skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Using new edges for anomaly detection in computer networks

Patent ·
OSTI ID:1368182

Creation of new edges in a network may be used as an indication of a potential attack on the network. Historical data of a frequency with which nodes in a network create and receive new edges may be analyzed. Baseline models of behavior among the edges in the network may be established based on the analysis of the historical data. A new edge that deviates from a respective baseline model by more than a predetermined threshold during a time window may be detected. The new edge may be flagged as potentially anomalous when the deviation from the respective baseline model is detected. Probabilities for both new and existing edges may be obtained for all edges in a path or other subgraph. The probabilities may then be combined to obtain a score for the path or other subgraph. A threshold may be obtained by calculating an empirical distribution of the scores under historical conditions.

Research Organization:
Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
Sponsoring Organization:
USDOE
DOE Contract Number:
AC52-06NA25396
Assignee:
Los Alamos National Security, LLC
Patent Number(s):
9,699,206
Application Number:
14/609,836
OSTI ID:
1368182
Resource Relation:
Patent File Date: 2015 Jan 30
Country of Publication:
United States
Language:
English

References (48)

Features generation for use in computer network intrusion detection patent December 2003
Anomaly detection patent March 2008
Intrusion detection system patent October 2009
Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data patent November 2009
Attack graph aggregation patent December 2009
Distributed network management patent December 2011
System and method for credit scoring using an identity network connectivity patent February 2013
Method and system for content distribution network security patent March 2013
Using social graphs to combat malicious attacks patent April 2013
Adaptive behavioral intrusion detection systems and methods patent May 2013
Wireless network edge guardian patent November 2013
Peer-to-peer (P2P) botnet tracking at backbone level patent January 2014
System and method for exposing malicious sources using mobile IP messages patent February 2014
Machine learning based botnet detection using real-time connectivity graph based traffic features patent June 2014
Proactive on-line diagnostics in a manageable network patent-application February 2002
Method and apparatus for verifying the integrity and security of computer networks and implementing counter measures patent-application November 2002
Flow-based detection of network intrusions patent-application June 2003
Detect and qualify relationships between people and find the best path through the resulting social network patent-application June 2004
Network security monitoring system patent-application July 2004
Adaptive behavioral intrusion detection systems and methods patent-application February 2005
Database user behavior monitor system and method patent-application September 2005
Method and system for analyzing multidimensional data patent-application March 2006
Systems and methods for testing and evaluating an intrusion detection system patent-application November 2006
Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data patent-application September 2007
Tactical And Strategic Attack Detection And Prediction patent-application September 2007
Method of Detecting Anomalous Behaviour in a Computer Network patent-application October 2007
Traffic Control System And Management Server patent-application April 2008
Data Partitioning and Critical Section Reduction for Bayesian Network Structure Learning patent-application November 2008
Methods and Systems for Determining Entropy Metrics for Networks patent-application January 2009
Source Detection Device For Detecting A Source Of Sending A Virus And/Or A Dns Attack Linked To An Application, Method Thereof, And Program Thereof patent-application December 2009
Systems And Methods For A Simulated Network Attack Generator patent-application December 2009
Intrusion Event Correlation System patent-application July 2010
Method And Apparatus For Network Anomaly Detection patent-application November 2010
Apparatuses And Methods For Detecting Anomalous Event In Network patent-application June 2011
Device and Method for Detecting and Diagnosing Correlated Network Anomalies patent-application June 2011
Generating A Multiple-Prerequisite Attack Graph September 2011
Applying Antimalware Logic without Revealing the Antimalware Logic to Adversaries patent-application December 2012
Systems and Methods for Virtualized Malware Detection patent-application May 2013
Method And Apparatus For Machine To Machine Network Security Monitoring In A Communications Network patent-application May 2013
Predicting Attacks Based On Probabilistic Game-Theory patent-application November 2013
System and Method for Assessing Whether a Communication Contains an Attack patent-application February 2014
Method For Detecting Anomaly Action Within A Computer Network patent-application June 2014
A survey of coordinated attacks and collaborative intrusion detection journal February 2010
Alert correlation in a cooperative intrusion detection framework conference January 2002
Recent Advances in Intrusion Detection book January 2001
Adaptive ROC-based ensembles of HMMs applied to anomaly detection journal January 2012
Scan Statistics for the Online Detection of Locally Anomalous Subgraphs journal August 2013
Two-tier data-driven intrusion detection for automatic generation control in smart grid conference December 2014

Similar Records

Using new edges for anomaly detection in computer networks
Patent · Tue May 19 00:00:00 EDT 2015 · OSTI ID:1368182
Using new edges for anomaly detection in computer networks
Patent · Tue Jul 03 00:00:00 EDT 2018 · OSTI ID:1368182
Using new edges for anomaly detection in computer networks
Patent · Tue Jul 28 00:00:00 EDT 2020 · OSTI ID:1368182

Related Subjects

97 MATHEMATICS AND COMPUTING