A system, method and computer program product for graphically overlaying multiple types of events in order to facilitate determining one or more courses of action are each disclosed. Events are received from an event detection system or from another source, correlated with an address or location, an
A system, method and computer program product for graphically overlaying multiple types of events in order to facilitate determining one or more courses of action are each disclosed. Events are received from an event detection system or from another source, correlated with an address or location, and representatively mapped on an electronic map configured to be displayed on a display device. Mapped events may include cyber attacks or intrusions, credit card fraud based on the location of use of the credit card, check (and check-card) fraud based on usage location, 911 calls, law enforcement demographic data, and telecommunications based fraud.
대표청구항▼
1. A processor-implemented method, comprising: receiving fraud information about a plurality of fraud events that were facilitated by a network, the fraud information including, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event;re
1. A processor-implemented method, comprising: receiving fraud information about a plurality of fraud events that were facilitated by a network, the fraud information including, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event;receiving network intrusion information about a plurality of intrusion events occurring in the network, where each intrusion event comprises an unauthorized attempt to enter or use a system of the network via a network point, and the network intrusion information includes, for each of the plurality of intrusion events, a network address of the network point associated with the respective intrusion event;receiving physical crime information associated with a plurality of physical crimes, wherein the physical crime information includes geographical locations that are associated with the plurality of physical crimes, and a description of each of the plurality of physical crimes;automatically correlating via a processor the network addresses of the network intrusion information and the network addresses of the fraud information with location information for the network points of the network to determine physical locations associated with the plurality of fraud events and physical locations associated with the plurality of intrusion events;generating via the processor a map of subject specific overlays displaying in layers: a fraud events overlay of geographical locations of the physical locations associated with the plurality of fraud events, an intrusion events overlay of geographical locations of the physical locations associated with the plurality of intrusion events, and a physical crime events overlay of geographical locations of the physical crime locations;identifying via the processor geographical pockets of threats derived from the fraud event locations, the intrusion events locations, and the physical crime locations, displayed on the generated multi-overlay map; andprioritizing via the processor threat response resources according to the identified geographical pockets of threats. 2. The method of claim 1, wherein receiving fraud information about a fraud event comprises receiving a description of the fraud event and at least one telephone number. 3. The method of claim 2, wherein correlating the fraud information with location information to determine a plurality of physical locations associated with the events comprises electronically correlating the at least one phone number with at least one of an inventory database and a billing database to determine at least one physical location associated with the fraud event. 4. The method of claim 1, wherein receiving fraud information about a fraud event comprises receiving from a fraud detection system that electronically reviews call detail records a description of the fraud event and at least one telephone number. 5. The method of claim 1, further comprising electronically generating a map with a computing device and mapping software and electronically displaying on a display device computer-generated icons that show the geographical plurality of physical locations associated with the fraud event, the geographical locations of the identified network points and the geographical locations of the physical crime locations. 6. A system comprising: a fraud detection system configured to electronically review call detail records and identify suspected fraudulent events that were facilitated by a network, thereby creating fraud information that includes, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event;an intrusion detection system configured to electronically review network information and identify network intrusion events occurring in the network, where each intrusion event comprises an unauthorized attempt to enter or use a system of the network via a network point, thereby generating network intrusion information that includes, for each of the plurality of network intrusion events, a network address of the network point associated with the respective network intrusion event;a physical crimes database configured to electronically store locations of occurrences of physical crimes;a location/GPS engine configured to automatically correlate said network addresses of fraud information with one or more physical locations according to the call detail records, automatically correlate said network addresses of the network intrusion information with one or more physical locations, and obtain from said physical crimes database the locations of said occurrences of physical crimes; andan electronic mapping system configured to receive fraud-location information indicating physical locations associated with the fraud events from said location/GPS engine, map said fraud-location information according to a fraud events overlay on an electronic multi-overlay map that is displayed on a display device, receive network-intrusion-location information indicating physical locations associated with the network intrusion events from said location/GPS engine, map said network-intrusion-location information on an intrusion events overlay of the electronic multi-overlay map that is displayed on the display device, receive physical-crime-location information indicating the locations of said occurrences of physical crimes from said location/GPS engine, map said physical-crime-location information on a physical crime events overlay of the electronic multi-overlay map that is displayed on the display device, identify geographical pockets of threats derived from the physical location information displayed on the electronic multi-overlay map, and prioritize threat response resources according to the identified geographical pockets of threats. 7. The system of claim 6, wherein said fraud information comprises at least a portion of one or more telephone numbers. 8. The system of claim 6, wherein correlating said fraud information with one or more physical locations comprises using said at least a portion of one or more telephone numbers correlated against a location database to determine said one or more physical locations. 