-
公开(公告)号:US20240214285A1
公开(公告)日:2024-06-27
申请号:US18435803
申请日:2024-02-07
发明人: Jackson Ngoc Ki Pang , Navindra Yadav , Anubhav Gupta , Shashidhar Gandham , Supreeth Hosur Nagesh Rao , Sunil Kumar Gupta
IPC分类号: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/455 , G06F16/11 , G06F16/13 , G06F16/16 , G06F16/17 , G06F16/174 , G06F16/23 , G06F16/2457 , G06F16/248 , G06F16/28 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/55 , G06F21/56 , G06N20/00 , G06N99/00 , G06T11/20 , H04J3/06 , H04J3/14 , H04L1/24 , H04L7/10 , H04L9/08 , H04L9/32 , H04L9/40 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0852 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/00 , H04L45/302 , H04L45/50 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/50 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18
CPC分类号: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/45558 , G06F16/122 , G06F16/137 , G06F16/162 , G06F16/17 , G06F16/173 , G06F16/174 , G06F16/1744 , G06F16/1748 , G06F16/2322 , G06F16/235 , G06F16/2365 , G06F16/24578 , G06F16/248 , G06F16/285 , G06F16/288 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/552 , G06F21/556 , G06F21/566 , G06N20/00 , G06N99/00 , G06T11/206 , H04J3/0661 , H04J3/14 , H04L1/242 , H04L7/10 , H04L9/0866 , H04L9/3239 , H04L9/3242 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0841 , H04L43/0858 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/306 , H04L45/38 , H04L45/46 , H04L45/507 , H04L45/66 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L63/0227 , H04L63/0263 , H04L63/06 , H04L63/0876 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/145 , H04L63/1458 , H04L63/1466 , H04L63/16 , H04L63/20 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , G06F2009/4557 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/033 , G06F2221/2101 , G06F2221/2105 , G06F2221/2111 , G06F2221/2115 , G06F2221/2145 , H04L67/535
摘要: An approach for establishing a priority ranking for endpoints in a network. This can be useful when triaging endpoints after an endpoint becomes compromised. Ensuring that the most critical and vulnerable endpoints are triaged first can help maintain network stability and mitigate damage to endpoints in the network after an endpoint is compromised. The present technology involves determining a criticality ranking and a secondary value for a first endpoint in a datacenter. The criticality ranking and secondary value can be combined to form priority ranking for the first endpoint which can then be compared to a priority ranking for a second endpoint to determine if the first endpoint or the second endpoint should be triaged first.
-
公开(公告)号:US11924072B2
公开(公告)日:2024-03-05
申请号:US17161968
申请日:2021-01-29
发明人: Navindra Yadav , Abhishek Ranjan Singh , Anubhav Gupta , Shashidhar Gandham , Jackson Ngoc Ki Pang , Shih-Chun Chang , Hai Trong Vu
IPC分类号: G06F9/455 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F16/11 , G06F16/13 , G06F16/16 , G06F16/17 , G06F16/174 , G06F16/23 , G06F16/2457 , G06F16/248 , G06F16/28 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/55 , G06F21/56 , G06N20/00 , G06N99/00 , G06T11/20 , H04J3/06 , H04J3/14 , H04L1/24 , H04L9/08 , H04L9/32 , H04L9/40 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/045 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0852 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/00 , H04L45/302 , H04L45/50 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , H04L67/50
CPC分类号: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/45558 , G06F16/122 , G06F16/137 , G06F16/162 , G06F16/17 , G06F16/173 , G06F16/174 , G06F16/1744 , G06F16/1748 , G06F16/2322 , G06F16/235 , G06F16/2365 , G06F16/24578 , G06F16/248 , G06F16/285 , G06F16/288 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/552 , G06F21/556 , G06F21/566 , G06N20/00 , G06N99/00 , G06T11/206 , H04J3/0661 , H04J3/14 , H04L1/242 , H04L9/0866 , H04L9/3239 , H04L9/3242 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0841 , H04L43/0858 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/306 , H04L45/38 , H04L45/46 , H04L45/507 , H04L45/66 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L63/0227 , H04L63/0263 , H04L63/06 , H04L63/0876 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/145 , H04L63/1458 , H04L63/1466 , H04L63/16 , H04L63/20 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , G06F2009/4557 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/033 , G06F2221/2101 , G06F2221/2105 , G06F2221/2111 , G06F2221/2115 , G06F2221/2145 , H04L67/535
摘要: Systems, methods, and computer-readable media for annotating process and user information for network flows. In some embodiments, a capturing agent, executing on a first device in a network, can monitor a network flow associated with the first device. The first device can be, for example, a virtual machine, a hypervisor, a server, or a network device. Next, the capturing agent can generate a control flow based on the network flow. The control flow may include metadata that describes the network flow. The capturing agent can then determine which process executing on the first device is associated with the network flow and label the control flow with this information. Finally, the capturing agent can transmit the labeled control flow to a second device, such as a collector, in the network.
