ECHO DETECTION OF MAN-IN-THE-MIDDLE LAN ATTACKS

ECHO DETECTION OF MAN-IN-THE-MIDDLE LAN ATTACKS

Systems and methods are provided for detecting anomalous messages on a multipoint serial communications bus by extracting features from a first and a second message, including a time delay between the first and the second messages and, for each message, a sender address, a recipient address, a bus n...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: MIRSKY, Yisroel Avraham, ELOVICI, Yuval, SHABTAI, Asaf, KALBO, Naor
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Systems and methods are provided for detecting anomalous messages on a multipoint serial communications bus by extracting features from a first and a second message, including a time delay between the first and the second messages and, for each message, a sender address, a recipient address, a bus number, and a word count. A message transition pattern including the extracted features is generated. A probability of occurrence of the message transition pattern is determined by comparing the message transition pattern to a pattern dictionary, and the second message is determined to be anomalous when the probability is less than a predetermined threshold.