WO2008154121A3 - Network identity clustering - Google Patents

Network identity clustering Download PDF

Info

Publication number
WO2008154121A3
WO2008154121A3 PCT/US2008/064026 US2008064026W WO2008154121A3 WO 2008154121 A3 WO2008154121 A3 WO 2008154121A3 US 2008064026 W US2008064026 W US 2008064026W WO 2008154121 A3 WO2008154121 A3 WO 2008154121A3
Authority
WO
WIPO (PCT)
Prior art keywords
identity
merged
identifiers
sessions
target entity
Prior art date
Application number
PCT/US2008/064026
Other languages
French (fr)
Other versions
WO2008154121A2 (en
Inventor
Ziv Katzir
Original Assignee
Verint Systems Inc
Verint Systems Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Verint Systems Inc, Verint Systems Ltd filed Critical Verint Systems Inc
Priority to EP08755808.6A priority Critical patent/EP2151115B1/en
Publication of WO2008154121A2 publication Critical patent/WO2008154121A2/en
Publication of WO2008154121A3 publication Critical patent/WO2008154121A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

A computer-implemented method for communication analysis includes monitoring (60) communication sessions, which are conducted by entities in a communication network. Identifiers that identify the entities are extracted (64) from the monitored sessions. The identifiers extracted from the sessions are grouped (68) in respective identity clusters, each identity cluster identifying a respective entity. A subset of the identity clusters, which includes identifiers that identify a target entity, is merged (72, 76, 80) to form a merged identity cluster that identifies the target entity. An activity of the target entity in the communication network is tracked (84) using the merged identity cluster.
PCT/US2008/064026 2007-05-17 2008-05-17 Network identity clustering WO2008154121A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP08755808.6A EP2151115B1 (en) 2007-05-17 2008-05-17 Network identity clustering

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/804,748 2007-05-17
US11/804,748 US7882217B2 (en) 2007-05-17 2007-05-17 Network identity clustering

Publications (2)

Publication Number Publication Date
WO2008154121A2 WO2008154121A2 (en) 2008-12-18
WO2008154121A3 true WO2008154121A3 (en) 2009-06-25

Family

ID=40027366

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2008/064026 WO2008154121A2 (en) 2007-05-17 2008-05-17 Network identity clustering

Country Status (3)

Country Link
US (1) US7882217B2 (en)
EP (1) EP2151115B1 (en)
WO (1) WO2008154121A2 (en)