-
公开(公告)号:US11902123B2
公开(公告)日:2024-02-13
申请号:US18054095
申请日:2022-11-09
发明人: Navindra Yadav , Abhishek Ranjan Singh , Anubhav Gupta , Shashidhar Gandham , Jackson Ngoc Ki Pang , Shih-Chun Chang , Hai Trong Vu
IPC分类号: G06F21/55 , G06F21/56 , G06F21/53 , H04L9/40 , H04L43/045 , G06F9/455 , G06N20/00 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04W72/54 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L7/10 , H04L41/046 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06F3/0482 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302 , H04L67/50
CPC分类号: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/45558 , G06F16/122 , G06F16/137 , G06F16/162 , G06F16/17 , G06F16/173 , G06F16/174 , G06F16/1744 , G06F16/1748 , G06F16/235 , G06F16/2322 , G06F16/2365 , G06F16/248 , G06F16/24578 , G06F16/285 , G06F16/288 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/552 , G06F21/556 , G06F21/566 , G06N20/00 , G06N99/00 , G06T11/206 , H04J3/0661 , H04J3/14 , H04L1/242 , H04L7/10 , H04L9/0866 , H04L9/3239 , H04L9/3242 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0841 , H04L43/0858 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/306 , H04L45/38 , H04L45/46 , H04L45/507 , H04L45/66 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L63/0227 , H04L63/0263 , H04L63/06 , H04L63/0876 , H04L63/145 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/1458 , H04L63/1466 , H04L63/16 , H04L63/20 , H04L67/01 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , G06F2009/4557 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/033 , G06F2221/2101 , G06F2221/2105 , G06F2221/2111 , G06F2221/2115 , G06F2221/2145 , H04L67/535
摘要: Systems, methods, and computer-readable media for managing compromised sensors in multi-tiered virtualized environments. In some embodiments, a system can receive, from a first capturing agent deployed in a virtualization layer of a first device, data reports generated based on traffic captured by the first capturing agent. The system can also receive, from a second capturing agent deployed in a hardware layer of a second device, data reports generated based on traffic captured by the second capturing agent. Based on the data reports, the system can determine characteristics of the traffic captured by the first capturing agent and the second capturing agent. The system can then compare the characteristics to determine a multi-layer difference in traffic characteristics. Based on the multi-layer difference in traffic characteristics, the system can determine that the first capturing agent or the second capturing agent is in a faulty state.
