Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2019006412) CYBER-SECURITY SYSTEM AND METHOD FOR WEAK INDICATOR DETECTION AND CORRELATION TO GENERATE STRONG INDICATORS
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2019/006412 International Application No.: PCT/US2018/040470
Publication Date: 03.01.2019 International Filing Date: 29.06.2018
IPC:
G06F 21/55 (2013.01) ,H04L 29/06 (2006.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55
Detecting local intrusion or implementing counter-measures
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29
Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02
Communication control; Communication processing
06
characterised by a protocol
Applicants:
FIREEYE, INC. [US/US]; 601 McCarthy Blvd. Milpitas, CA 95035, US
Inventors:
JEYARAMAN, Sundar; US
RAMASWAMY, Ramaswamy; US
Agent:
SCHAAL, William, W.; US
Priority Data:
15/638,26229.06.2017US
Title (EN) CYBER-SECURITY SYSTEM AND METHOD FOR WEAK INDICATOR DETECTION AND CORRELATION TO GENERATE STRONG INDICATORS
(FR) SYSTÈME DE CYBERSÉCURITÉ ET PROCÉDÉ DE DÉTECTION ET DE CORRÉLATION D'INDICATEURS FAIBLES POUR GÉNÉRER DES INDICATEURS FORTS
Abstract:
(EN) A method for detecting a cyber-attack after infiltration into an enterprise network is described. The method features receiving a second plurality of weak indicators included as part of a first plurality of weak indicators and performing a correlation operation between the second plurality of weak indicators and one or more patterns or sequences of indicators associated with known malware. The first plurality of weak indicators is greater in number than the second plurality of weak indicators. A report is generated and issued based on results from the correlation operation.
(FR) L'invention concerne un procédé de détection d'une cyberattaque après infiltration dans un réseau d'entreprise. Le procédé comprend l'étape consistant à recevoir une deuxième pluralité d'indicateurs faibles inclus comme faisant partie d'une première pluralité d'indicateurs faibles et l'étape consistant à réaliser une opération de corrélation entre la deuxième pluralité d'indicateurs faibles et un ou plusieurs motifs ou séquences d'indicateurs associés à un logiciel malveillant connu. La première pluralité d'indicateurs faibles est supérieure en nombre par rapport à la deuxième pluralité d'indicateurs faibles. Un rapport est généré et émis en fonction des résultats de l'opération de corrélation.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)