FIELD: computer security.
SUBSTANCE: invention relates to systems and methods for countering computer security threats, in particular to reporting automatically detected incidents to an operator. The alert manager dynamically generates security alerts as it tests various security scenarios for judgment. Each script executed can contribute a script-specific message, so the resulting composite security alert indicates the actual reasoning used to reach the appropriate conclusion. The described systems and methods are used, among other things, for the analysis of large network flows in corporate networks. In some embodiments, streams are pre-labeled with additional metadata to facilitate malware and / or intrusion detection.
EFFECT: improving the efficiency of detecting computer security incidents by analyzing data related to computer security.
20 cl, 13 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEMS AND METHODS OF DEVICES AUTOMATIC DETECTION | 2017 |
|
RU2742824C2 |
| PARENTAL CONTROL SYSTEMS AND METHODS FOR DETECTING THE DISCLOSURE OF CONFIDENTIAL INFORMATION | 2020 |
|
RU2796490C2 |
| SYSTEMS AND METHODS FOR DETECTING BEHAVIOURAL THREATS | 2019 |
|
RU2803399C2 |
| SYSTEMS AND METHODS OF DYNAMIC INDICATORS AGGREGATION TO DETECT NETWORK FRAUD | 2012 |
|
RU2607229C2 |
| DYNAMIC REPUTATION INDICATOR FOR OPTIMIZATION OF COMPUTER SECURITY OPERATIONS | 2017 |
|
RU2723665C1 |
| SYSTEMS AND METHODS FOR DETECTING BEHAVIOURAL THREATS | 2019 |
|
RU2772549C1 |
| SYSTEMS AND METHODS FOR DETECTING BEHAVIOURAL THREATS | 2019 |
|
RU2778630C1 |
| SYSTEMS AND METHODS FOR USING DNS MESSAGES FOR SELECTIVE COLLECTION OF COMPUTER FORENSIC DATA | 2020 |
|
RU2776349C1 |
| SYSTEMS AND METHODS FOR AUTOMATIC DEVICE DETECTION, DEVICE CONTROL AND REMOTE ASSISTANCE | 2015 |
|
RU2694022C2 |
| COMPUTER SYSTEM AND METHOD FOR DETECTING MALWARE USING MACHINE LEARNING | 2021 |
|
RU2802860C1 |
