公开(公告)号：US20240086534A1

公开(公告)日：2024-03-14

申请号：US18271850

申请日：2021-01-13

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Yuki YAMANAKA ,  Manami ITO ,  Ryota SATO ,  Hiroyoshi TAKIGUCHI ,  Nobuhiro CHIBA ,  Yoshiaki NAKAJIMA

IPC: G06F21/56 ,  G06F21/55

CPC classification number: G06F21/565 ,  G06F21/552

Abstract: A tampering detection device includes tampering detection circuitry configured to acquire an access pattern of a monitoring target file, extract a time-series pattern of access for each monitoring target file from the access pattern acquired, and determine a scan pattern on a basis of the time-series pattern of access extracted.

公开(公告)号：US20240078309A1

公开(公告)日：2024-03-07

申请号：US18485819

申请日：2023-10-12

Applicant: VEHIQILLA INC.

Inventor： Ali Jamshed KHAN

IPC: G06F21/55 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F21/577

Abstract: Systems and methods for monitoring a plurality of vehicles are provided. The method involves operating at least one processor to: determine, based on cyber risk data corresponding to a plurality of ECU models, a cyber risk score for each ECU model; receive, from each of the vehicles, one or more security logs; map, for each security log, i.) the ECU model of the ECU that recorded the security log, and ii.) the cyber risk score of the ECU model corresponding to the security log; detect a cybersecurity threat in at least some of the vehicles based on i.) at least one event in at least one security log, and ii.) at least one cyber risk score corresponding to the at least one security log; and in response to detecting the cybersecurity threat, transmit an alert indicating at least one vehicle corresponding to the at least one security log.

公开(公告)号：US11924231B2

公开(公告)日：2024-03-05

申请号：US17275947

申请日：2019-09-11

Applicant: Telefonaktiebolaget LM Ericsson (publ)

Inventor： Fereydoun Farrahi Moghaddam ,  Makan Pourzandi

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/56 ,  H04L9/40

CPC classification number: H04L63/1425 ,  G06F21/552 ,  G06F21/566 ,  H04L63/145

Abstract: A method and apparatus are disclosed for malware detection in service function chains. In one embodiment, a method includes receiving data associated with a service function chain, the service function chain comprising a plurality of virtual components organized into a plurality of hierarchical levels and the data indicating interactions between the virtual components when processing at least one packet through the service function chain; filtering the received data based at least in part on a time-between order relation of the interactions between the virtual components and the hierarchical level of the virtual component; and generating a harmony feature vector for the service function chain by applying a featurization function on the filtered data, the harmony feature vector including metrics, the metrics calculated according to the featurization function for each hierarchical level being based at least in part on metrics calculated for at least one lower hierarchical level.

公开(公告)号：US11924073B2

公开(公告)日：2024-03-05

申请号：US17403026

申请日：2021-08-16

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: G06F21/00 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/455 ,  G06F16/11 ,  G06F16/13 ,  G06F16/16 ,  G06F16/17 ,  G06F16/174 ,  G06F16/23 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/28 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56 ,  G06N20/00 ,  G06N99/00 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/045 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/00 ,  H04L45/302 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  H04L67/50

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/45558 ,  G06F16/122 ,  G06F16/137 ,  G06F16/162 ,  G06F16/17 ,  G06F16/173 ,  G06F16/174 ,  G06F16/1744 ,  G06F16/1748 ,  G06F16/2322 ,  G06F16/235 ,  G06F16/2365 ,  G06F16/24578 ,  G06F16/248 ,  G06F16/285 ,  G06F16/288 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/552 ,  G06F21/556 ,  G06F21/566 ,  G06N20/00 ,  G06N99/00 ,  G06T11/206 ,  H04J3/0661 ,  H04J3/14 ,  H04L1/242 ,  H04L9/0866 ,  H04L9/3239 ,  H04L9/3242 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0841 ,  H04L43/0858 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/306 ,  H04L45/38 ,  H04L45/46 ,  H04L45/507 ,  H04L45/66 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/06 ,  H04L63/0876 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/16 ,  H04L63/20 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2009/45595 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2115 ,  G06F2221/2145 ,  H04L67/535

Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

公开(公告)号：US11921894B2

公开(公告)日：2024-03-05

申请号：US17306438

申请日：2021-05-03

Applicant: OneTrust, LLC

Inventor： Kabir A. Barday ,  Mihir S. Karanjkar ,  Steven W. Finch ,  Ken A. Browne ,  Nathan W. Heard ,  Aakash H. Patel ,  Jason L. Sabourin ,  Richard L. Daniel ,  Dylan D. Patton-Kuhl ,  Jonathan Blake Brannon

IPC: G06F21/62 ,  G06F15/76 ,  G06F21/55 ,  G06N20/00

CPC classification number: G06F21/6254 ,  G06F15/76 ,  G06F21/552 ,  G06F21/6227 ,  G06N20/00

Abstract: In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include any entity that collects, processes, contains, and/or transfers personal data (e.g., a software application, database, website, server, etc.). A data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc. The system may then utilize the generated model to fulfil a data subject access request.

