Patents by Inventor Kathrin Nos

Kathrin Nos has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • ANALYSIS OF COMPLEX RELATIONSHIPS AMONG INFORMATION TECHNOLOGY SECURITY-RELEVANT ENTITIES USING A NETWORK GRAPH
    Publication number: 20190190927
    Abstract: A filter is selected from one or more filters defined for an ETD Network Graph. Events are fetched from the selected log files based on the selected filter and entities identified based on the fetched Events. Relationships are determined between the identified entities, and the determined relationships and identified entities are displayed in the ETD Network Graph. An identified entity is selected to filter data in an ETD Event Series Chart. An Event is selected in the ETD Event Series Chart to display Event Attributes in an Event Attribute Dialog. An Event Attribute is selected in the Event Attribute Dialog to filter Events in the ETD Event Series Chart.
    Type: Application
    Filed: December 19, 2017
    Publication date: June 20, 2019
    Inventors: Wei-Guo Peng, Lin Luo, Eugen Pritzkau, Hartwig Seifert, Harish Mehta, Nan Zhang, Thorsten Menke, Jona Hassforther, Rita Merkel, Florian Chrosziel, Kathrin Nos, Marco Rodeck, Thomas Kunz
  • USING FREQUENCY ANALYSIS IN ENTERPRISE THREAT DETECTION TO DETECT INTRUSIONS IN A COMPUTER SYSTEM
    Publication number: 20180176238
    Abstract: The present disclosure describes methods, systems, and computer program products for performing a frequency domain analysis of activity data for a computer system. One computer-implemented method receiving time domain activity data for a computer system, wherein the time domain activity data comprise activity records associated with the computer system in a time domain; computing, by a hardware processor, frequency domain activity data based on the time domain activity data; and displaying the frequency domain activity data.
    Type: Application
    Filed: December 15, 2016
    Publication date: June 21, 2018
    Inventors: Kathrin Nos, Volker Guzman, Marvin Klose
  • PROVIDING SEMANTIC CONNECTIVITY BETWEEN A JAVA APPLICATION SERVER AND ENTERPRISE THREAT DETECTION SYSTEM USING A J2EE DATA
    Publication number: 20180173872
    Abstract: A log processing job executing on a log producing computing system is initiated for processing log data associated with the log producing computing system. Log entries are determined to be available for processing. At least one instance of a Log Extractor Factory, Reader, and Transformation component are instantiated for reading and transforming the log data. Read log data is transformed into a common semantic format as transformed log data and transmitted in real-time to a Streaming Component for storage in an Enterprise Threat Detection (ETD) System. A recovery point is stored with a recovery timestamp indicating a next log entry in the log data to process.
    Type: Application
    Filed: December 15, 2016
    Publication date: June 21, 2018
    Inventors: Thanh-Phong Lam, Jens Baumgart, Florian Kraemer, Volker Guzman, Anne Jacobi, Kathrin Nos, Jona Hassforther, Omar-Alexander Al-Hujaj, Stefan Rossmanith, Thorsten Menke
  • ANOMALY DETECTION IN ENTERPRISE THREAT DETECTION
    Publication number: 20180173873
    Abstract: A selection of data types is defined from available log data for an evaluation of events associated with an entity. One or more evaluations associated with the entity are defined and reference data is generated from the selection of data types based on the one or more defined evaluations. The one or more evaluations are grouped into a pattern. A three dimensional (3D) score diversity diagram visualization is initialized for display in a graphical user interface, where a point representing the entity in the visualization is localized in 3D space at a coordinate based on two-dimensional (2D) coordinates in a 2D coordinate system of a centroid of the calculated area of a polygon placed to into the 2D coordinate system and defined by the values of each evaluation associated with the entity.
    Type: Application
    Filed: December 16, 2016
    Publication date: June 21, 2018
    Inventors: Jona Hassforther, Jens Baumgart, Thorsten Menke, Volker Guzman, Florian Kraemer, Anne Jacobi, Thanh-Phong Lam, Omar-Alexander Al-Hujaj, Kathrin Nos
  • DISTRIBUTING CLOUD-COMPUTING PLATFORM CONTENT TO ENTERPRISE THREAT DETECTION SYSTEMS
    Publication number: 20180176235
    Abstract: A Content Service executing in a cloud-computing-based Cloud Platform receives enterprise threat detection (ETD) Content transmitted from an ETD Content Development System (CDS) as a publication of the ETD Content from the ETD CDS. The received ETD Content is stored into a Content Management System (CMS). A determination is made of a registered Client ETD System for which the ETD Content is relevant. The ETD Content is published to the registered Client ETD System.
