公开(公告)号：US20160253750A1

公开(公告)日：2016-09-01

申请号：US15151904

申请日：2016-05-11

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal ,  James Thompson ,  Marvin Sum ,  Jason Ma ,  Bing Jie Fu ,  Ilya Nepomnyashchiy ,  Devin Witherspoon ,  Victoria Lai ,  Steven Berler ,  Alexei Smaliy ,  Suchan Lee

IPC: G06Q40/00 ,  G06F3/0482 ,  G06F3/0484 ,  G06F17/30

CPC classification number: H04L63/1416 ,  G06F3/0482 ,  G06F3/04842 ,  G06F12/1036 ,  G06F17/3053 ,  G06F17/30601 ,  G06F17/30716 ,  G06F17/30991 ,  G06F21/552 ,  G06K9/6218 ,  G06K9/6253 ,  G06Q40/00 ,  G06Q40/02 ,  H04L63/1425 ,  H04L63/1433

Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically generate memory-efficient clustered data structures, automatically analyze those clustered data structures, automatically tag and group those clustered data structures, and provide results of the automated analysis and grouping in an optimized way to an analyst. The automated analysis of the clustered data structures (also referred to herein as data clusters) may include an automated application of various criteria or rules so as to generate a tiled display of the groups of related data clusters such that the analyst may quickly and efficiently evaluate the groups of data clusters. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable an analyst to quickly navigate among information associated with various groups of data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation.

公开(公告)号：US20160028759A1

公开(公告)日：2016-01-28

申请号：US14816748

申请日：2015-08-03

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L63/0209 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/101 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145

Abstract: Systems and methods are presented for generating a threat score and a usage score of each of a plurality of IP addresses. The threat score may be determined based on quantity of occurrences and recency of each occurrence of an IP address in network alert datasets, in addition to a weighting factor for each data source indicating the accuracy of the data source.

Abstract translation: 呈现系统和方法用于生成威胁得分和多个IP地址中的每一个的使用分数。 除了表示数据源的准确性的每个数据源的加权因子之外，还可以基于网络警报数据集中每次出现IP地址的出现次数和近似度来确定威胁分数。

公开(公告)号：US09171334B1

公开(公告)日：2015-10-27

申请号：US14139628

申请日：2013-12-23

Applicant: Palantir Technologies, Inc.

Inventor： Alexander Visbal ,  Adam Borochoff ,  Jacob Albertson ,  Trevor Austin ,  Christopher Rogers ,  Daniel Campos ,  Matthew Sprague ,  Michael Kross ,  Parvathy Menon ,  Michael Harris

IPC: G06Q40/00

CPC classification number: G06F17/3053 ,  G06F17/30345 ,  G06F17/30412 ,  G06F17/30539 ,  G06F17/30572 ,  G06F17/30598 ,  G06F17/30601 ,  G06F17/30604 ,  G06F17/30699 ,  G06F17/30705 ,  G06F17/3071 ,  G06F17/30867 ,  G06Q10/10 ,  G06Q20/4016 ,  G06Q30/0185 ,  G06Q40/00 ,  G06Q40/02 ,  G06Q40/025 ,  G06Q40/10 ,  G06Q40/123

Abstract: In various embodiments, systems, methods, and techniques are disclosed for generating a collection of clusters of related data from a seed. Seeds may be generated based on seed generation strategies or rules. Clusters may be generated by, for example, retrieving a seed, adding the seed to a first cluster, retrieving a clustering strategy or rules, and adding related data and/or data entities to the cluster based on the clustering strategy. Various cluster scores may be generated based on attributes of data in a given cluster. Further, cluster metascores may be generated based on various cluster scores associated with a cluster. Clusters may be ranked based on cluster metascores. Various embodiments may enable an analyst to discover various insights related to data clusters, and may be applicable to various tasks including, for example, tax fraud detection, beaconing malware detection, malware user-agent detection, and/or activity trend detection, among various others.

Abstract translation: 在各种实施例中，公开了用于从种子生成相关数据集合的集合的系统，方法和技术。 可以根据种子生成策略或规则生成种子。 可以通过例如检索种子，将种子添加到第一群集，检索群集策略或规则，以及基于聚类策略将相关数据和/或数据实体添加到群集来生成群集。 可以基于给定簇中的数据的属性来生成各种聚类分数。 此外，可以基于与集群相关联的各种聚类分数来生成集群组合。 群集可能会根据群集元素进行排名。 各种实施例可以使分析人员能够发现与数据集群相关的各种见解，并且可以适用于各种任务，包括例如税欺诈检测，信标恶意软件检测，恶意软件用户代理检测和/或活动趋势检测 其他。

公开(公告)号：US09100428B1

公开(公告)日：2015-08-04

申请号：US14479863

申请日：2014-09-08

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal

IPC: G06F21/00 ,  H04L29/06

CPC classification number: H04L63/1416 ,  H04L63/0209 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/101 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145

Abstract: Systems and methods are presented for generating a threat score and a usage score of each of a plurality of IP addresses. The threat score may be determined based on quantity of occurrences and recency of each occurrence of an IP address in network alert datasets, in addition to a weighting factor for each data source indicating the accuracy of the data source.

