30 results about "Incident analysis" patented technology

Solutions for responding to security-related incidents in a computer network, including a security server, and a client-side arrangement. The security server includes an event collection module communicatively coupled to the computer network, an event analysis module operatively coupled to the event collection module, and a solution module operatively coupled to the event analysis module. The event collection module is configured to obtain incident-related information that includes event-level information from at least one client computer of the plurality of client computers, the incident-related information being associated with at least a first incident which was detected by that at least one client computer and provided to the event collection module in response to that detection. The event analysis module is configured to reconstruct at least one chain of events causally related to the first incident and indicative of a root cause of the first incident based on the incident-related information. The solution module is configured to formulate at least one recommendation for use by the at least one client computer, the at least one recommendation being based on the at least one chain of events, and including corrective / preventive action particularized for responding to the first incident.

Methods, systems, and computer program products for administering event pools for relevant event analysis are provided. Embodiments include assigning, by an incident analyzer, a plurality of events to an events pool; determining, by the incident analyzer, an event suppression duration; determining, by the incident analyzer in dependence upon event analysis rules, to suppress events having particular attributes indicating the events occurred during the event suppression duration; and suppressing, by the incident analyzer, each event assigned to the events pool having the particular attributes indicating the events occurred during the event suppression duration.

A system and method for collecting and analyzing electronic discussion messages to categorize the message communications and the identify trends and patterns in pre-determined markets. The system comprises an electronic data discussion system wherein electronic messages are collected and analyzed according to characteristics and data inherent in the messages. Objective data is collected by the system for use in analyzing the electronic discussion data against real-world events to facilitate trend analysis and event forecasting based on the volume, nature and content of messages posted to electronic discussion forums. The message posting activity of a plurality of posters can be tracked to determine the tendency of individual posters to initiate or moderate discussions, accurately predict events external to the discussion forums, accelerate or decelerate a buzz level in a forum, or precede a rising market or a falling market.

The embodiment of the invention provides a traffic accident processing method, a system and a server. As the embodiment of the invention receives the traffic accident scene information, obtaining thespecified incident analysis model, accident analysis model based on assignment, according to the traffic accident scene information, generating traffic accident liability identification information, Ability to use a specified incident analysis model, there is no need for traffic policemen and insurance personnel to go to the scene to investigate, no traffic accident personnel are required to waitat the scene, on the one hand, it saves manpower cost, so that the accident processing time is reduced, so that the accident processing speed is improved, on the other hand, the waiting time of the traffic accident personnel is greatly reduced, so that the traffic accident personnel without serious hindrance can leave the accident scene quickly, traffic congestion is avoided or the congestion timeis shortened, and the problem of high human cost and more time-consuming of the traffic accident processing flow in the prior art is solved to a certain extent.

Methods, apparatuses, and computer program products for administering checkpoints for incident analysis are provided. Embodiments include a checkpoint manager receiving from each incident analyzer of a plurality of incident analyzers, a checkpoint indicating an incident having the oldest identification number still in analysis by the incident analyzer at the time associated with the checkpoint. The checkpoint manager examines each received checkpoint to identify, as a restore incident, an incident having the oldest identification number indicated in any of the received checkpoints. A monitor sends to the incident analyzers, a stream of incidents beginning with the identified restore incident and continuing with any incidents having a newer identification number than the identified restore incident. Each incident analyzer processes from the stream of incidents only the incident indicated in the last checkpoint of the incident analyzer and any subsequent incidents having a newer identification number than the indicated incident.

Methods, apparatuses, and computer program products for administering incident pools for incident analysis in a distributed processing system are provided. Embodiments include an incident analyzer receiving a plurality of incidents from an incident queue. The incident analyzer also assigns each received incident to an incident pool having a predetermined initial period of time. The predetermined initial period of time is the time within which the incident pool is open to the assignment of incidents. The incident analyzer calculates an arrival rate that incidents are assigned to the incident pool. The incident analyzer also extends based on the arrival rate, for each incident assigned to the incident pool, the predetermined initial period of time by a particular period of time.