    Type: Application
    Filed: December 19, 2016
    Publication date: June 21, 2018
    Inventors: Thanh-Phong LAM, Jens Baumgart, Florian Kraemer, Volker Guzman, Anne Jacobi, Kathrin Nos, Jona Hassforther, Omar-Alexander Al-Hujaj, Stefan Rossmanith, Thorsten Menke
  • ALERTS BASED ON ENTITIES IN SECURITY INFORMATION AND EVENT MANAGEMENT PRODUCTS
    Publication number: 20180157835
    Abstract: An enterprise threat detection (ETD) pattern is executed against received log event data from one or more computing systems. Using the ETD pattern, an event threshold is determined to have been exceeded. Entities associated with an alert created based on the exceeded threshold are determined and, at runtime, a severity value is calculated for each determined entity associated with the alert. A selection is received of a determined entity on which to perform mitigation action activities. Mitigation action activities associated with the determined entity are written into an activity record data record. A mitigation action activity is closed on the determined entity and a determination performed that all mitigation action activities associated with all entities related to the created alert have been closed. The created alert is closed.
    Type: Application
    Filed: December 6, 2016
    Publication date: June 7, 2018
    Inventor: Kathrin Nos
  • SNAPSHOT OF A FORENSIC INVESTIGATION FOR ENTERPRISE THREAT DETECTION
    Publication number: 20180091535
    Abstract: An enterprise threat detection (ETD) forensic workspace is established according to a particular timeframe and permitting defining a selection of data types from available log data for an evaluation of events associated with one or more entities. A chart is defined illustrating a graphical distribution of a particular data type in the forensic workspace. A snapshot associated with the chart is generated, the snapshot saving a copy of all data necessary to re-create the chart into an associated snapshot object. The snapshot is associated with a snapshot page for containing the snapshot and the snapshot page is saved within the ETD forensic workspace.
    Type: Application
    Filed: September 23, 2016
    Publication date: March 29, 2018
    Inventors: Florian Chrosziel, Jona Hassforther, Thomas Kunz, Harish Mehta, Rita Merkel, Kathrin Nos, Wei-Guo Peng, Eugen Pritzkau, Marco Rodeck, Hartwig Seifert, Nan Zhang, Thorsten Menke, Hristina Dinkova, Lin Luo
  • REAL-TIME PUSH API FOR LOG EVENTS IN ENTERPRISE THREAT DETECTION
    Publication number: 20180091536
    Abstract: A log entry is received at a streaming component of an enterprise threat detection (ETD) system from a real-time push application programming interface (API) associated with a backend computing system. The received log entry is parsed using a runtime parser associated with the streaming component into mapped data in an ETD format compatible with the ETD system. The mapped data is transferred to an ETD streaming project and enriched. The streaming component writes the enriched data into a database associated with the ETD system.
    Type: Application
    Filed: September 23, 2016
    Publication date: March 29, 2018
    Inventors: Florian Chrosziel, Thomas Kunz, Kathrin Nos, Marco Rodeck
  • VISUALIZATION OF DATA DISTRIBUTED IN MULTIPLE DIMENSIONS
    Publication number: 20180059876
    Abstract: A path associated with a set of selected log data is defined. An indication is received on a graphical user interface (GUI) to generate a bubblegram associated with the path, wherein the bubblegram comprises one or more bubbles, each bubble representing a particular dimension associated with the selected path. The one or more bubbles are rendered on the GUI according to a performed ranking of the one or more bubbles. A bubble is selected to generate a filter for the path based on the dimension associated with the bubble. A subsequent bubblegram is rendered based on a narrowed set of the selected log data.
    Type: Application
    Filed: August 24, 2016
    Publication date: March 1, 2018
    Inventors: Wei-Guo Peng, Eugen Pritzkau, Lin Luo, Hartwig Seifert, Marco Rodeck, Thomas Kunz, Harish Mehta, Florian Chrosziel, Rita Merkel, Jona Hassforther, Thorsten Menke, Nan Zhang, Kathrin Nos, Hristina Dinkova
  • REALTIME TRIGGERING FRAMEWORK
    Publication number: 20180027010
    Abstract: A computer-implemented method generates a trigger registration for a selected triggering type. The generated trigger registration is stored in a triggering persistency. A received event from an event persistency is analyzed and data associated with the analyzed event is compared with the triggering persistency. Based on the comparison and using a pattern execution framework, an enterprise threat detection (ETD) pattern is processed to perform actions responsive to the received event.
