Patenton — panteon of patents

(19)

RU

(11)

2 610 395

(13)

C1

(51)

IPC

G06F21/55(2013-01-01)

(21) (22)

Application

2015155443, 2015-12-24

(24)

Start date

2015-12-24

(22)

Actual filing date

2015-12-24

(45)

Published

2017-02-09

(72)

Inventor

Gajnov Artur EvgenevichZavodtsev Ilya Valentinovich

(73)

Holder

Otkrytoe Aktsionernoe Obshchestvo Tekhnologii I Kommunikatsionnye Sistemy"

METHOD OF COMPUTER SECURITY DISTRIBUTED EVENTS INVESTIGATION Russian patent published in 2017 - IPC G06F21/55 

Abstract RU 2610395 C1

FIELD: information technologies.

SUBSTANCE: invention relates to field of information protecting in computer systems. Disclosed is method, in which loading data on system events from all users computers to security server; among these events recording, at least, one system event, caused safety incident; analyzing loaded events by searching among them of such, which similar to events, preceding to already registered safety incident; performing correlation analysis of event data distributed over time and place, using additional rules, including following actions: setting background conditions and analysis depth level; generating initial plurality of rules to perform correlation analysis; performing significant rules selection into active plurality; detecting and eliminating conflicts among selected rules; checking for each of active plurality rule for conformity of actual analysis depth to specified; performing search and application of solution for elimination of consequences and safety incident prevention; generating security incident report.

EFFECT: technical result consists in reduction of number of undetected computer security incidents.

7 cl, 4 dwg, 2 tbl

Similar patents RU2610395C1

Title Year Author Number
SYSTEM AND METHOD FOR AUTOMATIC INVESTIGATION OF SAFETY INCIDENTS 2011
  • Zajtsev Oleg Vladimirovich
 RU2481633C2
METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS 2020
  • Filonov Pavel Vladimirovich
  • Soldatov Sergej Vladimirovich
  • Udimov Daniil Alekseevich
 RU2763115C1
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS 2020
  • Filonov Pavel Vladimirovich
  • Soldatov Sergej Vladimirovich
  • Udimov Daniil Alekseevich
 RU2762528C1
SYSTEM AND METHOD FOR PREDICTING SIGNS OF INFORMATION SECURITY INCIDENTS IN AUTOMATED CONTROL SYSTEMS 2023
  • Kozlov Denis Viktorovich
 RU2815595C1
SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT 2019
  • Lyukshin Ivan Stanislavovich
  • Kiryukhin Andrej Aleksandrovich
  • Lukiyan Dmitrij Sergeevich
  • Filonov Pavel Vladimirovich
 RU2739864C1
METHOD AND SYSTEM FOR MAKING DECISION ON NEED FOR AUTOMATED RESPONSE TO INCIDENT 2020
  • Volkov Dmitry Aleksandrovich
 RU2738334C1
SYSTEM AND METHOD FOR PREVENTION SAFETY INCIDENTS BASED ON USER DANGER RATING 2011
  • Zajtsev Oleg Vladimirovich
  • Boronin Valerij Andreevich
 RU2477929C2
SYSTEM AND METHOD OF RAISING SECURITY LEVEL OF COMPUTER SYSTEM 2011
  • Zajtsev Oleg Vladimirovich
  • Shevchenko Stanislav Borisovich
 RU2460122C1
METHOD OF USING LARGE LANGUAGE MODELS WHEN RESPONDING TO INFORMATION SECURITY INCIDENTS 2023
  • Sergeev Viktor Gennadevich
 RU2825972C1
METHOD AND SYSTEM OF CYBER TRAINING 2022
  • Bogdanov Vladimir Nikolaevich
  • Vikhlyantsev Petr Sergeevich
  • Anisimov Aleksandr Dmitrievich
  • Gerasimov Aleksandr Nikolaevich
  • Shmyrin Evgenij Aleksandrovich
  • Vikhlyantsev Aleksandr Petrovich
  • Serdyukov Nikolaj Nikolaevich
  • Kostyulin Ilya Nikolaevich
 RU2808388C1

RU 2 610 395 C1

Authors

Gajnov Artur Evgenevich

Zavodtsev Ilya Valentinovich

Dates

2017-02-09Published

2015-12-24Filed

download Download PDF read Similar patents