Families Citing this family (103)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8005474B2 (en) * 1999-09-24 2011-08-23 Kroll Family Trust Cell phone locator method
US9412123B2 (en) 2003-07-01 2016-08-09 The 41St Parameter, Inc. Keystroke analysis
US10999298B2 (en) 2004-03-02 2021-05-04 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US8938671B2 (en) 2005-12-16 2015-01-20 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US11301585B2 (en) 2005-12-16 2022-04-12 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US8151327B2 (en) 2006-03-31 2012-04-03 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8131745B1 (en) 2007-04-09 2012-03-06 Rapleaf, Inc. Associating user identities with different unique identifiers
EP2061212B1 (en) * 2007-11-13 2018-06-20 Cellular Communications Equipment Llc Method, apparatus and program product for merging communication sessions in an IMS
US8583810B2 (en) * 2008-01-04 2013-11-12 Red Hat, Inc. Session affinity cache and manager
CN101521676B (en) * 2008-02-27 2012-07-18 华为技术有限公司 Method for calling USI interface and equipment thereof
US9064021B2 (en) 2008-10-02 2015-06-23 Liveramp, Inc. Data source attribution system
US9112850B1 (en) 2009-03-25 2015-08-18 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US20100250756A1 (en) * 2009-03-31 2010-09-30 Morris Robert P Methods, Systems, And Computer Program Products For Establishing A Shared Browsing Session Between A User Of A Web Browser With A User Of Another Web Browser
WO2011025876A1 (en) * 2009-08-27 2011-03-03 Interdigital Patent Holdings, Inc. Method and apparatus for solving limited addressing space in machine-to-machine (m2m) environments
IL201130A (en) * 2009-09-23 2013-09-30 Verint Systems Ltd Systems and methods for large-scale link analysis
IL202686A (en) * 2009-12-10 2016-06-30 Verint Systems Ltd System and method for mass link analysis using rule engines
KR101641241B1 (en) * 2010-01-13 2016-07-20 엘지전자 주식회사 Method for processing call of mobile terminal
IL203628A (en) * 2010-01-31 2015-09-24 Verint Systems Ltd Systems and methods for web decoding
IL205394A (en) 2010-04-28 2016-09-29 Verint Systems Ltd System and method for automatic identification of speech coding scheme
EP2403288B1 (en) * 2010-04-28 2018-05-23 Verint Systems Ltd. System and method for determining commonly used communication terminals and for identifying noisy entities in large-scale link analysis
IL206240A0 (en) 2010-06-08 2011-02-28 Verint Systems Ltd Systems and methods for extracting media from network traffic having unknown protocols
US9246952B2 (en) * 2010-06-30 2016-01-26 International Business Machines Corporation Controlling telephone call processing using global signaling codes
IL209008A (en) * 2010-10-31 2015-09-24 Verint Systems Ltd System and method for ip target traffic analysis
IL210897A (en) 2011-01-27 2017-12-31 Verint Systems Ltd Systems and methods for flow table management
IL210900A (en) 2011-01-27 2015-08-31 Verint Systems Ltd System and method for efficient classification and processing of network traffic
IL210899A (en) 2011-01-27 2015-08-31 Verint Systems Ltd System and method for decoding traffic over proxy servers
IL212344A (en) 2011-04-14 2015-03-31 Verint Systems Ltd System and method for selective inspection of encrypted traffic
IL212511A (en) 2011-04-27 2016-03-31 Verint Systems Ltd System and method for keyword spotting using multiple character encoding schemes
US10356106B2 (en) * 2011-07-26 2019-07-16 Palo Alto Networks (Israel Analytics) Ltd. Detecting anomaly action within a computer network
IL214360A (en) 2011-07-31 2016-05-31 Verint Systems Ltd System and method for main page identification in web decoding
IL216059A (en) 2011-10-31 2016-11-30 Verint Systems Ltd System and method for target profiling using social network analysis
IL216058B (en) 2011-10-31 2019-08-29 Verint Systems Ltd System and method for link analysis based on image processing
IL216056B (en) 2011-10-31 2018-04-30 Verint Systems Ltd Combined database system and method
US10754913B2 (en) 2011-11-15 2020-08-25 Tapad, Inc. System and method for analyzing user device information
IL217867A (en) * 2012-01-31 2015-09-24 Verint Systems Ltd Systems and methods for correlating cellular and wlan identifiers of mobile communication terminals
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
IL219361A (en) 2012-04-23 2017-09-28 Verint Systems Ltd Systems and methods for combined physical and cyber data security
IL219499B (en) 2012-04-30 2019-02-28 Verint Systems Ltd System and method for malware detection
WO2013192538A2 (en) 2012-06-22 2013-12-27 Jiwire, Inc. Location graph based derivation of attributes
IL221175A (en) 2012-07-29 2017-08-31 Verint Systems Ltd System and method for automatic provisioning of multi-stage rule-based traffic filtering
IL221176B (en) 2012-07-29 2019-02-28 Verint Systems Ltd System and method for passive decoding of social network activity using replica database
US9491069B2 (en) 2012-07-29 2016-11-08 Verint Systems Ltd. System and method of high volume rule engine
EP2880619A1 (en) 2012-08-02 2015-06-10 The 41st Parameter, Inc. Systems and methods for accessing records via derivative locators
IL222574A (en) 2012-10-21 2016-12-29 Verint Systems Ltd System and method for user-privacy-aware communication monitoring and analysis
US9386028B2 (en) 2012-10-23 2016-07-05 Verint Systems Ltd. System and method for malware detection using multidimensional feature clustering
IL222743A (en) 2012-10-29 2017-03-30 Verint Systems Ltd System and method for identifying contacts of a target user in a social network
WO2014078569A1 (en) 2012-11-14 2014-05-22 The 41St Parameter, Inc. Systems and methods of global identification
CN103959714B (en) * 2012-11-19 2017-06-20 华为技术有限公司 Configure method, monitor method, device and the entity of monitoring users data path
EP3319273B1 (en) * 2012-11-19 2020-01-08 Huawei Technologies Co., Ltd. Method for configuring a path for intercepting user data, method for intercepting, and apparatuses
WO2014111863A1 (en) 2013-01-16 2014-07-24 Light Cyber Ltd. Automated forensics of computer systems using behavioral intelligence
IL224482B (en) 2013-01-29 2018-08-30 Verint Systems Ltd System and method for keyword spotting using representative dictionary
IL224525A (en) 2013-01-31 2017-01-31 Verint Systems Ltd System and method for bit-map based keyword spotting in communication traffic
US9818131B2 (en) 2013-03-15 2017-11-14 Liveramp, Inc. Anonymous information management
IL226056A (en) 2013-04-28 2017-06-29 Verint Systems Ltd Systems and methods for keyword spotting using adaptive management of multiple pattern matching algorithms
