利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

9 条记录 (耗时 0.01 秒)

    SYSTEM AND METHOD FOR DETECTING LATERAL MOVEMENT AND DATA EXFILTRATION
    2.
    发明公开
    SYSTEM AND METHOD FOR DETECTING LATERAL MOVEMENT AND DATA EXFILTRATION 审中-公开

    公开(公告)号:EP3783857A1

    公开(公告)日:2021-02-24

    申请号:EP20201384.3

    申请日:2016-11-09

    申请人: Cyphort Inc.

    发明人: GONG, Fengmin BURT, Alexander JAS, Frank

    IPC分类号: H04L29/06 G06F11/00 G06F21/56

    摘要: A system configured to detect a threat activity on a network. The system including a digital device configured to detect a first order indicator of compromise on a network, detect a second order indicator of compromise on the network, generate a risk score based on correlating said first order indicator of compromise on the network with the second order indicator of compromise on said network, and generate at least one incident alert based on comparing the risk score to a threshold.

    SYSTEM AND METHOD FOR THREAT RISK SCORING OF SECURITY THREATS
    7.
    发明公开
    SYSTEM AND METHOD FOR THREAT RISK SCORING OF SECURITY THREATS 审中-公开

    公开(公告)号:EP3374870A1

    公开(公告)日:2018-09-19

    申请号:EP16864948.1

    申请日:2016-11-09

    申请人: Cyphort, Inc.

    发明人: GONG, Fengmin JAS, Frank MACFARLANE, Druce

    IPC分类号: G06F11/00 G06F12/14

    CPC分类号: G06F11/00 G06F21/554 H04L63/105 H04L63/1425

    摘要: A system configured to generate a risk score for a threat activity including a digital device. The digital device configured to extract one or more threat events on a network based on metadata for one or more targeted digital devices on the network. Further, the digital device is configured to detect one or more incidents based on a correlation between at least a first threat event of the one or more threat events and a second threat event of the one or more threat events. And, the digital device is configured to generate a risk score for each of said one or more incidents.

    SYSTEMS AND METHODS FOR MALWARE DETECTION AND MITIGATION
    8.
    发明公开
    SYSTEMS AND METHODS FOR MALWARE DETECTION AND MITIGATION 审中-公开
    系统公司VERFAHREN ZUM ERKENNEN UNDABSCHWÄCHENVON SCHADPROGRAMMEN

    公开(公告)号:EP3111331A2

    公开(公告)日:2017-01-04

    申请号:EP15752327.5

    申请日:2015-02-24

    申请人: Cyphort Inc.

    发明人: GOLSHAN, Ali GONG, Fengmin JAS, Frank BILOGORSKIY, Nick VU, Neal LU, Chenghuai BURT, Alex KENYAN, Manikandan TING, Yucheng

    IPC分类号: G06F12/14 G06F11/00

    CPC分类号: H04L63/1416 G06F21/561 G06F21/564 H04L63/145

    摘要: Systems and methods for monitoring malware events in a computer networking environment are described. The systems and methods including the steps of identifying a plurality of suspect objects comprising data about network transactions or computer operations suspected of being linked to a security risk; transmitting the suspect objects to an inspection service operating on one or more general purpose digital computers; transmitting said digital information to an analytical service operating on one or more general purpose digital computers; transmitting said one or more scores to a correlation facility which aggregates a plurality of scores, optionally with other information about each suspect objects, into the form of aggregate data representing one or more aggregate features of a plurality of suspect objects; and generating an infection verification pack comprising routines which, when run on an end-point machine within the computer networking environment, will mitigate a suspected security threat.

    摘要翻译: 描述了在计算机网络环境中监视恶意软件事件的系统和方法。 所述系统和方法包括以下步骤:识别多个可疑对象,包括关于网络交易或涉嫌与安全风险相关联的计算机操作的数据; 将可疑对象传送到在一个或多个通用数字计算机上运行的检查服务,其中检查服务使用多种检查方法来检查可疑对象,以产生关于由嫌疑对象构成的潜在威胁的性质的数字信息; 将所述数字信息发送到在一个或多个通用数字计算机上操作的分析服务,其中所述分析服务执行多个分析算法,以根据其安全威胁对每个可疑对象的一个​​或多个分数对所述可疑对象进行分类; 将所述一个或多个分数发送到相关设施,所述相关设施将可选择地将关于每个可疑对象的其他信息聚集多个分数转换为表示多个可疑对象的一个​​或多个聚合特征的聚合数据的形式; 以及生成包括例程的感染验证包(IVP),当在所述计算机联网环境中的终点机器上运行时,将减轻可疑的安全威胁。

    SYSTEM AND METHOD FOR VERIFYING AND DETECTING MALWARE
    9.
    发明公开
    SYSTEM AND METHOD FOR VERIFYING AND DETECTING MALWARE 审中-公开
    系统VERFAHREN ZUR VERIFIZIERUNG UND ERKENNUNG VON MALWARE

    公开(公告)号:EP3111330A1

    公开(公告)日:2017-01-04

    申请号:EP15752643.5

    申请日:2015-02-24

    申请人: Cyphort Inc.

    发明人: VU, Neal JAS, Frank GONG, Fengmin JAMES, Anthony GOLSHAN, Ali SINGH, Shishir

    IPC分类号: G06F11/00

    CPC分类号: H04L63/145 G06F21/55 G06F21/561 G06F21/566

    摘要: A system configured to detect malware is described. The system including an infection verification pack configured to perform behavior detonation; identify a malware object based on machine-learning; and select one or more persistent artifacts of the malware on the target system based on one or more algorithms applied to behavior traces of the malware object to select one or more persistent artifacts of the malware on the target system.

    摘要翻译: 描述了配置为检测恶意软件的系统。 该系统包括被配置为执行行为引爆的感染验证包; 基于机器学习识别恶意软件对象; 并且基于应用于恶意软件对象的行为痕迹的一个或多个算法来选择目标系统上的恶意软件的一个或多个持久工件,以选择目标系统上的恶意软件的一个或多个持久工件。