9. The system of claim 8, wherein the location database is comprised of at least one of an inventory database and a billing database. 10. The system of claim 6, wherein said one or more physical locations are provided as one of street addresses, latitude and longitude, horizontal and vertical coordinates, or combinations thereof. 11. The method of claim 1, further comprising: determining via the processor a cumulative risk of the identified geographic pockets of threats, wherein the cumulative risk is determined relative to a predetermined risk threshold. 12. The method of claim 5, further comprising including non-crime data along with the subject specific overlays, the non-crime data including at least one of sales information, census figures, and property values. 13. The method of claim 12, further comprising prioritizing the threat response resources further accounting for the non-crime data. 14. The method of claim 5, further comprising sizing the computer-generated icons on the display device according to a magnitude of a respective activity represented by the respective computer-generated icons. 15. The method of claim 14, wherein the magnitude of the respective activity represents a cumulative crime risk associated with the location of the respective computer-generated icons. 16. The method of claim 15, wherein the cumulative crime risk represents cumulative risk of intrusion, fraud and physical crime associated with the location. 17. A system comprising: a fraud database comprised of fraud information associated with a plurality of fraud events that were facilitated by a network, the fraud information including, for each of the fraud events, a network address identifying a network point that facilitated the respective fraud event;an intrusion database comprised of intrusion information about a plurality of intrusion events occurring in the network, where each intrusion event comprises an unauthorized attempt to enter or use a system of the network via a network point, and the network intrusion information includes, for each of the plurality of intrusion events, a network address of the network point associated with the respective intrusion event;a physical crimes database comprised of physical crime information that is associated with at least the locations of the occurrences of a plurality of physical crimes;a location/GPS engine configured to receive said fraud information from said fraud database and said intrusion information from said intrusion database, correlate the network addresses of said fraud information with physical locations thereby obtaining physical locations associated with the fraud events, and correlate the network addresses of said intrusion information with physical locations thereby obtaining physical locations associated with the intrusion events;a mapping database configured to receive at least said physical locations of the fraud events and said physical locations of the intrusion events from said location/GPS engine and said locations of the occurrences of the plurality of physical crimes from the physical crimes database to form mapping information; andan electronic mapping system map that is configured to retrieve said mapping information from said mapping database,display in layers said physical locations of said fraud events in a fraud events overlay, said physical locations of the intrusion events in an intrusion events overlay, and the physical locations of said physical crimes via computer-generated icons in a physical crime events overlay, on an electronic multi-overlay map that is displayed on a display device,size the computer-generated icons on the display device according to a magnitude of a respective activity represented by the respective computer-generated icons,identify geographical pockets of threats derived from the fraud event locations, the identified network point locations, and the physical crime locations, displayed on the multi-overlay map, andprioritize via the processor threat response resources according to the identified geographical pockets of threats. 18. The system of claim 17, wherein said fraud information is comprised of at least a portion of one or more telephone numbers. 19. The system of claim 18, wherein correlating said fraud information with the plurality of physical locations comprises using said at least a portion of one or more telephone numbers correlated against a location database to determine said plurality of physical locations. 20. The system of claim 19, wherein the location database is comprised of at least one of an inventory database and a billing database. 21. The system of claim 17, wherein said intrusion information comprises at least a portion of one or more Internet Protocol (IP) addresses. 22. The system of claim 21, wherein correlating said intrusion information with the plurality of physical locations comprises using said at least a portion of one or more IP addresses correlated against a location database to determine the plurality of physical locations. 23. The system of claim 22, wherein the location database comprises at least an address routing protocol (ARP) database. 24. A computer program product, comprising: a non-transitory computer readable medium having computer readable code embodied therein, the computer readable code being configured to, when executed by a processor of a computing device, cause the computing device to perform the method of claim 1. 25. The computer program product of claim 24, wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to receive a description of each of the plurality of fraud events and at least one telephone number of each of the plurality of fraud events. 26. The computer program product of claim 24, wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to electronically correlate each of the at least one phone numbers with at least one of an inventory database and a billing database to determine each of the plurality of physical locations associated with the fraud events. 27. The computer program product of claim 24, wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to receive from a fraud detection system that electronically reviews call detail records a description of the fraud events and each of the at least one telephone numbers. 28. The computer program product of claim 24, wherein the computer readable code is further configured to, when executed by the processor, cause the computing device to electronically generate a multi-overlay map with a computing device and mapping software and electronically display on a display device computer-generated icons that show the geographical locations of the plurality of physical locations associated with the fraud events, the geographical locations of the identified network points and the geographical locations of the physical crime locations.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (55)
Hill Douglas W. ; Lynn James T., Adaptive system and method for responding to computer network security attacks.