The invention discloses an analysis system for identification of fault hazard sources of an air defense missile weapon system. The analysis system is placed in an analysis server and includes: a safety data storage and management module, which is used to analyze safety with a product tree node as the center The input and output data are managed and controlled; the initial cause event analysis module is used to obtain reference information from the safety data storage and management module, and clarify all propagation paths from the cause of the accident to the impact; the cause of the accident includes different analysis Fault coupling of related equipment of the system; accident scene analysis module, which is used to realize the modeling and analysis of the temporal causal relationship of faults affecting functions on the basis of the analysis results of primary causes; analysis result viewing module, which provides a tree guide map of analysis results . The invention can solve the technical problem that the traditional analysis method is difficult to analyze complex equipment dangerous events and must rely on engineering experience.

A method, computer program product, and computer system for prioritization of data collection and analysis for incident detection. Data points within a plurality of monitor data corresponding to effects of incidents may be identified by a computing device. The plurality of monitor data may be converted to a set of time series extracted from the plurality of monitor data. The set of time series may be aligned and summarized. A causal relationship graph may be constructed between the set of time series extracted from the plurality of monitor data. Features may be prioritized by likelihood of importance in incident analysis based upon, at least in part, the causal relationship graph.

Methods, apparatuses, and computer program products for selecting during a system shutdown procedure, a restart incident checkpoint of an incident analyzer in a distributed processing system. Embodiments include the incident analyzer determining whether at least one incident is in a queue. If at least one incident is in the queue, the incident analyzer selects as the restart incident checkpoint, a last incident completed checkpoint. If at least one incident is not in the queue, the incident analyzer determines whether the last incident completed checkpoint matches a last incident analysis pool selection checkpoint. If the last incident completed checkpoint matches a last incident analysis pool selection checkpoint, the incident analyzer selects as the restart incident checkpoint, a monitor checkpoint. If the last incident completed checkpoint does not match the last incident analysis pool selection checkpoint, the incident analyzer selects as the restart incident checkpoint, the last incident completed checkpoint.

The invention discloses a power grid accident event analysis method based on artificial intelligence. The method comprises the following steps: collecting a data sample during historical operation of a power grid and extracting operation data of the power grid when an accident occurs; forming mapping based on the operation data and corresponding accidents, performing hierarchical storage, and forming an operation accident database; analyzing the accident data by using an artificial intelligence algorithm and operating data in the accident database to obtain a characteristic value of each accident data; and when the similarity between the characteristic value of the real-time operation data and the characteristic value of the accident data is lower than a preset threshold value, performing early warning through the terminal and obtaining a corresponding accident event according to mapping. Through intelligent analysis of power grid accidents, the efficiency and coordination of power grid dispatching work are improved, and promotion of an intelligent power grid is facilitated.

A method and device for analyzing nuclear power plant operating events, relating to the field of nuclear power plant safety technology, wherein the method includes step 1, investigating the operating event, forming an operating event report and uploading it to the experience feedback system of the National Nuclear Safety Administration; step 2 1. The analysis module conducts qualitative analysis on the operation event and identifies the root cause of the operation event; step three, imports the root cause quantitative data obtained in step two into the quantitative calculation module built based on the Bayesian network model, quantitative calculation and Update the occurrence frequency of such operational events in real time; step 4, determine the experience of preventing and reducing the occurrence of such operational events based on the calculation results obtained in step 3, and feed back the obtained experience to the operating organizations of nuclear power plants. The invention comprehensively uses a qualitative analysis program and a quantitative calculation tool to analyze the operation event of the nuclear power plant, improves the analysis efficiency and accuracy of the operation event of the nuclear power plant, and is beneficial to reduce the occurrence probability of the operation event.