Intrusion detection system

Intrusion detection system

A method for classification of suspicious activities is provided. In the method, a first intrusion detection system comprising a normal operation mode and which is connected to a second intrusion detection system by a first communications connection is implemented. In response to detecting a malfunc...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Harz, Dirk, Usher, Mark, Zenz, Gideon, Granacher, Astrid, Vogeley, Volker
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Harz, Dirk
Usher, Mark
Zenz, Gideon
Granacher, Astrid
Vogeley, Volker
description A method for classification of suspicious activities is provided. In the method, a first intrusion detection system comprising a normal operation mode and which is connected to a second intrusion detection system by a first communications connection is implemented. In response to detecting a malfunction of the first communications connection, the first intrusion detection system is switched from the normal operation mode to a limited operation mode for receiving first data from one or more honeypot systems and second data from the second intrusion detection system. A prediction model for representing malicious attacks is generated by execution of a predefined classification algorithm with respect to the received data, wherein the predefined classification algorithm further determine a model evaluation metric with respect to the prediction model. The prediction model is deployed to detect the malicious attacks if the model evaluation metric meets a predefined validation condition.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10686807B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10686807B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10686807B23</originalsourceid><addsrcrecordid>eNrjZJDyzCspKi3OzM9TSEktSU0uAbGKK4tLUnN5GFjTEnOKU3mhNDeDoptriLOHbmpBfnxqcUFicmpeakl8aLChgZmFmYWBuZORMTFqAHzLI6w</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Intrusion detection system</title><source>esp@cenet</source><creator>Harz, Dirk ; Usher, Mark ; Zenz, Gideon ; Granacher, Astrid ; Vogeley, Volker</creator><creatorcontrib>Harz, Dirk ; Usher, Mark ; Zenz, Gideon ; Granacher, Astrid ; Vogeley, Volker</creatorcontrib><description>A method for classification of suspicious activities is provided. In the method, a first intrusion detection system comprising a normal operation mode and which is connected to a second intrusion detection system by a first communications connection is implemented. In response to detecting a malfunction of the first communications connection, the first intrusion detection system is switched from the normal operation mode to a limited operation mode for receiving first data from one or more honeypot systems and second data from the second intrusion detection system. A prediction model for representing malicious attacks is generated by execution of a predefined classification algorithm with respect to the received data, wherein the predefined classification algorithm further determine a model evaluation metric with respect to the prediction model. The prediction model is deployed to detect the malicious attacks if the model evaluation metric meets a predefined validation condition.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20200616&amp;DB=EPODOC&amp;CC=US&amp;NR=10686807B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25543,76293</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20200616&amp;DB=EPODOC&amp;CC=US&amp;NR=10686807B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Harz, Dirk</creatorcontrib><creatorcontrib>Usher, Mark</creatorcontrib><creatorcontrib>Zenz, Gideon</creatorcontrib><creatorcontrib>Granacher, Astrid</creatorcontrib><creatorcontrib>Vogeley, Volker</creatorcontrib><title>Intrusion detection system</title><description>A method for classification of suspicious activities is provided. In the method, a first intrusion detection system comprising a normal operation mode and which is connected to a second intrusion detection system by a first communications connection is implemented. In response to detecting a malfunction of the first communications connection, the first intrusion detection system is switched from the normal operation mode to a limited operation mode for receiving first data from one or more honeypot systems and second data from the second intrusion detection system. A prediction model for representing malicious attacks is generated by execution of a predefined classification algorithm with respect to the received data, wherein the predefined classification algorithm further determine a model evaluation metric with respect to the prediction model. The prediction model is deployed to detect the malicious attacks if the model evaluation metric meets a predefined validation condition.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZJDyzCspKi3OzM9TSEktSU0uAbGKK4tLUnN5GFjTEnOKU3mhNDeDoptriLOHbmpBfnxqcUFicmpeakl8aLChgZmFmYWBuZORMTFqAHzLI6w</recordid><startdate>20200616</startdate><enddate>20200616</enddate><creator>Harz, Dirk</creator><creator>Usher, Mark</creator><creator>Zenz, Gideon</creator><creator>Granacher, Astrid</creator><creator>Vogeley, Volker</creator><scope>EVB</scope></search><sort><creationdate>20200616</creationdate><title>Intrusion detection system</title><author>Harz, Dirk ; Usher, Mark ; Zenz, Gideon ; Granacher, Astrid ; Vogeley, Volker</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10686807B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Harz, Dirk</creatorcontrib><creatorcontrib>Usher, Mark</creatorcontrib><creatorcontrib>Zenz, Gideon</creatorcontrib><creatorcontrib>Granacher, Astrid</creatorcontrib><creatorcontrib>Vogeley, Volker</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Harz, Dirk</au><au>Usher, Mark</au><au>Zenz, Gideon</au><au>Granacher, Astrid</au><au>Vogeley, Volker</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Intrusion detection system</title><date>2020-06-16</date><risdate>2020</risdate><abstract>A method for classification of suspicious activities is provided. In the method, a first intrusion detection system comprising a normal operation mode and which is connected to a second intrusion detection system by a first communications connection is implemented. In response to detecting a malfunction of the first communications connection, the first intrusion detection system is switched from the normal operation mode to a limited operation mode for receiving first data from one or more honeypot systems and second data from the second intrusion detection system. A prediction model for representing malicious attacks is generated by execution of a predefined classification algorithm with respect to the received data, wherein the predefined classification algorithm further determine a model evaluation metric with respect to the prediction model. The prediction model is deployed to detect the malicious attacks if the model evaluation metric meets a predefined validation condition.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US10686807B2
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Intrusion detection system
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-26T22%3A27%3A55IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Harz,%20Dirk&rft.date=2020-06-16&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10686807B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true