-
公开(公告)号:US11902120B2
公开(公告)日:2024-02-13
申请号:US16893854
申请日:2020-06-05
发明人: Rohit Chandra Prasad , Bharathwaj Sankara Viswanathan , Hoang Viet Nguyen , Vimalkumar Jeyakumar , Roberto Fernando Spadaro , Varun Sagar Malhotra , Navindra Yadav
IPC分类号: H04L29/06 , H04L43/045 , H04L9/40 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04W72/54 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L7/10 , H04L41/046 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , G06F21/53 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06F3/0482 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302 , H04L67/50
CPC分类号: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/45558 , G06F16/122 , G06F16/137 , G06F16/162 , G06F16/17 , G06F16/173 , G06F16/174 , G06F16/1744 , G06F16/1748 , G06F16/235 , G06F16/2322 , G06F16/2365 , G06F16/248 , G06F16/24578 , G06F16/285 , G06F16/288 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/552 , G06F21/556 , G06F21/566 , G06N20/00 , G06N99/00 , G06T11/206 , H04J3/0661 , H04J3/14 , H04L1/242 , H04L7/10 , H04L9/0866 , H04L9/3239 , H04L9/3242 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0841 , H04L43/0858 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/306 , H04L45/38 , H04L45/46 , H04L45/507 , H04L45/66 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L63/0227 , H04L63/0263 , H04L63/06 , H04L63/0876 , H04L63/145 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/1458 , H04L63/1466 , H04L63/16 , H04L63/20 , H04L67/01 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , G06F2009/4557 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/033 , G06F2221/2101 , G06F2221/2105 , G06F2221/2111 , G06F2221/2115 , G06F2221/2145 , H04L67/535
摘要: An example method can include choosing a pattern or patterns of network traffic. This pattern can be representative of a certain type of traffic such as an attack. The pattern can be associated with various components of a network and can describe expected behavior of these various components. A system performing this method can then choose a nodes or nodes to generate traffic according to the pattern and send an instruction accordingly. After this synthetic traffic is generated, the system can compare the behavior of the components with the expected behavior. An alert can then be created to notify an administrator or otherwise remedy any problems.
-
公开(公告)号:US20240015083A1
公开(公告)日:2024-01-11
申请号:US18470406
申请日:2023-09-19
发明人: Navindra Yadav , Abhishek Ranjan Singh , Anubhav Gupta , Shashidhar Gandham , Jackson Ngoc Ki Pang , Shih-Chun Chang , Hai Trong Vu
IPC分类号: H04L41/0816 , H04L67/12
CPC分类号: H04L41/0816 , H04L67/12
摘要: Systems, methods, and computer-readable media for updating configurations in sensors deployed in multi-layer virtualized environments. In some examples, a system can track information of sensors and collectors in the network. In response to determining that a specific collector becomes unavailable (e.g., the specific collector is down, offline or becomes unsupported), the system can determine affected sensors corresponding to the specific collector, determine a new collector among active collectors of the network for each of the affected sensors, and dynamically update configuration and settings of the affected sensors to maintain proper collector-to-sensor mappings and other settings on the affected sensors.
-
公开(公告)号:US20230370489A1
公开(公告)日:2023-11-16
申请号:US18352036
申请日:2023-07-13
发明人: Supreeth Rao , Navindra Yadav , Prasannakumar Jobigenahally Malleshaiah , Hanlin He , Umamaheswaran Arumugam , Robert Bukofser , Aiyesha Ma , Kai Zhu , Ashok Kumar
IPC分类号: H04L9/40 , G06F16/901 , H04L41/22 , G06F16/9035
CPC分类号: H04L63/1433 , G06F16/9024 , H04L41/22 , H04L63/1425 , G06F16/9035
摘要: Systems, methods, and computer-readable media for determine a neighborhood graph can include the following processes. A neighborhood graph system generates a neighborhood graph for a plurality of nodes in an enterprise network, the neighborhood graph representing a multi-hop connections between any two nodes of the plurality of nodes. A security score service determines a security score for each of the plurality of nodes to yield a plurality of scores. The neighborhood graph system updates the neighborhood graph of the plurality of nodes using the plurality of scores to provide a visual representation of securities of the plurality of nodes relative to each other.
