-
1.
公开(公告)号:US20240346496A1
公开(公告)日:2024-10-17
申请号:US18682926
申请日:2022-08-02
CPC分类号: G06Q20/389 , G06Q40/02
摘要: A method of constructing a set of motifs for use in detecting messages of interest in a network of nodes is provided, the method comprising controlling circuitry to: acquire target data, the target data comprising a set of messages which have been exchanged between nodes in the network, the set of messages including a number of messages of interest; acquire control data, the control data comprising a set of messages which have been produced based on a random exchange of messages between nodes in the network; detect motifs within the target data and the control data, each motif being a repeated pattern of messages appearing within either the target data and/or the control data; generate a set of values indicative of a significance of the motifs which have been detected in the target data and the motifs which have been detected in the control data using a frequency with which these motifs have been detected; and construct a set of motifs for use in detecting messages of interest in the network using the set of values which have been produced and a comparison of the motifs detected in the target data with the motifs detected in the control data.
-
公开(公告)号:US12015620B2
公开(公告)日:2024-06-18
申请号:US17357981
申请日:2021-06-25
IPC分类号: H04L9/40 , H04L43/062 , H04L47/2441 , H04L47/2483
CPC分类号: H04L63/1416 , H04L43/062 , H04L47/2441 , H04L47/2483 , H04L63/0236 , H04L63/1425
摘要: The present disclosure concerns a computer-implemented method for reconstructing a dataset after detection of a network security threat in a network. The method comprises: determining a maximum flow for returning data associated with the network security threat to a source dataset via each of a plurality of paths through which the data has passed from the source dataset to the destination dataset; starting from the destination dataset, determining the data to be transferred to each dataset in the plurality of paths between the destination dataset and the one or more source datasets such that the data can be returned to the one or more source datasets, the data transferred in each path not exceeding the determined maximum flow for the path; adding the details of the determined amount of data to be transferred to a forensic report; and outputting the forensic report.
-
公开(公告)号:US20240340293A1
公开(公告)日:2024-10-10
申请号:US18745097
申请日:2024-06-17
IPC分类号: H04L9/40 , H04L43/062 , H04L47/2441 , H04L47/2483
CPC分类号: H04L63/1416 , H04L43/062 , H04L47/2441 , H04L47/2483 , H04L63/0236 , H04L63/1425
摘要: The present disclosure concerns a computer-implemented method for reconstructing a dataset after detection of a network security threat in a network. The method comprises: determining a maximum flow for returning data associated with the network security threat to a source dataset via each of a plurality of paths through which the data has passed from the source dataset to the destination dataset; starting from the destination dataset, determining the data to be transferred to each dataset in the plurality of paths between the destination dataset and the one or more source datasets such that the data can be returned to the one or more source datasets, the data transferred in each path not exceeding the determined maximum flow for the path; adding the details of the determined amount of data to be transferred to a forensic report; and outputting the forensic report.
-
-