公开(公告)号：US11921846B2

公开(公告)日：2024-03-05

申请号：US16835871

申请日：2020-03-31

Applicant: YAHOO ASSETS LLC

Inventor： Stav Yanovsky Daye ,  Ran Wolff

IPC: G06F21/55 ,  G06F18/214 ,  G06F18/22 ,  G06F21/62

CPC classification number: G06F21/552 ,  G06F18/214 ,  G06F18/22 ,  G06F21/55 ,  G06F21/6218 ,  G06F2221/2141

Abstract: Disclosed are systems and methods for improving interactions with and between computers in distributional similarity identification using randomized observations. In connection with an intrusion detection system monitoring a computing system, a pair of perturbed sample sets are generating using a pair of real sample set (or real observations) and a pair of random sample sets (of randomly-selected observations), and a similarity measuring representing a level of consistency in user behavior is determined. The systems improve the quality and accuracy of the similarity determination for use in intrusion detection.

公开(公告)号：US20240061935A1

公开(公告)日：2024-02-22

申请号：US18501824

申请日：2023-11-03

Applicant: DISH Technologies L.L.C.

Inventor： William Michael Beals

IPC: G06F21/56 ,  G06F21/55

CPC classification number: G06F21/562 ,  G06F21/552

Abstract: A virus scanning router may manages a local network, including routing network traffic between devices on the network and routing network traffic being sent to and from such devices via an external communication system. The virus scanning router remotely scans for viruses the files stored on one or more such devices on the network. The virus scanning router may be a device trusted by the other devices on local network to facilitate the virus scanning router reading and scanning one or more files stored on such devices for viruses. The virus scanning router also takes corrective actions such as isolating the infected device or isolating an affected network zone to which the remote device belongs.

公开(公告)号：US20240061929A1

公开(公告)日：2024-02-22

申请号：US17891647

申请日：2022-08-19

Applicant: International Business Machines Corporation

Inventor： Paritosh Ranjan ,  BHUBANESWAR PADHAN ,  Prosanta Saha ,  PRODIP ROY

IPC: G06F21/55 ,  G06F21/62

CPC classification number: G06F21/552 ,  G06F21/6245 ,  G06F2221/034

Abstract: An embodiment includes capturing media data by sampling a media stream received from a web conferencing application during a web conference session between computing devices over a network, wherein the web conference session comprises content communicated as the media stream from a first computing device to a second computing device during the web conference session. The embodiment also includes generating a series of character codes representative of content of the media data by segmenting the media data and identifying character codes that most closely match respective segments. The embodiment also includes identifying sensitive information included in the series of character codes. The embodiment also includes generating, responsive to identifying the sensitive information, a notification regarding a potential leak of sensitive information, where the notification comprises an indication of the sensitive information identified in the series of character codes.

公开(公告)号：US11900178B2

公开(公告)日：2024-02-13

申请号：US17845786

申请日：2022-06-21

Applicant: Capital One Services, LLC

Inventor： Mark Watson ,  Fardin Abdi Taghi Abad ,  Anh Truong ,  Kenneth Taylor ,  Reza Farivar ,  Jeremy Goodsitt ,  Austin Walters ,  Vincent Pham