IL226747B (en) 2013-06-04 2019-01-31 Verint Systems Ltd System and method for malware detection learning
IL227332B (en) 2013-07-04 2020-08-31 Verint Systems Ltd System and method for automated generation of web decoding templates
US10902327B1 (en) 2013-08-30 2021-01-26 The 41St Parameter, Inc. System and method for device identification and uniqueness
US11157944B2 (en) 2013-09-13 2021-10-26 Liveramp, Inc. Partner encoding of anonymous links to protect consumer privacy
US9665883B2 (en) 2013-09-13 2017-05-30 Acxiom Corporation Apparatus and method for bringing offline data online while protecting consumer privacy
US10990686B2 (en) 2013-09-13 2021-04-27 Liveramp, Inc. Anonymous links to protect consumer privacy
IL229154B (en) 2013-10-30 2019-02-28 Verint Systems Ltd System and method for conditional analysis of network traffic
TWI548246B (en) 2013-12-02 2016-09-01 緯創資通股份有限公司 Methods for deploying clustered servers and apparatuses using the same
US10015153B1 (en) * 2013-12-23 2018-07-03 EMC IP Holding Company LLC Security using velocity metrics identifying authentication performance for a set of devices
IL230741B (en) 2014-01-30 2019-11-28 Verint Systems Ltd Systems and methods for keyword spotting using alternating search algorithms
IL230743B (en) * 2014-01-30 2019-09-26 Verint Systems Ltd System and method for extracting identifiers from traffic of an unknown protocol
IL230742A (en) 2014-01-30 2016-09-29 Verint Systems Ltd System and method for extracting user identifiers over encrypted communication traffic
IL232316A (en) 2014-04-28 2017-04-30 Verint Systems Ltd System and method for demographic profiling of mobile terminal users based on network-centric estimation of installed mobile applications and their usage patterns
IL233776B (en) 2014-07-24 2019-02-28 Verint Systems Ltd System and method for range matching
US9602543B2 (en) * 2014-09-09 2017-03-21 Shape Security, Inc. Client/server polymorphism using polymorphic hooks
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10327094B2 (en) 2016-06-07 2019-06-18 NinthDecimal, Inc. Systems and methods to track locations visited by mobile devices and determine neighbors of and distances among locations
US10560842B2 (en) 2015-01-28 2020-02-11 Verint Systems Ltd. System and method for combined network-side and off-air monitoring of wireless networks
IL238001B (en) 2015-03-29 2020-05-31 Verint Systems Ltd System and method for identifying communication session participants based on traffic patterns
IL242219B (en) 2015-10-22 2020-11-30 Verint Systems Ltd System and method for keyword searching using both static and dynamic dictionaries
IL242218B (en) 2015-10-22 2020-11-30 Verint Systems Ltd System and method for maintaining a dynamic dictionary
US10110435B2 (en) * 2015-11-10 2018-10-23 Adobe Systems Incorporated Techniques for associating variable versions of a cluster of devices identified at different times with the same user by assigning cluster identifiers
US10116536B2 (en) * 2015-11-18 2018-10-30 Adobe Systems Incorporated Identifying multiple devices belonging to a single user
US10432521B2 (en) 2016-01-28 2019-10-01 Verint Systems Ltd. System and method for identifying devices behind network address translators
IL245299B (en) 2016-04-25 2021-05-31 Verint Systems Ltd System and method for decrypting communication exchanged on a wireless local area network
IL248306B (en) 2016-10-10 2019-12-31 Verint Systems Ltd System and method for generating data sets for learning to identify user actions
IL252041B (en) 2017-04-30 2020-09-30 Verint Systems Ltd System and method for tracking users of computer applications
IL252037B (en) 2017-04-30 2021-12-01 Verint Systems Ltd System and method for identifying relationships between users of computer applications
US10984427B1 (en) * 2017-09-13 2021-04-20 Palantir Technologies Inc. Approaches for analyzing entity relationships
US10838843B1 (en) 2017-12-15 2020-11-17 Glassbeam, Inc. Parsing hierarchical session log data for search and analytics
IL256690B (en) 2018-01-01 2022-02-01 Cognyte Tech Israel Ltd System and method for identifying pairs of related application users
IL257284A (en) 2018-01-31 2018-03-29 Verint Systems Ltd System and method for identifying devices behind network address translators based on tcp timestamps
US10999304B2 (en) 2018-04-11 2021-05-04 Palo Alto Networks (Israel Analytics) Ltd. Bind shell attack detection
IL260986B (en) 2018-08-05 2021-09-30 Verint Systems Ltd System and method for using a user-action log to learn to classify encrypted traffic
US11184377B2 (en) 2019-01-30 2021-11-23 Palo Alto Networks (Israel Analytics) Ltd. Malicious port scan detection using source profiles
US11070569B2 (en) 2019-01-30 2021-07-20 Palo Alto Networks (Israel Analytics) Ltd. Detecting outlier pairs of scanned ports
US11184378B2 (en) 2019-01-30 2021-11-23 Palo Alto Networks (Israel Analytics) Ltd. Scanner probe detection
US11184376B2 (en) 2019-01-30 2021-11-23 Palo Alto Networks (Israel Analytics) Ltd. Port scan detection using destination profiles
US11316872B2 (en) 2019-01-30 2022-04-26 Palo Alto Networks (Israel Analytics) Ltd. Malicious port scan detection using port profiles
US11914606B2 (en) * 2019-03-04 2024-02-27 Walmart Apollo, Llc Systems and methods for a machine learning framework
EP3942740A1 (en) 2019-03-20 2022-01-26 Verint Systems Ltd. System and method for de-anonymizing actions and messages on networks
CN111367897B (en) * 2019-06-03 2023-09-08 杭州海康威视系统技术有限公司 Data processing method, device, equipment and storage medium
WO2021084439A1 (en) 2019-11-03 2021-05-06 Verint Systems Ltd. System and method for identifying exchanges of encrypted communication traffic
TWI762864B (en) 2020-02-05 2022-05-01 瑞昱半導體股份有限公司 Wireless access point and station applied in wireless communication system
US11259283B2 (en) * 2020-07-10 2022-02-22 Paypal, Inc. Communication channel merging system
US11509680B2 (en) 2020-09-30 2022-11-22 Palo Alto Networks (Israel Analytics) Ltd. Classification of cyber-alerts into security incidents
CN113453215B (en) * 2021-06-15 2022-05-24 中国联合网络通信集团有限公司 Method and device for acquiring terminal identification
US11799880B2 (en) 2022-01-10 2023-10-24 Palo Alto Networks (Israel Analytics) Ltd. Network adaptive alert prioritization system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002015479A1 (en) * 2000-08-11 2002-02-21 British Telecommunications Public Limited Company System and method of detecting events
US20050138201A1 (en) * 2003-12-19 2005-06-23 Martin Soukup Technique for monitoring source addresses through statistical clustering of packets
US20060265748A1 (en) * 2005-05-23 2006-11-23 Potok Thomas E Method for detecting sophisticated cyber attacks