-
67.发明公开公开(公告)号:US20230276152A1
公开(公告)日:2023-08-31
申请号:US18313255
申请日:2023-05-05
发明人: Ashutosh Kulshreshtha , Omid Madani , Vimal Jeyakumar , Navindra Yadav , Ali Parandehgheibi , Andy Sloane , Kai Chang , Khawar Deen , Shih-Chun Chang , Hai Vu
IPC分类号: H04Q9/02 , H04L43/04 , G06F11/34 , H04L43/026 , H04L41/0631 , H04L41/0681 , H04L67/12
CPC分类号: H04Q9/02 , H04L43/04 , G06F11/3495 , H04L43/026 , H04L41/064 , H04L41/0681 , H04L67/12 , H04L41/14
摘要: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.
-
公开(公告)号:US11637762B2
公开(公告)日:2023-04-25
申请号:US17110100
申请日:2020-12-02
发明人: Ellen Christine Scheib , Ali Parandehgheibi , Omid Madani , Vimalkumar Jeyakumar , Navindra Yadav , Mohammadreza Alizadeh Attar
IPC分类号: H04L43/045 , G06F3/0482 , H04L41/046 , H04L9/40 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L67/10 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , G06F21/53 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04W72/08 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302 , H04L67/50
摘要: Systems and methods are provided for automatically discovering applications/clusters in a network and mapping dependencies between the applications/clusters. A network monitoring system can capture network flow data using sensors executing on physical and/or virtual servers of the network and sensors executing on networking devices connected to the servers. The system can determine a graph including nodes, representing at least the servers, and edges, between pairs of the nodes of the graph indicating the network flow data includes one or more observed flows between pairs of the servers represented by the pairs of the nodes. The system can determine a dependency map, including representations of clusters of the servers and representations of dependencies between the clusters, based on the graph. The system can display a first representation of a first cluster of the dependency map and information indicating a confidence level of identifying the first cluster.
-
公开(公告)号:US11503063B2
公开(公告)日:2022-11-15
申请号:US16985605
申请日:2020-08-05
发明人: Supreeth Hosur Nagesh Rao , Navindra Yadav , Prasannakumar Jobigenahally Malleshaiah , Ashok Kumar , Umamaheswaran Arumugam , Darshan Shrinath Purandare , Songlin Li , Hanlin He
IPC分类号: H04L9/40
摘要: Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting, identifying, and/or assessing hidden vulnerabilities in an enterprise network. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to receive vulnerability data of network components within an enterprise network. The vulnerability data can include identification of one or more vulnerabilities detected within the enterprise network. The device can then determine a vulnerability frequency and a machine frequency associated with each of the one or more vulnerabilities. The device can then determine a vulnerability score for each of the one or more vulnerabilities based on the vulnerability frequency and an inverse of the machine frequency, to yield a plurality of vulnerability scores. The device can then rank the one or more vulnerabilities based on the plurality of vulnerability scores.
-
公开(公告)号:US11496377B2
公开(公告)日:2022-11-08
申请号:US16846149
申请日:2020-04-10
发明人: Navindra Yadav , Mohammadreza Alizadeh Attar , Shashidhar Gandham , Jackson Ngoc Ki Pang , Roberto Fernando Spadaro
IPC分类号: H04L29/06 , H04L43/045 , H04L9/40 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L67/10 , H04L41/046 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , G06F21/53 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04W72/08 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06F3/0482 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302 , H04L67/50
摘要: An approach for detecting anomalous flows in a network using header field entropy. This can be useful in detecting anomalous or malicious traffic that may attempt to “hide” or inject itself into legitimate flows. A malicious endpoint might attempt to send a control message in underutilized header fields or might try to inject illegitimate data into a legitimate flow. These illegitimate flows will likely demonstrate header field entropy that is higher than legitimate flows. Detecting anomalous flows using header field entropy can help detect malicious endpoints.
-
-
-
-
-
-
-
-
-
搜索结果
313 条记录 (耗时 0.042 秒)
