-
公开(公告)号:US20240323215A1
公开(公告)日:2024-09-26
申请号:US18732709
申请日:2024-06-04
发明人: Colin Wee , Ian LoVerde , Douglas A. Thornton
CPC分类号: H04L63/1425 , G06F21/572 , H04L12/40 , H04L63/166 , H04L63/20 , H04L2012/40215 , H04L2012/40273
摘要: CAN bus signal format inference includes: extracting candidate signals from training CAN bus message traffic; defining one or more signals, each signal being a candidate signal that matches structural characteristics of a matching data type and each signal being assigned the matching data type; and generating an inferred CAN bus protocol with which the defined one or more signals conform. Signals are extracted from CAN bus message traffic using the inferred CAN bus protocol, an anomaly in an extracted signal is detected, and an alert is generated indicating the detected anomaly. In another aspect, a transport protocol (TP) signal is extracted and analyzed to determine a fraction of the TP signal that matches opcodes of a machine language instruction set, and an anomaly is detected based at least in part on the determined fraction exceeding an opcode anomaly threshold.
-
公开(公告)号:US12028365B2
公开(公告)日:2024-07-02
申请号:US18107237
申请日:2023-02-08
发明人: Colin Wee , Ian LoVerde , Douglas A. Thornton
CPC分类号: H04L63/1425 , G06F21/572 , H04L12/40 , H04L63/166 , H04L63/20 , H04L2012/40215 , H04L2012/40273
摘要: CAN bus signal format inference includes: extracting candidate signals from training CAN bus message traffic; defining one or more signals, each signal being a candidate signal that matches structural characteristics of a matching data type and each signal being assigned the matching data type; and generating an inferred CAN bus protocol with which the defined one or more signals conform. Signals are extracted from CAN bus message traffic using the inferred CAN bus protocol, an anomaly in an extracted signal is detected, and an alert is generated indicating the detected anomaly. In another aspect, a transport protocol (TP) signal is extracted and analyzed to determine a fraction of the TP signal that matches opcodes of a machine language instruction set, and an anomaly is detected based at least in part on the determined fraction exceeding an opcode anomaly threshold.
-
公开(公告)号:US20230188553A1
公开(公告)日:2023-06-15
申请号:US18107237
申请日:2023-02-08
发明人: Colin Wee , Ian LoVerde , Douglas A. Thornton
CPC分类号: H04L63/1425 , G06F21/572 , H04L12/40 , H04L63/166 , H04L63/20 , H04L2012/40215 , H04L2012/40273
摘要: CAN bus signal format inference includes: extracting candidate signals from training CAN bus message traffic; defining one or more signals, each signal being a candidate signal that matches structural characteristics of a matching data type and each signal being assigned the matching data type; and generating an inferred CAN bus protocol with which the defined one or more signals conform. Signals are extracted from CAN bus message traffic using the inferred CAN bus protocol, an anomaly in an extracted signal is detected, and an alert is generated indicating the detected anomaly. In another aspect, a transport protocol (TP) signal is extracted and analyzed to determine a fraction of the TP signal that matches opcodes of a machine language instruction set, and an anomaly is detected based at least in part on the determined fraction exceeding an opcode anomaly threshold.
-
公开(公告)号:US11606376B2
公开(公告)日:2023-03-14
申请号:US16935505
申请日:2020-07-22
发明人: Colin Wee , Ian LoVerde , Douglas A. Thornton
摘要: CAN bus signal format inference includes: extracting candidate signals from training CAN bus message traffic; defining one or more signals, each signal being a candidate signal that matches structural characteristics of a matching data type and each signal being assigned the matching data type; and generating an inferred CAN bus protocol with which the defined one or more signals conform. Signals are extracted from CAN bus message traffic using the inferred CAN bus protocol, an anomaly in an extracted signal is detected, and an alert is generated indicating the detected anomaly. In another aspect, a transport protocol (TP) signal is extracted and analyzed to determine a fraction of the TP signal that matches opcodes of a machine language instruction set, and an anomaly is detected based at least in part on the determined fraction exceeding an opcode anomaly threshold.
-
-
-
搜索结果
4 条记录 (耗时 0.014 秒)
