Patenton — panteon of patents

(19)

RU

(11)

2 634 209

(13)

C1

(51)

IPC

G06F21/55(2013-01-01)

(21) (22)

Application

2016137336, 2016-09-19

(24)

Start date

2016-09-19

(22)

Actual filing date

2016-09-19

(45)

Published

2017-10-24

(72)

Inventor

Kislitsin Nikita Igorevich

(73)

Holder

Obshchestvo S Ogranichennoj Otvetstvennostyu Ajbi Tds"

SYSTEM AND METHOD OF AUTOGENERATION OF DECISION RULES FOR INTRUSION DETECTION SYSTEMS WITH FEEDBACK Russian patent published in 2017 - IPC G06F21/55 

Abstract RU 2634209 C1

FIELD: information technology.

SUBSTANCE: method includes the following steps: receiving at least one event from the event database generated by data received from at least one sensor; analyzing at least one received event for the class of interaction with the malware control centres; extracting from at least one of the above-mentioned events of the class of interaction with the malware control centres at least one feature used to form the decision rules; form decision rules using at least one of the above-mentioned extracted feature; storing the formed decision rules and providing an opportunity to receive an update of the decision rules for at least one sensor; sensors cyclically check the availability of updates in the central node and, if updates are available, receive them for use, and if updates are received, a trigger is activated in the sensors that restarts the decision rules.

EFFECT: increase in the effectiveness of detecting computer attacks.

8 cl, 3 dwg

Similar patents RU2634209C1

Title Year Author Number
METHOD AND SYSTEM FOR DETECTING THE INFRASTRUCTURE OF A MALICIOUS SOFTWARE OR A CYBERCRIMINAL 2020
  • Volkov Dmitrij Aleksandrovich
  • Mileshin Filipp Alekseevich
 RU2722693C1
SYSTEM AND METHOD FOR OUTSIDE CONTROL OF THE CYBERATTACK SURFACE 2021
  • Bobak Tim Dzhon Oskar
  • Volkov Dmitrij Aleksandrovich
 RU2778635C1
METHOD OF ANALYSING AND DETECTING MALICIOUS INTERMEDIATE NODES IN NETWORK 2012
  • Golovanov Sergej Jur'Evich
 RU2495486C1
COMPUTING APPARATUS AND METHOD FOR IDENTIFYING COMPROMISED APPARATUSES BASED ON DNS TUNNELLING DETECTION 2021
  • Afonin Anton Viktorovich
 RU2777348C1
SYSTEM AND METHOD FOR AUTOMATIC ASSESSMENT OF QUALITY OF NETWORK TRAFFIC SIGNATURES 2021
  • Chemyakin Anton Vladimirovich
 RU2781822C1
SYSTEMS AND METHODS FOR USING DNS MESSAGES FOR SELECTIVE COLLECTION OF COMPUTER FORENSIC DATA 2020
  • Mircescu Daniel-Alexandru
 RU2776349C1
SYSTEM AND METHOD FOR ANALYSING INCOMING TRAFFIC FLOW 2023
  • Chereshnev Vladimir Sergeevich
  • Samokhvalov Viktor Evgenevich
  • Puts Aleksej Yurevich
  • Penikov Pavel Viktorovich
  • Sadovnikov Vladimir Vladimirovich
  • Vaskov Egor Ruslanovich
 RU2812087C1
SYSTEM AND METHOD OF REDUCING FALSE RESPONSES WHEN DETECTING NETWORK ATTACK 2011
  • Gudov Nikolaj Vladimirovich
  • Levashov Dmitrij Anatol'Evich
 RU2480937C2
SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT 2019
  • Lyukshin Ivan Stanislavovich
  • Kiryukhin Andrej Aleksandrovich
  • Lukiyan Dmitrij Sergeevich
  • Filonov Pavel Vladimirovich
 RU2739864C1
METHOD FOR PROTECTING COMPUTER NETWORK AGAINST INTRUSION 2021
  • Chajkovskij Sergej Stanislavovich
 RU2758997C1

RU 2 634 209 C1

Authors

Kislitsin Nikita Igorevich

Dates

2017-10-24Published

2016-09-19Filed

download Download PDF read Similar patents