专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明专利

CA2926603C EVENT CORRELATION ACROSS HETEROGENEOUS OPERATIONS 未知
公开(公告)号：CA2926603C
公开(公告)日：2022-08-30
申请号：CA2926603
申请日：2016-04-08
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HASSANZADEH AMIN , MODI SHIMON , MULCHANDANI SHAAN , NEGM WALID
IPC分类号： H04L12/22 , H04L67/10
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for transforming representations of network activity data. A data structure that represents communication events between computing devices of one or more networks is received. The data structure is analyzed and a set of potential attack paths represented in the data structure is determined. A score is assigned to each potential attack path in the set of potential attack paths. Potential attack paths that have scores that do not meet a predetermined threshold are removed from the set of potential attack paths. Potential attack paths that remain in the set of potential attack paths are ranked, based on each score assigned to each potential attack path, and the data structure that includes a ranked set of potential attack paths is provided.

2. 发明专利

CA2926603A1 EVENT CORRELATION ACROSS HETEROGENEOUS OPERATIONS 未知
公开(公告)号：CA2926603A1
公开(公告)日：2016-10-09
申请号：CA2926603
申请日：2016-04-08
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HASSANZADEH AMIN , MODI SHIMON , MULCHANDANI SHAAN , NEGM WALID
IPC分类号： H04L12/22 , H04L12/24
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for transforming representations of network activity data. A data structure that represents communication events between computing devices of one or more networks is received. The data structure is analyzed and a set of potential attack paths represented in the data structure is determined. A score is assigned to each potential attack path in the set of potential attack paths. Potential attack paths that have scores that do not meet a predetermined threshold are removed from the set of potential attack paths. Potential attack paths that remain in the set of potential attack paths are ranked, based on each score assigned to each potential attack path, and the data structure that includes a ranked set of potential attack paths is provided.

3. 发明专利

CA2938337C COMPUTER ASSET VULNERABILITIES 未知
公开(公告)号：CA2938337C
公开(公告)日：2019-03-05
申请号：CA2938337
申请日：2016-08-09
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HOVOR ELVIS , MULCHANDANI SHAAN , CARVER MATTHEW
IPC分类号： G06F21/57
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining a network path between computer assets. One of the methods includes receiving an asset topology that includes an identifier for each computer-related asset that may be an entry point for an attack simulation, receiving threat data that identifies vulnerabilities of computer-related assets, determining a first computer- related asset that may be an entry point for an attack simulation, identifying one or more first vulnerabilities of the first computer-related asset, determining a path from the first computer- related asset to a second computer-related asset, determining one or more second vulnerabilities of the second computer-related asset, determining a probability that the second computer- related asset will be compromised by an adversary, and determining a change to the asset topology to reduce the probability that the second computer-related asset will be compromised by an adversary.

4. 发明专利

CA2905390C INDUSTRIAL SECURITY AGENT PLATFORM 未知
公开(公告)号：CA2905390C
公开(公告)日：2018-11-13
申请号：CA2905390
申请日：2015-09-23
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： LUO SONG , NEGM WALID , SOLDERITSCH JAMES J , MULCHANDANI SHAAN , HASSANZADEH AMIN , MODI SHIMON
IPC分类号： H04L9/00 , H04L9/32 , H04L12/16
摘要： Systems, methods, and apparatus, including computer programs encoded on computer storage media, for facilitating secure communication. A system for facilitating secure communication includes an enterprise network, one or more operational technology networks, and a management server. Each of the operational technology networks can include one or more controller devices operable to control one or more operational devices, and can include a respective site security server and a respective security relay server. The security relay server can be operable to facilitate secure communication between controller devices of the operational technology network and its corresponding site security server. The management server can be a node on the enterprise network and can be operable to communicate with each site security server.

5. 发明专利

AU2016216520B2 COMPUTER ASSET VULNERABILITIES 未知
公开(公告)号：AU2016216520B2
公开(公告)日：2017-10-19
申请号：AU2016216520
申请日：2016-08-15
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HOVOR ELVIS , MULCHANDANI SHAAN , CARVER MATTHEW
IPC分类号： G06F3/06 , H04L29/06
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining a network path between computer assets. One of the methods includes receiving an asset topology that includes an identifier for each computer-related asset that may be an entry point for an attack simulation, receiving threat data that identifies vulnerabilities of computer-related assets, determining a first computer-related asset that may be an entry point for an attack simulation, identifying one or more first vulnerabilities of the first computer-related asset, determining a path from the first computer-related asset to a second computer-related asset, determining one or more second vulnerabilities of the second computer-related asset, determining a probability that the second computer-related asset will be compromised by an adversary, and determining a change to the asset topology to reduce the probability that the second computer-related asset will be compromised by an adversary. Page 1 of 7 - -1 I D cj, I I~l I I -I

6. 发明专利

CA2938337A1 COMPUTER ASSET VULNERABILITIES 未知
公开(公告)号：CA2938337A1
公开(公告)日：2017-02-13
申请号：CA2938337
申请日：2016-08-09
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HOVOR ELVIS , MULCHANDANI SHAAN , CARVER MATTHEW
IPC分类号： G06F21/57
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for determining a network path between computer assets. One of the methods includes receiving an asset topology that includes an identifier for each computer-related asset that may be an entry point for an attack simulation, receiving threat data that identifies vulnerabilities of computer-related assets, determining a first computer-related asset that may be an entry point for an attack simulation, identifying one or more first vulnerabilities of the first computer-related asset, determining a path from the first computer-related asset to a second computer-related asset, determining one or more second vulnerabilities of the second computer-related asset, determining a probability that the second computer-related asset will be compromised by an adversary, and determining a change to the asset topology to reduce the probability that the second computer-related asset will be compromised by an adversary.

