Systems and methods for capturing, replaying, or analyzing time-series data

a time-series data and time-series technology, applied in the field of data processing, can solve the problems of increasing the difficulty of detection systems assessing network traffic, increasing the difficulty of detecting malicious activity carried on networks, and increasing the difficulty of determining whether a particular portion of data conveyed will cause harm,

Inactive Publication Date: 2014-04-10
VECTRA NETWORKS
View PDF6 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In recent years, it has become increasingly difficult to detect malicious activity carried on networks.
The volume of traffic moving through a given node on modern networks is substantially larger than even in the recent past, making it more difficult to assess whether any particular portion of the data conveyed will cause harm.
Many existing intrusion detection systems fail to assess network traffic at the rates supported by modern networking equipment and at desired levels of accuracy and are, thus, vulnerable to being overwhelmed, for example, with a denial of service attack.
Similar problems are present in other fields in which data is captured, replayed, or analyzed at relatively high rates.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Systems and methods for capturing, replaying, or analyzing time-series data
  • Systems and methods for capturing, replaying, or analyzing time-series data
  • Systems and methods for capturing, replaying, or analyzing time-series data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023]FIGS. 1-8 describe systems and processes for capturing, replaying, or analyzing time-series data (e.g., network data passing through a network node over time) at a relatively high rate (for example, 10 gigabit (Gb) per second or faster), using relatively inexpensive, off-the-shelf commodity computing components. These techniques may be combined in a single system, e.g., an intrusion detection system, having different modes of operation for capture, replay, and analysis. But, it should be noted that these techniques may be used separately in different systems and applications, e.g., for data capture or replay in contexts other than detecting intrusions in network traffic.

[0024]The techniques described herein are broadly applicable. In some use cases, the techniques may be used to capture, replay, or analyze various types of data other than network traffic between other computers, for example internal or externally originated application program interface (“API”) calls, such as ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Provided is an intrusion detection system configured to detect anomalies indicative of a zero-day attack by statistically analyzing substantially all traffic on a network in real-time. The intrusion detection system, in some aspects, includes a network interface; one or more processors communicatively coupled to the network interface; system memory communicatively coupled to the processors. The system memory, in some aspects, stores instructions that when executed by the processors cause the processors to perform steps including: buffering network data from the network interface in the system memory; retrieving the network data buffered in the system memory; applying each of a plurality of statistical or machine-learning intrusion-detection models to the retrieved network data; aggregating intrusion-likelihood scores from each of the intrusion-detection models in an aggregate score, and upon the aggregate score exceeding a threshold, outputting an alert.

Description

BACKGROUND[0001]1. Field of the Invention[0002]The present disclosure relates generally to data processing and, more specifically, to capturing, replaying, and analyzing time-series data.[0003]2. Description of the Related Art[0004]In recent years, it has become increasingly difficult to detect malicious activity carried on networks. The volume of traffic moving through a given node on modern networks is substantially larger than even in the recent past, making it more difficult to assess whether any particular portion of the data conveyed will cause harm. Further, the sophistication of attacks has increased substantially, as entities with greater resources, such as organized crime and state actors, have directed resources towards developing new modes of attack. Many existing intrusion detection systems fail to assess network traffic at the rates supported by modern networking equipment and at desired levels of accuracy and are, thus, vulnerable to being overwhelmed, for example, wi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L29/06
CPCH04L63/1425G06F3/0619G06F3/0656G06F3/0689H04L63/1458
Inventor HARLACHER, JAMESABENE, MARK
Owner VECTRA NETWORKS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap