Patenton — panteon of patents

(19)

RU

(11)

2 828 162

(13)

C1

(51)

IPC

G06F21/55(2013-01-01)

(21) (22)

Application

2023128950, 2023-11-08

(24)

Start date

2023-11-08

(22)

Actual filing date

2023-11-08

(45)

Published

2024-10-07

(72)

Inventor

Matveev Lev Lazarevich

(73)

Holder

Obshchestvo S Ogranichennoj Otvetstvennostyu

METHOD FOR FAST FILTERING OF DATA SETS ON COMPUTER INCIDENTS OF INFORMATION SECURITY Russian patent published in 2024 - IPC G06F21/55 

Abstract RU 2828162 C1

FIELD: computer security.

SUBSTANCE: invention relates to methods of fast filtering of data arrays in systems of security information and event management (SIEM) class on information security incidents, and can be used as a function of cross-correlation of information security events. Technical result is achieved by implementing a method for fast filtering of data sets on computer incidents of information security, in which event data are broken down into those which satisfy common rules designed to detect common, uniquely threatening information security situations, and which satisfy cross-correlation rules; event data which satisfy the cross-correlation rules are subjected to field and row filtering, normalization and sorting by time, loaded into the computer RAM and processed by the cross-correlation rule; when the cross-correlation rule is met, an information security incident is detected.

EFFECT: faster method of filtering data sets on computer incidents of information security in SIEM class systems.

1 cl, 1 dwg

Similar patents RU2828162C1

Title Year Author Number
SYSTEM AND METHOD FOR PREDICTING SIGNS OF INFORMATION SECURITY INCIDENTS IN AUTOMATED CONTROL SYSTEMS 2023
  • Kozlov Denis Viktorovich
 RU2815595C1
INFORMATION SECURITY INCIDENT RESPONSE SYSTEM AND METHOD 2023
  • Zaitsev Oleg Vladimirovich
 RU2824732C1
SYSTEM AND METHOD OF CORRELATING EVENTS FOR DETECTING INFORMATION SECURITY INCIDENT 2019
  • Lyukshin Ivan Stanislavovich
  • Kiryukhin Andrej Aleksandrovich
  • Lukiyan Dmitrij Sergeevich
  • Filonov Pavel Vladimirovich
 RU2739864C1
METHOD FOR ADJUSTING THE PARAMETERS OF A MACHINE LEARNING MODEL IN ORDER TO IDENTIFY FALSE TRIGGERING AND INFORMATION SECURITY INCIDENTS 2020
  • Filonov Pavel Vladimirovich
  • Soldatov Sergej Vladimirovich
  • Udimov Daniil Alekseevich
 RU2763115C1
METHOD FOR PROCESSING INFORMATION SECURITY EVENTS PRIOR TO TRANSMISSION FOR ANALYSIS 2020
  • Filonov Pavel Vladimirovich
  • Soldatov Sergej Vladimirovich
  • Udimov Daniil Alekseevich
 RU2762528C1
SYSTEM AND METHOD OF INTERCEPTING FILE STREAMS 2023
  • Matveev Lev Lazarevich
 RU2816551C1
METHOD OF COMPUTER SECURITY DISTRIBUTED EVENTS INVESTIGATION 2015
  • Gajnov Artur Evgenevich
  • Zavodtsev Ilya Valentinovich
 RU2610395C1
METHOD FOR FILTERING EVENTS FOR TRANSMISSION TO REMOTE DEVICE 2022
  • Pintiiskii Vladislav Valerevich
  • Tarakanov Dmitrii Vladimirovich
  • Shulmin Aleksei Sergeevich
  • Ovcharik Vladislav Ivanovich
  • Kuskov Vladimir Anatolevich
 RU2813239C1
METHOD OF COMBINING LARGE LANGUAGE MODEL AND SECURITY AGENT 2023
  • Sergeev Viktor Gennadevich
  • Tushkanov Vladislav Nikolaevich
 RU2825975C1
METHOD OF USING LARGE LANGUAGE MODELS WHEN RESPONDING TO INFORMATION SECURITY INCIDENTS 2023
  • Sergeev Viktor Gennadevich
 RU2825972C1

RU 2 828 162 C1

Authors

Matveev Lev Lazarevich

Dates

2024-10-07Published

2023-11-08Filed

download Download PDF read Similar patents