7. 发明专利

AU2017204666A1 EVENT CORRELATION ACROSS HETEROGENEOUS OPERATIONS 未知
公开(公告)号：AU2017204666A1
公开(公告)日：2017-07-27
申请号：AU2017204666
申请日：2017-07-07
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HASSANZADEH AMIN , MODI SHIMON , MULCHANDANI SHAAN , NEGM WALID
IPC分类号： G06F21/00 , G06F11/32 , H04L12/22
摘要： A computer-implemented method when used to detect potential attack paths in two or more network domains, the method being executed by one or more processors and including receiving a data structure that represents communication events, including events identified by one or more sensors, between computing devices of the two or more network domains, wherein the data structure is a directed graph stored in a graph database, analyzing the data structure and determining a set of potential attack paths represented in the data structure, each potential attack path being based on the communication events between computing devices and including a respective sequence of computing devices proceeding from an originating computing device to a destination computing device, wherein the originating computing device and the destination computing device of at least one potential attack path exist on different network domains, assigning a score to each potential attack path in the set of potential attack paths, based on the computing devices included in the potential attack path, communication events between the computing devices, or both, removing potential attack paths from the set of potential attack paths that have scores that do not meet a predetermined threshold, ranking potential attack paths that remain in the set of potential attack paths, based on each score assigned to each potential attack path, determining one or more threat scenarios using the data structure that includes a ranked set of potential attack paths, analyzing the threat scenarios to generate data associated with one or more courses of action relevant to each threat scenario, and implementing one or more courses of action using the generated data, the courses of action including any one or more of closing ports on one or more of the computing devices, blocking communications that originate from particular internet protocol addresses, and shutting down one or more of the computing devices. co w o Co c =I- o (00 U)= U, C.)> C/) co C6 ) co U)) C/)

8. 发明专利

AU2016202191A1 EVENT CORRELATION ACROSS HETEROGENEOUS OPERATIONS 未知
公开(公告)号：AU2016202191A1
公开(公告)日：2016-10-27
申请号：AU2016202191
申请日：2016-04-07
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HASSANZADEH AMIN , MODI SHIMON , MULCHANDANI SHAAN , NEGM WALID
IPC分类号： G06F21/00 , G06F11/32 , H04L12/22
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for transforming representations of network activity data. A data structure that represents communication events between computing devices of one or more networks is received. The data structure is analyzed and a set of potential attack paths represented in the data structure is determined. A score is assigned to each potential attack path in the set of potential attack paths. Potential attack paths that have scores that do not meet a predetermined threshold are removed from the set of potential attack paths. Potential attack paths that remain in the set of potential attack paths are ranked, based on each score assigned to each potential attack path, and the data structure that includes a ranked set of potential attack paths is provided. cc, uJu 0 o (3) (Zc3)Cl cf)~c3 U)C OU ~-CIU CoD co T

9. 发明专利

CA2926579A1 EVENT CORRELATION ACROSS HETEROGENEOUS OPERATIONS 未知
公开(公告)号：CA2926579A1
公开(公告)日：2016-10-09
申请号：CA2926579
申请日：2016-04-08
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HASSANZADEH AMIN , MODI SHIMON , MULCHANDANI SHAAN , NEGM WALID
IPC分类号： H04L12/22 , H04L9/00 , H04L12/24
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for correlating domain activity data. First domain activity data from a first network domain and second domain activity data from a second network domain is received. The first domain activity data and the second domain activity data is filtered to remove irrelevant activity data, based on a first set of profile data for devices in the first network domain and a second set of profile data for devices in the second network domain. Unfiltered first and second domain activity data is aggregated. Aggregated unfiltered first and second domain activity data is correlated to determine an attack path for an attack that occurs across the first network domain and the second network domain, based on attack signatures and profiles associated with previously identified attacks. A visualization of the attack path is generated.

10. 发明专利

AU2016202184B1 EVENT CORRELATION ACROSS HETEROGENEOUS OPERATIONS 未知
公开(公告)号：AU2016202184B1
公开(公告)日：2016-09-15
申请号：AU2016202184
申请日：2016-04-07
申请人： ACCENTURE GLOBAL SERVICES LTD
发明人： HASSANZADEH AMIN , MODI SHIMON , MULCHANDANI SHAAN , NEGM WALID
IPC分类号： G06F13/00
摘要： Methods, systems, and apparatus, including computer programs encoded on computer storage media, for correlating domain activity data. First domain activity data from a first network domain and second domain activity data from a second network domain is received. The first domain activity data and the second domain activity data is filtered to remove irrelevant activity data, based on a first set of profile data for devices in the first network domain and a second set of profile data for devices in the second network domain. Unfiltered first and second domain activity data is aggregated. Aggregated unfiltered first and second domain activity data is correlated to determine an attack path for an attack that occurs across the first network domain and the second network domain, based on attack signatures and profiles associated with previously identified attacks. A visualization of the attack path is generated.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式