-
公开(公告)号:US12003539B2
公开(公告)日:2024-06-04
申请号:US17405267
申请日:2021-08-18
Applicant: SAP SE
Inventor: Cedric R. J. Hebert , Merve Sahin
CPC classification number: H04L63/1491 , G06F9/547
Abstract: In an example embodiment, rather than merely identifying and patching vulnerabilities, a defender in a computer system is able to utilize deception to set traps for attackers who might attack an application. In this manner, rather than the attacker simply merely needing one entry point to succeed, the attacker would then need to avoid all traps, and the defender only needs one trap to be alerted of the attacker. More particularly, in an example embodiment, traps are set in a way that fools attackers, by blending deceptive but believable network traffic into real traffic to and from the application.
-
公开(公告)号:US12047393B2
公开(公告)日:2024-07-23
申请号:US17401873
申请日:2021-08-13
Applicant: SAP SE
Inventor: Laurent Y. Gomez , Cedric R. J. Hebert , Slim Trabelsi
CPC classification number: H04L63/1416 , G06N20/20 , H04L63/1425 , H04L63/20
Abstract: In an example embodiment, a combination of machine learning and rule-based techniques are used to automatically detect social engineering attacks in a computer system. More particularly, three phases of detection are utilized on communications in a thread or stream of communications: attack contextualization, intention classification, and security policy violation detection. Each phase of detection causes a score to be generated that is reflective of the degree of danger in the thread or stream of communications, and these scores may then be combined into a single global social engineering attack score, which then may be used to determined appropriate actions to deal with the attack if it transgresses a threshold.
-
Search Results
2
records
(took 0.015 seconds)
