公开(公告)号：US20190028509A1

公开(公告)日：2019-01-24

申请号：US15693318

申请日：2017-08-31

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Asaf Cidon ,  Lior Gavish ,  Michael Perone

IPC: H04L29/06 ,  H04W12/12 ,  G06N5/04 ,  H04L12/58

Abstract: A new approach is proposed to support communication fraud detection and prevention by utilizing an artificial intelligence (AI) engine that detects and blocks impersonation attacks in real time. The AI engine automatically collects all historical electronic messages of each individual user in the entity on an electronic messaging system via an application programming interface (API) call to the electronic messaging system. The AI engine then analyzes the collected electronic messages for a plurality of features to identify unique communication patterns of users in the entity via AI-based classification. When one or more related incoming messages are retrieved in real time, the identified communication patterns are utilized to detect anomalous signals in metadata and/or content of the incoming messages. The AI engine then identifies with a high degree of accuracy whether the incoming messages are part of an impersonation attack based on the detected anomalous signals.

公开(公告)号：US20180152981A1

公开(公告)日：2018-05-31

申请号：US15881019

申请日：2018-01-26

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Michael Perone ,  Fleming Shi

IPC: H04W76/10 ,  H04L12/46 ,  H04W76/11 ,  H04W88/16 ,  H04W48/12

CPC classification number: H04W76/10 ,  H04L12/4641 ,  H04W48/12 ,  H04W76/11 ,  H04W88/16

Abstract: A device includes a database, a controller, and a PVN router. The database is configured to store network settings information and tracks devices connected to a network. The controller is configured to control access of devices to one another after establishing a connection to the network. The PVN router is configured to receive a provisioning request from a requesting to connect to the network. The PVN router is further configured to transmit a provisioning response to the requesting device based on instantiation of a PVN template received from the database. The PVN template is generated based on the network settings information and further based on the control access determined by the controller. The provisioning response establishes a connection between the requesting device and the network. The requesting device is inaccessible by a subset of devices already connected in the network after the connection is established and vice versa.

公开(公告)号：US09918346B2

公开(公告)日：2018-03-13

申请号：US15130923

申请日：2016-04-15

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Michael Perone ,  Fleming Shi

IPC: H04L12/26 ,  H04W76/02 ,  H04L12/46 ,  H04W48/12 ,  H04W88/16

CPC classification number: H04W76/10 ,  H04L12/4641 ,  H04W48/12 ,  H04W76/11 ,  H04W88/16

Abstract: A device includes a database, a controller, and a PVN router. The database is configured to store network settings information and tracks devices connected to a network. The controller is configured to control access of devices to one another after establishing a connection to the network. The PVN router is configured to receive a provisioning request from a requesting to connect to the network. The PVN router is further configured to transmit a provisioning response to the requesting device based on instantiation of a PVN template received from the database. The PVN template is generated based on the network settings information and further based on the control access determined by the controller. The provisioning response establishes a connection between the requesting device and the network. The requesting device is inaccessible by a subset of devices already connected in the network after the connection is established and vice versa.

公开(公告)号：US20190028499A1

公开(公告)日：2019-01-24

申请号：US15693353

申请日：2017-08-31

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Asaf Cidon ,  Lior Gavish ,  Michael Perone

IPC: H04L29/06 ,  G06F9/54 ,  G06F21/53 ,  G06N5/04 ,  G06N99/00

Abstract: A new approach is proposed to support anti-fraud user training and protection by identifying and training individuals within an entity who are at high risk of being targeted in an impersonating attack. An AI engine automatically collects historical electronic messages of each individual in the entity on an electronic messaging system via an application programming interface (API) call. The AI engine then analyzes contents the collected historical electronic messages and calculates a security score for each individual via AI-based classification. The AI engine identifies high-risk individuals within the entity based on their security scores and launches simulated impersonating attacks against these individuals to test their security awareness. The AI engine then collects and analyzes responses to the simulated attacks by those high-risk individuals in real time to identify issues in the responses and to take corresponding actions to prevent the high-risk individuals from suffering damages in case of real attacks.

公开(公告)号：US20160309395A1

公开(公告)日：2016-10-20

申请号：US15130923

申请日：2016-04-15

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Michael Perone ,  Fleming Shi

IPC: H04W48/08 ,  H04W8/00 ,  H04W76/02 ,  H04L12/46

CPC classification number: H04W76/10 ,  H04L12/4641 ,  H04W48/12 ,  H04W76/11 ,  H04W88/16

Abstract: A device includes a database, a controller, and a PVN router. The database is configured to store network settings information and tracks devices connected to a network. The controller is configured to control access of devices to one another after establishing a connection to the network. The PVN router is configured to receive a provisioning request from a requesting to connect to the network. The PVN router is further configured to transmit a provisioning response to the requesting device based on instantiation of a PVN template received from the database. The PVN template is generated based on the network settings information and further based on the control access determined by the controller. The provisioning response establishes a connection between the requesting device and the network. The requesting device is inaccessible by a subset of devices already connected in the network after the connection is established and vice versa.

Abstract translation: 设备包括数据库，控制器和PVN路由器。 数据库被配置为存储网络设置信息并跟踪连接到网络的设备。 控制器被配置为在建立到网络的连接之后控制设备彼此的访问。 PVN路由器被配置为从请求连接到网络接收供应请求。 PVN路由器还被配置为基于从数据库接收的PVN模板的实例来向请求设备发送供应响应。 基于网络设置信息生成PVN模板，并且还基于由控制器确定的控制访问。 供应响应建立请求设备和网络之间的连接。 在建立连接之后，已经连接在网络中的设备的子集不可访问请求设备，反之亦然。

公开(公告)号：US10542572B2

公开(公告)日：2020-01-21

申请号：US15881019

申请日：2018-01-26

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Michael Perone ,  Fleming Shi

IPC: H04W76/10 ,  H04L12/46 ,  H04W76/11 ,  H04W48/12 ,  H04W88/16

Abstract: A device includes a database, a controller, and a PVN router. The database is configured to store network settings information and tracks devices connected to a network. The controller is configured to control access of devices to one another after establishing a connection to the network. The PVN router is configured to receive a provisioning request from a requesting to connect to the network. The PVN router is further configured to transmit a provisioning response to the requesting device based on instantiation of a PVN template received from the database. The PVN template is generated based on the network settings information and further based on the control access determined by the controller. The provisioning response establishes a connection between the requesting device and the network. The requesting device is inaccessible by a subset of devices already connected in the network after the connection is established and vice versa.

公开(公告)号：US20190026461A1

公开(公告)日：2019-01-24

申请号：US15693367

申请日：2017-08-31

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Asaf Cidon ,  Lior Gavish ,  Michael Perone

IPC: G06F21/55 ,  H04L29/06 ,  H04W12/12 ,  G06N5/04

Abstract: A new approach is proposed to support electronic messaging threat scanning and detection to identify security threats missed by an existing security software of an electronic messaging system. An AI engine first retrieves an entire inventory of historical electronic messages by the users on the electronic messaging system over a certain time. The AI engine scans the retrieved inventory of historical electronic messages to identify various types of security threats to the electronic messaging system in the past. The AI engine compares the identified security threats to those that have been identified by the existing security software to identify a set of security threats that had eluded or missed by the existing security software in the past. The AI engine then removes, modifies, or quarantines electronic messages that contain the missed security threats so that none of them will trigger an attack to the electronic messaging system in the future.