Abstract: At least one hit in a large volume of data is found using a graphical search pattern. The graphical search pattern is created afresh or modified by a user using a graphical interface. The user may implement complex searches and use a graphical representation of properties and/or correlations for the search in a directed manner. The method may be used, for example, in data mining, in the monitoring of states, or in automated alerting.

Abstract: At least one hit in a large volume of data is found using a graphical search pattern. The graphical search pattern is created afresh or modified by a user using a graphical interface. The user may implement complex searches and use a graphical representation of properties and/or correlations for the search in a directed manner. The method may be used, for example, in data mining, in the monitoring of states, or in automated alerting.

Abstract: A method for monitoring and controlling, industrial or building automation to detect anomalies in a control network, wherein a technology of an intrusion detection system (IDS) is configured to analyze a time sequence and time intervals of correct messages in the network traffic and to use the messages to train an anomaly detection system. Detecting a time sequence and a rhythm of correct messages allows for the detection of malfunctions or manipulations of devices and attacks that are performed using regular monitoring or control stations that have been taken over by attackers or that are defect, and that cannot be detected using content-based methods or by a considerable increase of data traffic. An additional security barrier is thus provided that can continue monitoring and protecting a technical unit from possible acts of sabotage, even if the control network of the technical unit has already been corrupted.

Abstract: A method for monitoring and controlling, industrial or building automation to detect anomalies in a control network, wherein a technology of an intrusion detection system (IDS) is configured to analyze a time sequence and time intervals of correct messages in the network traffic and to use the messages to train an anomaly detection system. Detecting a time sequence and a rhythm of correct messages allows for the detection of malfunctions or manipulations of devices and attacks that are performed using regular monitoring or control stations that have been taken over by attackers or that are defect, and that cannot be detected using content-based methods or by a considerable increase of data traffic. An additional security barrier is thus provided that can continue monitoring and protecting a technical unit from possible acts of sabotage, even if the control network of the technical unit has already been corrupted.

Abstract: The invention relates to a method for the computer-assisted identification of a class of VoIP calls of a first type (spam) in a communication network (internet). Said communication network has a plurality (N) of first subscribers (Tn1-1, . . . , Tn1-5) and a plurality (M) of second subscribers (Tn2-1, . . . , Tn2-7), the first and the second subscribers being allocated a definite characteristic (IP address, telephone number, e-mail address) wherein, at least some of the first subscribers (Tn1-1, . . . , Tn1-5) are allocated, respectively, with at least one list (white list, black list) which contains at least one definite characteristic of the second subscriber.