IPC: G06F9/54 ,  G06N20/00 ,  G06F17/16 ,  G06N3/04 ,  G06F11/36 ,  G06N3/088 ,  G06F21/62 ,  G06N5/04 ,  G06F17/15 ,  G06T7/194 ,  G06T7/254 ,  G06T7/246 ,  G06F16/2455 ,  G06F16/22 ,  G06F16/28 ,  G06F16/906 ,  G06F16/93 ,  G06F16/903 ,  G06F16/9038 ,  G06F16/9032 ,  G06F16/25 ,  G06F16/335 ,  G06F16/242 ,  G06F16/248 ,  G06F30/20 ,  G06F40/166 ,  G06F40/117 ,  G06F40/20 ,  G06F8/71 ,  G06F17/18 ,  G06F21/55 ,  G06F21/60 ,  G06N7/00 ,  G06Q10/04 ,  G06T11/00 ,  H04L9/40 ,  H04L67/306 ,  H04L67/00 ,  H04N21/234 ,  H04N21/81 ,  G06N5/00 ,  G06N5/02 ,  G06V30/196 ,  G06F18/22 ,  G06F18/23 ,  G06F18/24 ,  G06F18/40 ,  G06F18/213 ,  G06F18/214 ,  G06F18/21 ,  G06F18/20 ,  G06F18/2115 ,  G06F18/2411 ,  G06F18/2415 ,  G06N3/044 ,  G06N3/045 ,  G06N7/01 ,  G06V30/194 ,  G06V10/98 ,  G06V10/70 ,  G06N3/06 ,  G06N3/08

CPC classification number: G06F9/541 ,  G06F8/71 ,  G06F9/54 ,  G06F9/547 ,  G06F11/3608 ,  G06F11/3628 ,  G06F11/3636 ,  G06F16/2237 ,  G06F16/2264 ,  G06F16/248 ,  G06F16/2423 ,  G06F16/24568 ,  G06F16/254 ,  G06F16/258 ,  G06F16/283 ,  G06F16/285 ,  G06F16/288 ,  G06F16/335 ,  G06F16/906 ,  G06F16/9038 ,  G06F16/90332 ,  G06F16/90335 ,  G06F16/93 ,  G06F17/15 ,  G06F17/16 ,  G06F17/18 ,  G06F18/213 ,  G06F18/214 ,  G06F18/217 ,  G06F18/2115 ,  G06F18/2148 ,  G06F18/2193 ,  G06F18/22 ,  G06F18/23 ,  G06F18/24 ,  G06F18/2411 ,  G06F18/2415 ,  G06F18/285 ,  G06F18/40 ,  G06F21/552 ,  G06F21/60 ,  G06F21/6245 ,  G06F21/6254 ,  G06F30/20 ,  G06F40/117 ,  G06F40/166 ,  G06F40/20 ,  G06N3/04 ,  G06N3/044 ,  G06N3/045 ,  G06N3/06 ,  G06N3/08 ,  G06N3/088 ,  G06N5/00 ,  G06N5/02 ,  G06N5/04 ,  G06N7/00 ,  G06N7/01 ,  G06N20/00 ,  G06Q10/04 ,  G06T7/194 ,  G06T7/246 ,  G06T7/248 ,  G06T7/254 ,  G06T11/001 ,  G06V10/768 ,  G06V10/993 ,  G06V30/194 ,  G06V30/1985 ,  H04L63/1416 ,  H04L63/1491 ,  H04L67/306 ,  H04L67/34 ,  H04N21/23412 ,  H04N21/8153 ,  G06T2207/10016 ,  G06T2207/20081 ,  G06T2207/20084

Abstract: An exemplary system, method, and computer-accessible medium can include, for example, receiving an original dataset(s), receiving a synthetic dataset(s), training a model(s) using the original dataset(s) and the synthetic dataset(s), and evaluating the synthetic dataset(s) based on the training of the model(s). The model(s) can include a first model and a second model, and the first model can be trained using the original dataset(s) and the second model can be trained using the synthetic dataset(s). The synthetic dataset(s) can be evaluated by comparing first results from the training of the first model to second results from the training of the second model.

公开(公告)号：US20240045950A1

公开(公告)日：2024-02-08

申请号：US18359183

申请日：2023-07-26

Applicant: BitSight Technologies, Inc.

Inventor： Tiago Bagulho Monteiro Pereira ,  Daniel Dahlberg

IPC: G06F21/55

CPC classification number: G06F21/552 ,  G06F2221/034

Abstract: Systems and methods are disclosed for determining control insights corresponding to an entity based on configurable rules. Event datasets corresponding to a plurality of cybersecurity events associated with an entity during a first time period are received. The event datasets are enriched with a plurality of indicators mapped to the plurality of cybersecurity based on a respective event type corresponding to each of the plurality of cybersecurity events. Control insights corresponding to the entity are determined based on a comparison of the one or more enriched event datasets and a plurality of rules. At least one rule is defined by (i) a rule type and (ii) a first subset of the plurality of indicators that is provided as an input to the at least one rule. The control insights each provide an indication of a state of a respective cybersecurity control mechanism corresponding to the entity.