Processing

Please wait...

Settings

Settings

Goto Application

1. WO2014113367 - SYSTEM FOR AND A METHOD OF COGNITIVE BEHAVIOR RECOGNITION

Publication Number WO/2014/113367
Publication Date 24.07.2014
International Application No. PCT/US2014/011427
International Filing Date 14.01.2014
IPC
G06F 21/50 2013.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
G06F 9/44 2006.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
CPC
G06F 21/552
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
552involving long-term monitoring or reporting
G06F 21/566
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
G06F 21/577
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
577Assessing vulnerabilities and evaluating computer system security
H04L 63/1416
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1408by monitoring network traffic
1416Event detection, e.g. attack signature detection
H04L 63/20
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
20for managing network security; network security policies in general
Applicants
  • TAASERA, INC. [US]/[US]
Inventors
  • KUMAR, Srinivas
Agents
  • WIELAND, Charles F. III
Priority Data
13/741,87815.01.2013US
Publication Language English (en)
Filing Language English (EN)
Designated States
Title
(EN) SYSTEM FOR AND A METHOD OF COGNITIVE BEHAVIOR RECOGNITION
(FR) SYSTÈME ET PROCÉDÉ DE RECONNAISSANCE DE COMPORTEMENT COGNITIF
Abstract
(EN) A method for assessing runtime risk for an application or device includes: storing, in a rules database, a plurality of rules, wherein each rule identifies an action sequence; storing, in a policy database, a plurality of assessment policies, wherein each assessment policy includes at least one rule of the plurality of rules; identifying, using at least one assessment policy, a runtime risk for an application or device, wherein the identified runtime risk identifies and predicts a specific type of threat; and identifying, by a processing device, a behavior score for the application or device based on the identified runtime risk, wherein the action sequence is a sequence of at least two performed actions, and each performed action is at least one of: a user action, an application action, and a system action.
(FR) L'invention concerne un procédé d'évaluation d'un risque d'exécution pour une application ou dispositif consistant à : stocker, dans une base de données de règles, une pluralité de règles, chaque règle identifiant une séquence d'actions; stocker, dans une base de données de politiques, une pluralité de politiques d'évaluation, chaque politique d'évaluation comprenant au moins une règle de la pluralité de règles; identifier, à l'aide d'au moins une politique d'évaluation, un risque d'exécution pour une application ou dispositif, le risque d'exécution identifié identifiant et prévoyant un type spécifique de menace; et identifier, au moyen d'un dispositif de traitement, une note de comportement pour l'application ou dispositif sur la base du risque d'exécution identifié, la séquence d'actions étant une séquence d'au moins deux actions réalisées, et chaque action réalisée étant une action d'utilisateur et/ou une action d'application et/ou une action de système.
Latest bibliographic data on file with the International Bureau