Abstract translation: 呈现系统和方法用于生成威胁得分和多个IP地址中的每一个的使用分数。 除了表示数据源的准确性的每个数据源的加权因子之外，还可以基于网络警报数据集中每次出现IP地址的出现次数和近似度来确定威胁分数。

公开(公告)号：US20210385237A1

公开(公告)日：2021-12-09

申请号：US17445439

申请日：2021-08-19

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal ,  James Thompson ,  Marvin Sum ,  Jason Ma ,  Bing Jie Fu ,  Ilya Nepomnyashchiy ,  Devin Witherspoon ,  Victoria Lai ,  Steven Berler ,  Alexei Smaliy ,  Suchan Lee

IPC: H04L29/06 ,  G06Q40/00 ,  G06F16/28 ,  G06F16/9038 ,  G06F16/2457 ,  G06F3/0482 ,  G06F3/0484 ,  G06Q40/02

Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically generate memory-efficient clustered data structures, automatically analyze those clustered data structures, automatically tag and group those clustered data structures, and provide results of the automated analysis and grouping in an optimized way to an analyst. The automated analysis of the clustered data structures (also referred to herein as data clusters) may include an automated application of various criteria or rules so as to generate a tiled display of the groups of related data clusters such that the analyst may quickly and efficiently evaluate the groups of data clusters. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable an analyst to quickly navigate among information associated with various groups of data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation.

公开(公告)号：US10805321B2

公开(公告)日：2020-10-13

申请号：US16256862

申请日：2019-01-24

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal

IPC: G06F21/00 ,  H04L29/06

Abstract: Systems and methods are presented for generating a threat score and a usage score of each of a plurality of IP addresses. The threat score may be determined based on quantity of occurrences and recency of each occurrence of an IP address in network alert datasets, in addition to a weighting factor for each data source indicating the accuracy of the data source.

公开(公告)号：US10726032B2

公开(公告)日：2020-07-28

申请号：US15167652

申请日：2016-05-27

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal ,  Clare Adrien ,  Kevin Simons

IPC: G06F16/248 ,  G06F16/2455 ,  G06F16/26 ,  G06F16/25 ,  G06F40/186 ,  G06F3/0481 ,  G06F3/0484

Abstract: A case management system is configured to generate search templates based on selection of a search type and one or more data sources. As configured, the case management system enables execution of searches using the generated search template on synchronous and asynchronous data sources and provides periodic polling of the asynchronous data sources to generate consolidated search results.

公开(公告)号：US10447712B2

公开(公告)日：2019-10-15

申请号：US15449042

申请日：2017-03-03

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal ,  James Thompson ,  Marvin Sum ,  Jason Ma ,  Bing Jie Fu ,  Ilya Nepomnyashchiy ,  Devin Witherspoon ,  Victoria Lai ,  Steven Berler ,  Alexei Smaliy ,  Suchan Lee

IPC: G06Q40/00 ,  H04L29/06 ,  G06F16/28 ,  G06F16/9038 ,  G06F16/2457 ,  G06F3/0482 ,  G06F3/0484 ,  G06Q40/02 ,  G06F12/1036 ,  G06K9/62 ,  G06F16/34 ,  G06F21/55

Abstract: Embodiments of the present disclosure relate to a data analysis system that may automatically generate memory-efficient clustered data structures, automatically analyze those clustered data structures, automatically tag and group those clustered data structures, and provide results of the automated analysis and grouping in an optimized way to an analyst. The automated analysis of the clustered data structures (also referred to herein as data clusters) may include an automated application of various criteria or rules so as to generate a tiled display of the groups of related data clusters such that the analyst may quickly and efficiently evaluate the groups of data clusters. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable an analyst to quickly navigate among information associated with various groups of data clusters and efficiently evaluate those data clusters in the context of, for example, a fraud investigation.

公开(公告)号：US20190158515A1

公开(公告)日：2019-05-23

申请号：US16256862

申请日：2019-01-24

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L63/0209 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/101 ,  H04L63/14 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145

Abstract: Systems and methods are presented for generating a threat score and a usage score of each of a plurality of IP addresses. The threat score may be determined based on quantity of occurrences and recency of each occurrence of an IP address in network alert datasets, in addition to a weighting factor for each data source indicating the accuracy of the data source.

公开(公告)号：US10230746B2

公开(公告)日：2019-03-12

申请号：US15419718

申请日：2017-01-30

Applicant: Palantir Technologies Inc.

Inventor： Alexander Visbal

IPC: G06F21/00 ,  H04L29/06

Abstract: Systems and methods are presented for generating a threat score and a usage score of each of a plurality of IP addresses. The threat score may be determined based on quantity of occurrences and recency of each occurrence of an IP address in network alert datasets, in addition to a weighting factor for each data source indicating the accuracy of the data source.