Abstract: A method for generating a network-level attack graph is described. A first computing device in a network generates a first attack graph and transmits the first attack graph to a central computing device in the network. A second computing device in the network generates a second attack graph, wherein the second computing device is different than the first computing device, and transmits the second attack graph to the central computing device. The central computing device generates, based on the first attack graph and the second attack graph, a network-level attack graph by merging the first attack graph, the second attack graph, and an attack graph stencil of cross-device vulnerability interactions.
Abstract: A method and apparatus can be configured to receive, by a first network intrusion detection system, packet data that is transmitted in network traffic. The method can also include processing the received packet data, using feature hashing, into a hashed representation. The hashed representation approximates the expressiveness of a high-dimensional representation of the received packet data. The hashed representation can be stored using less memory compared to the high-dimensional representation. The method can also include classifying the hashed representation as either corresponding to a threat signature or as not corresponding to a threat signature.
Abstract: A system that collects data from monitored network traffic. The system inputs, in parallel, the data through inputs of a neural network. The system compares an output of the neural network, generated in response to the inputted data, to at least one predetermined output. If the output of the neural network corresponds to the at least one predetermined output, the system provides a notification relating to the data.
Abstract: A method and apparatus can be configured to perform the steps of displaying, on a display, a first visual representation of volume in three-dimensional space. The method can also display, on the display, a visual representation of a network security alert. The network security alert can correspond to a notification of a network attack, a network intrusion, or an unwanted activity. The representation of the network security alert can be positioned within the first visual representation of volume. The position of the representation of the network security alert within the first visual representation of volume reflects at least one characteristic of the network security alert.
Type:
Grant
Filed:
July 2, 2013
Date of Patent:
September 22, 2015
Assignee:
ICF INTERNATIONAL
Inventors:
Lee C. Trossbach, Jr., Robinson E. Pino
Abstract: Disclosed is an aerial surveying system for collecting electromagnetic spectrum data. Spectrally tuned antennas are used on an airplane to prefilter the data in accordance with spectral frequency bands. The data is sequentially sampled using an antenna switching device, band pass filtered and downconverted to an intermediate frequency. High speed vector signal analyzers and digitizers create frequency spectral data and I and Q temporal data. The collected data is recorded and compressed using any desirable compression technique, including video compression. Data analyzers analyze the data and display the data on a GIS map.
Abstract: A system that collects data from monitored network traffic. The system inputs, in parallel, the data through inputs of a neural network. The system compares an output of the neural network, generated in response to the inputted data, to at least one predetermined output. If the output of the neural network corresponds to the at least one predetermined output, the system provides a notification relating to the data.