    Type: Application
    Filed: July 21, 2016
    Publication date: January 25, 2018
    Inventors: Eugen Pritzkau, Kathrin Nos, Marco Rodeck, Florian Chrosziel, Jona Hassforther, Rita Merkel, Thorsten Menke, Thomas Kunz, Hartwig Seifert, Harish Mehta, Wei-Guo Peng, Lin Luo, Nan Zhang, Hristina Dinkova
  • Standard metadata model for analyzing events with fraud, attack, or any other malicious background
    Patent number: 9876809
    Abstract: A standard metadata model for analyzing events with fraud, attack or other malicious background is disclosed. Log data for two or more computing systems is stored, and mapped to standardized attributes based on metadata entities defined for each computing system. A standard metadata model is defined for the computing systems, in which one or more standardized attributes of a first set of computing systems is associated with one or more standardized attributes of a second set of computing systems to define connected metadata that connects attributes of the associated metadata entities.
    Type: Grant
    Filed: November 10, 2015
    Date of Patent: January 23, 2018
    Assignee: SAP SE
    Inventor: Kathrin Nos
  • Reusable application configuration with dynamic resource determination
    Patent number: 9817645
    Abstract: The present disclosure describes methods, systems, and computer program products for providing a deployment of applications across a distributed network environment. A computer-implemented method comprises: receiving, at a server and from a client device, a first request including an identifier of a configuration file accessible to the server and one or more identifiers for one or more resources operated by a remote resource server, wherein the resources are requested by an application executed on the client device; in response to the request, retrieving, by the server, one or more tokens associated with the requested resources; transmitting, by the server, a second request to the remote resource server, the second request including the tokens and identifying one or more data processing tasks to be performed by the resources for the application; and receiving, by the server and from the remote resource server, result data that was outputted by the resources executing the data processing tasks.
    Type: Grant
    Filed: September 17, 2014
    Date of Patent: November 14, 2017
    Assignee: SAP SE
    Inventors: Kathrin Nos, Bjoern Friedmann, Klaus Kiefer, Michael Engler
  • STANDARD METADATA MODEL FOR ANALYZING EVENTS WITH FRAUD, ATTACK, OR ANY OTHER MALICIOUS BACKGROUND
    Publication number: 20170134408
    Abstract: A standard metadata model for analyzing events with fraud, attack or other malicious background is disclosed. Log data for two or more computing systems is stored, and mapped to standardized attributes based on metadata entities defined for each computing system. A standard metadata model is defined for the computing systems, in which one or more standardized attributes of a first set of computing systems is associated with one or more standardized attributes of a second set of computing systems to define connected metadata that connects attributes of the associated metadata entities.
    Type: Application
    Filed: November 10, 2015
    Publication date: May 11, 2017
    Inventor: Kathrin Nos
  • REUSABLE APPLICATION CONFIGURATION WITH DYNAMIC RESOURCE DETERMINATION
    Publication number: 20160077818
    Abstract: The present disclosure describes methods, systems, and computer program products for providing a deployment of applications across a distributed network environment. A computer-implemented method comprises: receiving, at a server and from a client device, a first request including an identifier of a configuration file accessible to the server and one or more identifiers for one or more resources operated by a remote resource server, wherein the resources are requested by an application executed on the client device; in response to the request, retrieving, by the server, one or more tokens associated with the requested resources; transmitting, by the server, a second request to the remote resource server, the second request including the tokens and identifying one or more data processing tasks to be performed by the resources for the application; and receiving, by the server and from the remote resource server, result data that was outputted by the resources executing the data processing tasks.
    Type: Application
    Filed: September 17, 2014
    Publication date: March 17, 2016
    Inventors: Kathrin Nos, Bjoern Friedmann, Klaus Kiefer, Michael Engler
  • Centralized read access logging
    Patent number: 9116906
    Abstract: Systems and methods are disclosed for creating a read-access log. A business application may send a request for data to a backend system using a communication protocol. At the backend system, the request may be observed and a determination made as to whether the request for data is log-relevant. The determination may be based on a log configuration record associated with the business application making the request. A record may be written in a read-access log when it is determined that the request for data is log-relevant. The log record may include information used to map entity information from the retrieved data to a semantic entity.
    Type: Grant
    Filed: June 12, 2012
    Date of Patent: August 25, 2015
    Assignee: SAP SE
    Inventors: Kathrin Nos, Iouri Loukachev, Bjoern Christoph, Steve Trester, Joerg Heitmann, Robert Girts
  • Configuration of life cycle management for configuration files for an application
    Patent number: 9075633
    Abstract: A method for modifying a configuration file includes receiving a first configuration file for an application and receiving one or more changes to the first configuration file to generate a modified configuration file. When a second configuration file is received, differences between the first configuration file and the modified configuration file are determined, and differences between the first configuration file and the second configuration file are determined. The differences may then be presented to a user, who can then reconcile the differences.