Grandin, Ronan Fran.cedilla.ois Daniel; Stevenson, David James; Gray, Andrew Hunter; Gray, Neil William, Apparatus and method for providing improved stress thresholds in network management systems.
Richardson,David E., Dynamically drilling-down through a health monitoring map to determine the health status and cause of health problems associated with network objects of a managed network environment.
James E. Kracht, Mechanism for determining actual physical topology of network based on gathered configuration information representing true neighboring devices.
Cochran, Charles W.; York, Justin E.; Schunicht, Geoffery A.; Hansen, Peter A., Method and apparatus for automatic monitoring of simple network management protocol manageable devices.
Cook, Mark Douglas; Valentine, Simon Peter; Jones, Paul Robert, Program method and apparatus providing elements for interrogating devices in a network.
Cohen, Alexander J.; Jung, Edward K. Y.; Lord, Robert W.; Rinaldo, Jr., John D.; Tegreene, Clarence T.; Levien, Royce A.; Malamud, Mark A., Signal routing dependent on a loading indicator of a mobile node.
Williams, John Leslie; Costello, Brian; Ravenel, John Patrick; Ritter, Stephen J.; Pelly, John; Rutherford, M. Celeste; Payne, John, System and method for automated policy audit and remediation management.
Hoyt, Travis E.; Cimijotti, Mark T.; Upchurch, II, Jack D.; Legette, Tyron; Stranathan, William T.; Lang, Robert A., System and method for management of vulnerability assessment.
McClure, Stuart C.; Kurtz, George; Keir, Robin; Beddoe, Marshall A.; Morton, Michael J.; Prosise, Christopher M.; Cole, David M.; Abad, Christopher, System and method for network vulnerability detection and reporting.
DeLuca,Steve A; Darcy,Paul B; Kiernan,Casey L; Martin,Sally J; Lee,Juhan; Hodge,Kevin A; Snover,Jeffrey P, System and method for providing a server control interface.
Du,Weimin; Rahman,Anisur; Banerjee,Raja; Gharat,Sunil, System and method for suppressing out-of-order side-effect alarms in heterogenoeus integrated wide area data and telecommunication networks.
Norman,Stuart; Halasz,David E., System and method of controlling access by a wireless client to a network that utilizes a challenge/handshake authentication protocol.
Andres, Steven G.; Cole, David M.; Cummings, Thomas Gregory; Garcia, Roberto Ramon; Kenyon, Brian Michael; Kurtz, George R.; McClure, Stuart Cartier; Moore, Christopher William; O'Dea, Michael J.; Saruwatari, Ken D., System and method of managing network security risks.
Garrett ; Sr. Charles N. (Wilmington NC) Garrett Anthony F. (Greer SC) Reed Brent W. (Greenville SC) Lovegrove William P. (Greenville SC), System for monitoring vehicles during a crisis situation.
Weinberger, Alan J.; Renton, Joseph J.; Neugaubauer, Rick, Transaction dispatcher for a passenger entertainment system, method and article of manufacture.
Park, Young-Man; Lee, Seong-Choon; Tcha, Yong-Joo, Two-factor authenticated key exchange method and authentication method using the same, and recording medium storing program including the same.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.