METHOD FOR COMPUTER-ASSISTED RECOGNITION OF ATTACKS ON A COMPUTER NETWORK

WIPO Patent Application WO/2012/172039

A8

The invention relates to a method for computer-assisted recognition of attacks on a computer network. In this method, sequences (x) of one or more observations in the computer network are detected. Subsequently, a respective sequence (x) is compared to patterns (p1, p2, p3) of one or more semantic statements (Formula (I)) from an ontological knowledge base (KB), one or more similarity measures (F') of the pattern (p1, p2, p3) to one or more groups of observations of the respective sequence (x) being acquired for each pattern. Then, on the basis of the similarity measures (F') of the patterns (x), one or more probability distributions (Pr) for a plurality of predetermined attacks (y) are determined for each sequence (x), each probability distribution (Pr) representing the probability of the presence of the predetermined attacks (y) for a group of observations of the respective sequence (x), the probability distribution or distributions (Pr) being based on a probabilistic model that is trained by means of training data (TD), according to which patterns (p1, p2, p3) from the knowledge base (KB) are correlated with predetermined attacks (y).

ELFERS CARSTEN (DE)
EDELKAMP STEFAN (DE)
BIRKHOLZ HENK (DE)
SOHR KARSTEN (DE)

PCT/EP2012/061410

March 07, 2013

June 15, 2012

Click for automatic bibliography generation  

UNIV BREMEN (DE)
ELFERS CARSTEN (DE)
EDELKAMP STEFAN (DE)
BIRKHOLZ HENK (DE)
SOHR KARSTEN (DE)

H04L63/00

FINK NUMRICH PATENTANWÄLTE (München, DE)

View/Download PDF      PDF Help

Previous Patent: INCORPORATION OF DYE INTO GRANULAR LAUNDRY COMPOSITION

Next Patent: COMB POLYMERS AS DISPERSANTS FOR ALKALINE-ACTIVATED BINDERS