公开(公告)号：US20190260801A1

公开(公告)日：2019-08-22

申请号：US16401860

申请日：2019-05-02

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06

Abstract: The present disclosure is directed towards systems and methods for evaluating or mitigating a network attack. A device determines one or more client internet protocol addresses associated with the attack on the service. The device assigns a severity score to the attack based on a type of the attack. The device identifies a probability of a user account accessing the service during an attack window based on the type of attack. The device generates an impact score for the user account based on the severity score and the probability of the user account accessing the service during the attack window. The device selects a mitigation policy for the user account based on the impact score.

公开(公告)号：US10284595B2

公开(公告)日：2019-05-07

申请号：US15148400

申请日：2016-05-06

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06

Abstract: The present disclosure is directed towards systems and methods for evaluating or mitigating a network attack. A device determines one or more client internet protocol addresses associated with the attack on the service. The device assigns a severity score to the attack based on a type of the attack. The device identifies a probability of a user account accessing the service during an attack window based on the type of attack. The device generates an impact score for the user account based on the severity score and the probability of the user account accessing the service during the attack window. The device selects a mitigation policy for the user account based on the impact score.

公开(公告)号：US20160330230A1

公开(公告)日：2016-11-10

申请号：US15148374

申请日：2016-05-06

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06 ,  H04L29/12

CPC classification number: H04L63/1433 ,  G06F9/45533 ,  G06F9/45558 ,  G06F2009/45587 ,  H04L9/002 ,  H04L9/3268 ,  H04L61/1511 ,  H04L61/6013 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/0884 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/166 ,  H04L67/42

Abstract: The disclosure is directed to a system for improving security of SSL communications. The system can include an device intermediary between one or more servers, one or more clients, a plurality of agents, and a web service. The servers can be configured to receive SSL connections and issue SSL certificates. The device can include a virtual server associated with a respective one of the servers, such that the SSL certificate of the respective server is transmitted through the device. The device can generate service fingerprints for the one or more servers. Each service fingerprint can include information corresponding to an SSL certificate of the virtual server, one or more DNS aliases for a virtual IP address of the respective virtual server, one or more port numbers serving the SSL certificate, and an IP address serviced by the device. The device also can transmit the service fingerprints to a web service.

Abstract translation: 本公开涉及一种用于提高SSL通信安全性的系统。 系统可以包括一个或多个服务器之间的设备中介，一个或多个客户端，多个代理和web服务。 服务器可以配置为接收SSL连接并发出SSL证书。 该设备可以包括与相应的一个服务器相关联的虚拟服务器，使得相应服务器的SSL证书通过设备传输。 设备可以为一个或多个服务器生成服务指纹。 每个服务指纹可以包括与虚拟服务器的SSL证书相对应的信息，用于各个虚拟服务器的虚拟IP地址的一个或多个DNS别名，用于SSL证书的一个或多个端口号以及由该设备服务的IP地址 。 该设备还可以将服务指纹发送到Web服务。

公开(公告)号：US10819734B2

公开(公告)日：2020-10-27

申请号：US16266931

申请日：2019-02-04

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06 ,  H04L29/12 ,  G06F9/455 ,  H04L9/32 ,  H04L9/00

Abstract: The disclosure is directed to a system for improving security of SSL communications. The system can include an device intermediary between one or more servers, one or more clients, a plurality of agents, and a web service. The servers can be configured to receive SSL connections and issue SSL certificates. The device can include a virtual server associated with a respective one of the servers, such that the SSL certificate of the respective server is transmitted through the device. The device can generate service fingerprints for the one or more servers. Each service fingerprint can include information corresponding to an SSL certificate of the virtual server, one or more DNS aliases for a virtual IP address of the respective virtual server, one or more port numbers serving the SSL certificate, and an IP address serviced by the device. The device also can transmit the service fingerprints to a web service.

公开(公告)号：US20160330236A1

公开(公告)日：2016-11-10

申请号：US15148400

申请日：2016-05-06

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06

CPC classification number: H04L63/1466 ,  H04L63/1416 ,  H04L63/1425 ,  H04L2463/146

Abstract: The present disclosure is directed towards systems and methods for evaluating or mitigating a network attack. A device determines one or more client internet protocol addresses associated with the attack on the service. The device assigns a severity score to the attack based on a type of the attack. The device identifies a probability of a user account accessing the service during an attack window based on the type of attack. The device generates an impact score for the user account based on the severity score and the probability of the user account accessing the service during the attack window. The device selects a mitigation policy for the user account based on the impact score.

Abstract translation: 本公开涉及用于评估或减轻网络攻击的系统和方法。 设备确定与该服务的攻击相关联的一个或多个客户端因特网协议地址。 设备根据攻击的类型为攻击分配严重性分数。 该设备基于攻击类型识别在攻击窗口期间用户帐户访问服务的概率。 该设备基于攻击窗口中的严重性得分和用户帐户访问服务的概率，为用户帐户生成影响分数。 该设备根据影响分数选择用户帐户的缓解策略。

公开(公告)号：US10721270B2

公开(公告)日：2020-07-21

申请号：US16401860

申请日：2019-05-02

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06

Abstract: The present disclosure is directed towards systems and methods for evaluating or mitigating a network attack. A device determines one or more client internet protocol addresses associated with the attack on the service. The device assigns a severity score to the attack based on a type of the attack. The device identifies a probability of a user account accessing the service during an attack window based on the type of attack. The device generates an impact score for the user account based on the severity score and the probability of the user account accessing the service during the attack window. The device selects a mitigation policy for the user account based on the impact score.

公开(公告)号：US20190182288A1

公开(公告)日：2019-06-13

申请号：US16266931

申请日：2019-02-04

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06 ,  H04L9/00 ,  G06F9/455 ,  H04L29/12 ,  H04L9/32

Abstract: The disclosure is directed to a system for improving security of SSL communications. The system can include an device intermediary between one or more servers, one or more clients, a plurality of agents, and a web service. The servers can be configured to receive SSL connections and issue SSL certificates. The device can include a virtual server associated with a respective one of the servers, such that the SSL certificate of the respective server is transmitted through the device. The device can generate service fingerprints for the one or more servers. Each service fingerprint can include information corresponding to an SSL certificate of the virtual server, one or more DNS aliases for a virtual IP address of the respective virtual server, one or more port numbers serving the SSL certificate, and an IP address serviced by the device. The device also can transmit the service fingerprints to a web service.

公开(公告)号：US10218734B2

公开(公告)日：2019-02-26

申请号：US15148374

申请日：2016-05-06

Applicant: Citrix Systems, Inc.

Inventor： Anoop Reddy ,  Kenneth Bell ,  Georgios Oikonomou ,  Kurt Roemer

IPC: H04L29/06 ,  H04L29/12 ,  G06F9/455 ,  H04L9/32 ,  H04L9/00

Abstract: The disclosure is directed to a system for improving security of SSL communications. The system can include an device intermediary between one or more servers, one or more clients, a plurality of agents, and a web service. The servers can be configured to receive SSL connections and issue SSL certificates. The device can include a virtual server associated with a respective one of the servers, such that the SSL certificate of the respective server is transmitted through the device. The device can generate service fingerprints for the one or more servers. Each service fingerprint can include information corresponding to an SSL certificate of the virtual server, one or more DNS aliases for a virtual IP address of the respective virtual server, one or more port numbers serving the SSL certificate, and an IP address serviced by the device. The device also can transmit the service fingerprints to a web service.