System and method for information assurance based on thermal analysis techniques
First Claim
Patent Images
1. A computer-implemented method for information assurance, comprising:
- receiving an anomalous event parameter;
receiving a plurality of network events from a network;
associating each of the network events with a timestamp;
classifying each of the network events into at least one of a plurality of cycles, based, at least in part, on the timestamp;
forming an ergodic routing matrix and its associated set of rates corresponding to the plurality of network events;
forming a dynamical state probability distribution corresponding to the plurality of network events;
computing a discrete martingale for the plurality of network events;
computationally determining whether or not a network event of the plurality is anomalous, based, at least in part, on the anomalous event parameter; and
at least one of storing the determination to a computer readable medium or displaying the determination.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for network security are disclosed. Embodiments of the present invention include a scalable, real-time solution to complement existing security systems and detect unusual activity. Embodiments of the present invention leverage the scale and complexity of networks and use the principles of statistical physics and thermodynamics to define thermal properties like entropy, temperature and energy for network states and changes in the properties as packets move through the network.
19 Citations
18 Claims
-
1. A computer-implemented method for information assurance, comprising:
-
receiving an anomalous event parameter; receiving a plurality of network events from a network; associating each of the network events with a timestamp; classifying each of the network events into at least one of a plurality of cycles, based, at least in part, on the timestamp; forming an ergodic routing matrix and its associated set of rates corresponding to the plurality of network events; forming a dynamical state probability distribution corresponding to the plurality of network events; computing a discrete martingale for the plurality of network events; computationally determining whether or not a network event of the plurality is anomalous, based, at least in part, on the anomalous event parameter; and at least one of storing the determination to a computer readable medium or displaying the determination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computerized system for information assurance, comprising:
-
a processor; a computer readable medium coupled to the processor; computer readable instructions encoded on the computer readable medium to; receive an anomalous event parameter; receive a plurality of network events from a network; associate each of the network events with a timestamp; classify each of the network events into at least one of a plurality of cycles, based, at least in part, on the timestamp; form an ergodic routing matrix and its associated set of rates corresponding to the plurality of network events; form a dynamical state probability distribution corresponding to the plurality of network events; compute a discrete martingale for the plurality of network events; computationally determine whether or not a network event of the plurality is anomalous, based, at least in part, on the anomalous event parameter; and at least one of store the determination to the computer readable medium or display the determination on a monitor. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification