Patents
Literature
Hiro is an intelligent assistant for R&D personnel, combined with Patent DNA, to facilitate innovative research.
Hiro

1936 results about "Threat" patented technology

In computer security, a threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm. A threat can be either "intentional" (i.e. hacking: an individual cracker or a criminal organization) or "accidental" (e.g. the possibility of a computer malfunctioning, or the possibility of a natural disaster such as an earthquake, a fire, or a tornado) or otherwise a circumstance, capability, action, or event.

System and method employing structured intelligence to verify and contain threats at endpoints

ActiveUS20140344926A1Limiting the threat's ability to communicateMemory loss protectionError detection/correctionInternet privacySecurity information and event management
A system and method to detect and contain threatening executable code by employing a threat monitor, verifier, endpoint agent, and a security information and event management module.
Owner:FIREEYE SECURITY HLDG US LLC +1

Method and system for evaluating network safety situation

The invention relates to a method for evaluating the security situation of a network and a system thereof. The system has a two-surface three-level framework and is provided with a public service surface and a service management surface for executing uniform coordinated management on each functional module of the system; according to a service logic processing flow, the system is divided into three levels: an acquisition level, an analysis level and an exhibition level for completing four evaluating operations of assets, frangibility, threat and security situation; the invention is based on the characteristic of service operation in the network, combines the prior risk evaluation method, the prior flow and the prior security detection tool and provides a set of a novel dynamic real-time evaluation method. The system can analyze the assets and service of the network and the risk of the whole network and carries out the evaluation of the security situation. The system can provide the security state of the whole network in macroscopy, can deepen to specific service and assets and know the specific security problem, thereby effectively helping network security personnel to analyze the root of the security problem and assisting to provide a security solution proposal and implement a defense measure.
Owner:BEIJING UNIV OF POSTS & TELECOMM

Exploit detection system with threat-aware microvisor

An exploit detection system deploys a threat-aware microvisor to facilitate real-time security analysis, including exploit detection and threat intelligence, of an operating system process executing on a node of a network environment. The microvisor may be organized as a main protection domain representative of the operating system process. In response to the process attempting to access a kernel resource for which it does not have permission, a capability violation may be generated at the main protection domain of the microvisor and a micro-virtual machine (VM) may be spawned as a container configured to encapsulate the process. The main protection domain may then be cloned to create a cloned protection domain that is representative of the process and that is bound to the spawned micro-VM. Capabilities of the cloned protection domain may be configured to be more restricted than the capabilities of the main protection domain with respect to access to the kernel resource. The restricted capabilities may be configured to generate more capability violations than those generated by the capabilities of the main protection domain and, in turn, enable further monitoring of the process as it attempts to access the kernel resource.
Owner:FIREEYE SECURITY HLDG US LLC

Smart and secure container

A smart container configured for transporting cargo on a transportation vehicle and a method for transporting the smart container on the transportation vehicle are disclosed. The smart container includes a container housing that has an opening for loading and unloading cargo. The opening can be sealed and unsealed. Disposed within the container housing is at least one detector for detecting deviations that could be indicative of possible threats (security concerns). A communications link is also disposed within the container housing. The communications link is capable of transmitting the possible threat information to a central cargo data collection location. For example, the container(s) on a transportation vehicle (e.g., a ship) transport information about the container to a central data collector onboard the ship. The central data collector may then transmit that information off of the ship, e.g., to a C4ISR grid.
Owner:NORTHROP GRUMMAN SYST CORP

Mimicry defense architecture based zero-day attack detection, analysis and response system and method thereof

The invention relates to a mimicry defense architecture based zero-day attack detection, analysis and response system and a method thereof. The method comprises the steps of performing attack detection and processing on the input, cheating and inducing an attacker through honeypot type executing bodies, and performing meta-function inspection on the output of each executing body; performing statistical analysis on abnormal output by combining abnormal information, updating a zero-day attack database, feeding back an analysis result to an intrusion response module, and preventing persistent attacks of the attacker; performing dynamic adjustment and management on an online executing body by combining voting conditions, executing body dispatching, the executing body with abnormal output and the like, and selecting executing bodies from an executing body resource pool to get into a dynamic online executing body set; and analyzing a zero-day vulnerability in the executing body with abnormal output according to an anomaly statistical analysis result, and repairing the related executing bodies in the executing body pool. According to the invention, functions and the flexibility of mimicry defense architecture are enhanced, values of the abnormal output are sufficiently utilized, and the threat and the defense cost of zero-day attacks are reduced.
Owner:THE PLA INFORMATION ENG UNIV

Method for web application layer attack detection and defense based on behavior characteristic matching and analysis

A method for web application layer attack detection and defense based on behavior characteristic matching and analysis includes presetting a defense rule base, the defense rule base including a plurality of defense rules; acquiring a record that access request data matches the defense rule base in a web application protection system and taking the record as sample data; learning the sample data to establish an analysis model; establishing a user reputation database and setting a blacklist module in the user reputation database; learning the user's access behavior through the analysis model and updating and correcting the defense rules in the defense rule base; establishing an exception defense rule base; and setting a defense method and intercepting the user's access behavior according to the defense method. By intelligently learning the user's behavior, threat behavior can be identified and intercepted quickly to ensure the security of the web server.
Owner:MOLBASE SHANGHAI BIOTECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products