    Type: Grant
    Filed: October 12, 2012
    Date of Patent: July 7, 2015
    Assignee: SAP SE
    Inventor: Kathrin Nos
  • Configuration of Life Cycle Management for Configuration Files for an Application
    Publication number: 20140108440
    Abstract: A method for modifying a configuration file includes receiving a first configuration file for an application and receiving one or more changes to the first configuration file to generate a modified configuration file. When a second configuration file is received, differences between the first configuration file and the modified configuration file are determined, and differences between the first configuration file and the second configuration file are determined. The differences may then be presented to a user, who can then reconcile the differences.
    Type: Application
    Filed: October 12, 2012
    Publication date: April 17, 2014
    Applicant: SAP AG
    Inventor: Kathrin Nos
  • CENTRALIZED READ ACCESS LOGGING
    Publication number: 20130332424
    Abstract: Systems and methods are disclosed for creating a read-access log. A business application may send a request for data to a backend system using a communication protocol. At the backend system, the request may be observed and a determination made as to whether the request for data is log-relevant. The determination may be based on a log configuration record associated with the business application making the request. A record may be written in a read-access log when it is determined that the request for data is log-relevant. The log record may include information used to map entity information from the retrieved data to a semantic entity.
    Type: Application
    Filed: June 12, 2012
    Publication date: December 12, 2013
    Applicant: SAP AG
    Inventors: Kathrin Nos, Iouri Loukachev, Bjoern Christoph, Steve Trester, Joerg Heitmann, Robert Girts
  • Consistent set of interfaces derived from a business object model
    Publication number: 20080120129
    Abstract: A business object model, which reflects data that is used during a given business transaction, is utilized to generate interfaces. This business object model facilitates commercial transactions by providing consistent interfaces that are suitable for use across industries, across businesses, and across different departments within a business during a business transaction.
    Type: Application
    Filed: May 11, 2007
    Publication date: May 22, 2008
    Inventors: Michael Seubert, Achim Heger, Adam Polly, Alexander Adam, Alexander Zaichenko, Alexandra Mark, Andre Doerfler, Andre Wachholz-Prill, Andre Wagner, Andrea Pluemper, Andreas Bold, Andreas Brossler, Andreas Huppert, Andreas Leukert-Knapp, Andreas Morsch, Andreas Neumann, Andreas Poth, Andreas Reccius, Andreas Wolber, Antje Fuchs, Antonia Gross, Arno Eifel, Artur Butucel, Arunava Banerjee, Ashwin Yeddula, Axel Kuehl, Benjamin Klehr, Bernd Schmitt, Bjoern Eike, Boris Krems, Christian Auth, Christian Fuhlbruegge, Christiane Cramer, Christiane Schauerte, Christopher Engler, Cristina Buchholz, Damian Theil, Daniel Bock, Daniel Zimmermann, Danny Pannicke, Dieter Krisch, Dietmar Nowotny, Dirk Henrich, Dirk Richtsteiger, Dirk Schindewolf, Doris Karbach, Frank Damaschke, Frank Hastrich, Frank Krueger, Frank Lindqvist, Frank Milpetz, Frank Reinemuth, Galina Pacher, Georg Dopf, Georg Podhajsky, Giovanni Deledda, Guimei Zhang, Gunther Liebich, Heike Berger, Hendrik Geipel, Horst Schaude, Ingo Bruss, Ingo Pfitzner, Jaakob Kind, Jan Hrastnik, Jan Richert, Joachim Liebler, Joachim Puteick, Jochen Steinbach, Joerg Goetting, Johannes Bechtold, Julian Schmidt-Kluegmann, Kai-Michael Roesner, Karsten Kimme, Karsten Koetter, Kathrin Nos, Klaus Herter, Klaus Reinelt, Klaus Schlappner, Kristina Grunewald, Levente Sara, Markus Juchem, Martin Gaub, Martin Hermes, Martin Rogge, Martin Schorr, Mathias Schoenecker, Matthias Asal, Matthias Heinrichs, Matthias Schmitt, Michael Bauer, Michael Conrad, Michael Hartel, Michael Jung, Michael Schier, Michael Segler, Michael Sylvester, Naci Kalyoncu, Olaf Meincke, Oliver Grande