公开(公告)号：US11087098B2

公开(公告)日：2021-08-10

申请号：US16134666

申请日：2018-09-18

Applicant: SAP SE

Inventor： Slim Trabelsi ,  Michail Vasiltschenko ,  Anton Snitko

IPC: G06F40/58 ,  G06F40/284 ,  G06N20/00 ,  G06F40/263

Abstract: Various examples are directed to systems and methods for identifying textual information regarding a first topic. A computer system may access a plurality of text units and detect that a first text unit of the plurality of text units is in a first language. The computer system may access a first language keyword set for the first topic, where the first language keyword set comprises a first plurality of keywords associated with the first language. The computer system may determine a first relevance score for the first text unit based at least in part on the first language keyword set. If the first relevance score is greater than a relevance score threshold, the computer system translates the first text unit to a base language and determines a text unit classification for the first text unit using a classification model trained with training data in the base language.

公开(公告)号：US20210240834A1

公开(公告)日：2021-08-05

申请号：US16778872

申请日：2020-01-31

Applicant: SAP SE

Inventor： Slim Trabelsi ,  Sofiane Lounici ,  Marco Rosa ,  Carlo Maria Negri

IPC: G06F21/57 ,  G06N3/08 ,  G06N20/10 ,  G06N20/20

Abstract: Source code is scanned to generate a list of vulnerable tokens. Thereafter, the list of vulnerable tokens is inputted into a machine learning model to identify false positives in the list of vulnerable tokens. Based on this identification, the list of vulnerable tokens can be modified to remove the identified false positives. Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US10127385B2

公开(公告)日：2018-11-13

申请号：US14843482

申请日：2015-09-02

Applicant: SAP SE

Inventor： Slim Trabelsi

IPC: G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00 ,  G06F21/57 ,  G06F17/30 ,  H04L29/06

Abstract: Embodiments automate tracking of exploit information related to initially-identified security vulnerabilities, through the data mining of social networks. Certain social network communities (e.g., those frequented by hackers) share information about computer security breaches (zero-day events). Embodiments recognize that further relevant security information may be revealed, in conjunction with and/or subsequent to such initial zero-day vulnerability disclosures. That additional information can include valuable details regarding known (or unknown) vulnerabilities, exploit codes and methodologies, patches, etc. Tracking that additional information can benefit security researchers/experts/law enforcement personnel. Embodiments monitoring social media traffic based upon initial security vulnerability information, perform analysis to detect patterns and create relevant keywords therefrom. Those keywords in turn form a basis for generating social media stream(s) responsible for harvesting additional security-relevant data. Results of further analysis of the social media stream can be fed back in an iterative manner to refine pattern detection, keyword creation, and media stream generation.

公开(公告)号：US12047393B2

公开(公告)日：2024-07-23

申请号：US17401873

申请日：2021-08-13

Applicant: SAP SE

Inventor： Laurent Y. Gomez ,  Cedric R. J. Hebert ,  Slim Trabelsi

IPC: H04L29/06 ,  G06N20/20 ,  H04L9/40

CPC classification number: H04L63/1416 ,  G06N20/20 ,  H04L63/1425 ,  H04L63/20

Abstract: In an example embodiment, a combination of machine learning and rule-based techniques are used to automatically detect social engineering attacks in a computer system. More particularly, three phases of detection are utilized on communications in a thread or stream of communications: attack contextualization, intention classification, and security policy violation detection. Each phase of detection causes a score to be generated that is reflective of the degree of danger in the thread or stream of communications, and these scores may then be combined into a single global social engineering attack score, which then may be used to determined appropriate actions to deal with the attack if it transgresses a threshold.

公开(公告)号：US20230252114A1

公开(公告)日：2023-08-10

申请号：US17668208

申请日：2022-02-09

Applicant: SAP SE

Inventor： Rocio Cabrera Lozoya ,  Slim Trabelsi ,  Carlos Rafael Ocanto Davila

IPC: G06F21/31 ,  G06F40/253 ,  G06F40/263 ,  G06F40/40

CPC classification number: G06F21/31 ,  G06F40/253 ,  G06F40/263 ,  G06F40/40

Abstract: In an example embodiment, an efficient, automated method to generate password guesses is provided by leveraging online text sources along with natural language processing techniques. Specifically, semantic structures in passwords are exploited to aid system in generating better guesses. This not only helps cover instances where traditional password meters would indicate a password is safe when it is not, but also makes the solution robust against fast-evolving domains such as new slang in natural languages or new vocabulary arising from new products, product updates, and services.

公开(公告)号：US10771503B2

公开(公告)日：2020-09-08

申请号：US15863092

申请日：2018-01-05

Applicant: SAP SE

Inventor： Slim Trabelsi ,  Karim Oueslati ,  Skander Ben Mahmoud

IPC: H04L29/06 ,  G06F21/55

Abstract: A user authentication process is initiated by a software application executing on a primary server. The user authentication process prompts a user to enter, via a graphical user interface, login credentials. Thereafter, it is determined that the login credentials have been flagged. The user is then directed from the primary server to a fake server (i.e., a second server) mimicking the software application executing on the primary server. Thereafter, the fake server obtains metadata associated with the user interacting with the fake server that characterizes the user. This obtained metadata can later be provided (e.g., displayed, loaded into memory, stored in physical persistence, transmitted to a remote computing system, etc.). Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US20200089771A1

公开(公告)日：2020-03-19

申请号：US16134666

申请日：2018-09-18

Applicant: SAP SE

Inventor： Slim Trabelsi ,  Michail Vasiltschenko ,  Anton Snitko

IPC: G06F17/28 ,  G06F17/27 ,  G06F15/18

Abstract: Various examples are directed to systems and methods for identifying textual information regarding a first topic. A computer system may access a plurality of text units and detect that a first text unit of the plurality of text units is in a first language. The computer system may access a first language keyword set for the first topic, where the first language keyword set comprises a first plurality of keywords associated with the first language. The computer system may determine a first relevance score for the first text unit based at least in part on the first language keyword set. If the first relevance score is greater than a relevance score threshold, the computer system translates the first text unit to a base language and determines a text unit classification for the first text unit using a classification model trained with training data in the base language.

公开(公告)号：US20190215337A1

公开(公告)日：2019-07-11

申请号：US15863092

申请日：2018-01-05

Applicant: SAP SE

Inventor： Slim Trabelsi ,  Karim Oueslati ,  Skander Ben Mahmoud

IPC: H04L29/06

Abstract: A user authentication process is initiated by a software application executing on a primary server. The user authentication process prompts a user to enter, via a graphical user interface, login credentials. Thereafter, it is determined that the login credentials have been flagged. The user is then directed from the primary server to a fake server (i.e., a second server) mimicking the software application executing on the primary server. Thereafter, the fake server obtains metadata associated with the user interacting with the fake server that characterizes the user. This obtained metadata can later be provided (e.g., displayed, loaded into memory, stored in physical persistence, transmitted to a remote computing system, etc.). Related apparatus, systems, techniques and articles are also described.