggregating the vector representations for the software component to an aggregate vector representation for a particular time; repeating the generating and the aggregating for a plurality of points in time to generate multiple generations of aggregate vector representations; and comparing the multiple generations of aggregate vector representations to detect a change in an aggregate vector representation exceeding a maximum threshold degree of change as an indication of an increased vulnerability of the software system.
-
-
-
-
-
-
-
Search Results
8
records
(took 0.015 seconds)