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003052621A1 (en) * 2001-12-14 2003-06-26 The Primiter Group, Llc System for identifying data relationships

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002015479A1 (en) * 2000-08-11 2002-02-21 British Telecommunications Public Limited Company System and method of detecting events
US20050138201A1 (en) * 2003-12-19 2005-06-23 Martin Soukup Technique for monitoring source addresses through statistical clustering of packets
US20060265748A1 (en) * 2005-05-23 2006-11-23 Potok Thomas E Method for detecting sophisticated cyber attacks

Also Published As

Publication number Publication date
US20080285464A1 (en) 2008-11-20
WO2008154121A2 (en) 2008-12-18
EP2151115A2 (en) 2010-02-10
EP2151115B1 (en) 2013-08-21
US7882217B2 (en) 2011-02-01

Similar Documents

Publication Publication Date Title
WO2008154121A3 (en) Network identity clustering
WO2012141444A3 (en) Social network analyzing service method and device
WO2019074952A3 (en) Distributed sample-based game profiling with game metadata and metrics and gaming api platform supporting third-party content
MY197612A (en) Method and device for processing service calling information
PH12017502072A1 (en) Interrogatory cell-based assays and uses thereof
WO2010048430A3 (en) System and method for identifying trends in web feeds collected from various content servers
WO2006118755A3 (en) Dynamically coordinating collection and distribution of presence information
WO2012092148A3 (en) Scene activity analysis using statistical and semantic feature learnt from object trajectory data
WO2010016992A3 (en) System and method for analysis of spatio-temporal data
WO2012109742A3 (en) Systems and methods for extraction of vehicle operational data and sharing data with authorized computer networks
WO2011075729A3 (en) System and method for attentive clustering and related analytics and visualizations
TW200745975A (en) System and methods for quantitatively evaluating complexity of computing system configuration
WO2015138497A3 (en) Systems and methods for rapid data analysis
WO2007018766A3 (en) System and method for clustering probe vehicles for real-time traffic application
WO2009036289A3 (en) Database system and method for tracking goods
WO2007002838A3 (en) Whole-network anomaly diagnosis
WO2013044183A3 (en) Analysis of physiology based on electrodermal activity
MX2012009173A (en) Methods and systems for health wellness management.
WO2007072214A3 (en) Methods of clustering gene and protein sequences
SG159567A1 (en) Automated throughput control system and method of operating the same
IN2014CN05002A (en)
WO2012034105A3 (en) Systems and methods for generating prospect scores for sales leads, spending capacity scores for sales leads, and retention scores for renewal of existing customers
WO2007005378A3 (en) Business intelligence incorporated business process management system and method thereof
WO2014004765A3 (en) Method and system for real time subscriber profiling
BR112015000340A2 (en) method for constructing a diversity index and a viability index of microorganisms in sample processing

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2008755808

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08755808

Country of ref document: EP

Kind code of ref document: A2