System, method, and computer software code for detecting a computer network intrusion in an infrastructure element of a high value target

Assignee

• General Electric Company · US

Inventors

• Scott Charles Evans · Burnt Hills, US
• Yogesh Kesrinath Potdar · Niskayuna, US
• Michael Joseph Dell'Anno · Clifton Park, US
• Thomas Stephen Markham · Schenectady, US
• Adam Edgar Klingbeil · Ballston Lake, US
• Robert James Boring · Greer, US
• Bruce Gordon Barnett · Troy, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1416
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An intrusion detection system for detecting and defeating unauthorized intrusion within a computer network of an infrastructure element of a high value target, the system including a pre-processor configured to receive data from a computer network of an infrastructure element of a high value target and to output filtered data, a grammar applicator configured to apply grammars produced using a grammar based compression and learning algorithm to the filtered data, a decision making device configured to provide a recommendation based on an input from the grammar applicator as to whether the data in the computer network constitutes an unauthorized intrusion, and an emulator in communication with the decision making device configured to expand a sampling of the filtered data using a polymorphic transformation to allow the decision making device to further analyze the sampled data to determine an unauthorized intrusion. A method and a computer software code are also disclosed.