Patent
Providing semantic connectivity between a java application server and enterprise threat detection system using a J2EE data
Thanh-Phong Lam,Jens Baumgart,Florian Kraemer,Volker Guzman,Anne Jacobi,Kathrin Nos,Jona Hassforther,Omar-Alexander Al-Hujaj,Stefan Rossmanith,Thorsten Menke +9 more
- 15 Dec 2016
13
TL;DR: In this paper, a log processing job executing on a log producing computing system is initiated for processing log data associated with the log-processing computing system and a recovery point is stored with a recovery timestamp indicating a next log entry in the log data to process.
read more
Abstract: A log processing job executing on a log producing computing system is initiated for processing log data associated with the log producing computing system. Log entries are determined to be available for processing. At least one instance of a Log Extractor Factory, Reader, and Transformation component are instantiated for reading and transforming the log data. Read log data is transformed into a common semantic format as transformed log data and transmitted in real-time to a Streaming Component for storage in an Enterprise Threat Detection (ETD) System. A recovery point is stored with a recovery timestamp indicating a next log entry in the log data to process.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Snapshot of a forensic investigation for enterprise threat detection
Florian Chrosziel,Jona Hassforther,Thomas Kunz,Harish Mehta,Rita Merkel,Kathrin Nos,Wei-Guo Peng,Eugen Pritzkau,Marco Rodeck,Hartwig Seifert,Nan Zhang,Thorsten Menke,Hristina Dinkova,Lin Luo +13 more
- 23 Sep 2016
TL;DR: An enterprise threat detection (ETD) forensic workspace is established according to a particular timeframe and permitting defining a selection of data types from available log data for an evaluation of events associated with one or more entities as discussed by the authors.
13
Patent
Distributing cloud-computing platform content to enterprise threat detection systems
Thanh-Phong Lam,Jens Baumgart,Florian Kraemer,Volker Guzman,Anne Jacobi,Kathrin Nos,Jona Hassforther,Omar-Alexander Al-Hujaj,Stefan Rossmanith,Thorsten Menke +9 more
- 19 Dec 2016
TL;DR: In this article, a Content Service executing in a cloud-computing-based Cloud Platform receives enterprise threat detection (ETD) Content transmitted from an ETD Content Development System (CDS) as a publication of the content from the ETD CDS.
13
Patent
Alerts based on entities in security information and event management products
Kathrin Nos
- 06 Dec 2016
TL;DR: In this article, an enterprise threat detection (ETD) pattern is executed against received log event data from one or more computing systems using the ETD pattern, an event threshold is determined to have been exceeded.
13
Patent
Visualization of data distributed in multiple dimensions
Wei-Guo Peng,Eugen Pritzkau,Lin Luo,Hartwig Seifert,Marco Rodeck,Thomas Kunz,Harish Mehta,Florian Chrosziel,Rita Merkel,Jona Hassforther,Thorsten Menke,Nan Zhang,Kathrin Nos,Hristina Dinkova +13 more
- 24 Aug 2016
TL;DR: In this paper, a path associated with a set of selected log data is defined, and an indication is received on a graphical user interface (GUI) to generate a bubblegram associated with the path.
12
Patent
Using frequency analysis in enterprise threat detection to detect intrusions in a computer system
Kathrin Nos,Volker Guzman,Marvin Klose +2 more
- 15 Dec 2016
TL;DR: In this paper, the authors describe methods, systems, and computer program products for performing a frequency domain analysis of activity data for a computer system, where the time domain activity data comprise activity records associated with the computer system in a time domain.
12
References
Patent
Log collection, structuring and processing
Phillip Villella,Chris Petersen +1 more
- 13 Nov 2006
TL;DR: In this article, a log manager collects such log data using various protocols (e.g., Syslog, SNMP, SMTP, etc.) to determine events and transfer the events to an event manager.
559
Patent
Active network defense system and method
Craig Cantrell,Marc Willebeek-LeMair,Dennis Cox,John F. McHale,Brian Smith,Donovan Kolbly +5 more
- 07 Nov 2003
TL;DR: In this paper, an active network defense system is provided that is operable to monitor and block traffic in automated fashion, which is placed in-line with respect to the packet traffic data flow as a part of the network infrastructure.
484
Patent
Method and apparatus for estimating a geographic location of a networked entity
Mark Anderson,Ajay Bansal,Brad Doctor,George Hadjiyiannis,Christopher Herringshaw,Eli E. Karplus,Derald Muniz +6 more
- 03 Apr 2001
TL;DR: In this article, a method and an apparatus operates to associate a geographic location associated with a network address, where the retrieved information is processed to identify a plurality of geographic locations potentially associated with the network address.
422
Patent
Real time monitoring and analysis of events from multiple network security devices
Hugh S. Njemanze,Pravin S. Kothari +1 more
- 02 Dec 2002
TL;DR: In this paper, security events generated by a number of network devices are gathered and normalized to produce normalized security events in a common schema, which are cross-correlated according to rules to generate meta-events.
375
Patent
Dynamic risk management
Pradeep Bahl
- 06 Feb 2007
TL;DR: In this paper, a dynamic risk management system for operating systems that provides monitoring, detection, assessment, and follow-up action to reduce the risk whenever it rises is presented, which enables an operating system to protect itself automatically in dynamic environments.
374
Related Papers (5)
Yaniv Karta,Itzhak Avraham +1 more
- 13 May 2013
Sergei Shevchenko
- 15 Nov 2006
Tsvetomir Iliev Tsvetanov
- 14 Aug 2007