公开(公告)号：US12045176B2

公开(公告)日：2024-07-23

申请号：US18302664

申请日：2023-04-18

Applicant: Intel Corporation

Inventor： David M. Durham ,  Ron Gabor

IPC: G06F21/00 ,  G06F12/14 ,  G06F21/57 ,  G06F21/60 ,  G06F21/62

CPC classification number: G06F12/1458 ,  G06F21/577 ,  G06F21/602 ,  G06F21/6218 ,  G06F2212/1052 ,  G06F2212/608 ,  G06F2221/034

Abstract: Embodiments are directed to memory protection with hidden inline metadata. An embodiment of an apparatus includes processor cores; a computer memory for the storage of data; and cache memory communicatively coupled with one or more of the processor cores, wherein one or more processor cores of the plurality of processor cores are to implant hidden inline metadata in one or more cachelines for the cache memory, the hidden inline metadata being hidden at a linear address level.

公开(公告)号：US20240241965A1

公开(公告)日：2024-07-18

申请号：US18155866

申请日：2023-01-18

Applicant: Dell Products, L.P.

Inventor： Carlton A. Andrews ,  David Konetski ,  Nicholas D. Grobelny

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: Systems and methods for telemetry collection auto-tuning for workspaces are described. In an illustrative, non-limiting embodiment, a client Information Handling System (IHS) may include a processor and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor, cause the client IHS to: collect telemetry during execution of a workspace using a telemetry collection setting specified in a file or policy received from a workspace orchestration service, where the file or policy implements a workspace definition usable by a local management agent to instantiate the workspace; in response to a comparison between a security risk score and a threshold risk level, modify the telemetry collection setting; and collect telemetry using the modified telemetry collection setting.

公开(公告)号：US20240241945A1

公开(公告)日：2024-07-18

申请号：US18154758

申请日：2023-01-13

Applicant: VMware, Inc.

Inventor： Lalit Prithviraj JAIN ,  Raghav BATTA ,  Jonathan James OLIVER ,  Anjali MANGAL

IPC: G06F21/55

CPC classification number: G06F21/552 ,  G06F2221/034

Abstract: A method of correlating alerts that are generated by a plurality of endpoints includes the steps of: collecting alert data of alerts generated by the endpoints; for each endpoint, computing alert sequences based on the collected alert data; training a sequence-based model with the computed alert sequences, to generate a vector representation for each of the alerts; for each alert in a set of alerts generated during a first time period, acquiring a vector representation corresponding thereto, which has been generated by the sequence-based model; and applying a clustering algorithm to the vector representations of the alerts in the set of alerts to generate a plurality of clusters of correlated alerts.

公开(公告)号：US12041074B2

公开(公告)日：2024-07-16

申请号：US18345307

申请日：2023-06-30

Applicant: Netskope, Inc.

Inventor： Sean Hittel ,  Ravindra K. Balupari

IPC: H04L9/40 ,  G06F16/176 ,  G06F21/56 ,  G06F21/57 ,  G06F21/62 ,  H04L67/10

CPC classification number: H04L63/1433 ,  G06F16/176 ,  G06F21/56 ,  G06F21/577 ,  G06F21/6218 ,  H04L63/145 ,  H04L67/10 ,  G06F2221/034

Abstract: The technology disclosed relates to simulating spread of a malware in cloud applications. In particular, the technology disclosed relates to accessing sharing data for files shared between users via sync and share mechanisms of cloud applications, tracing connections between the users by traversing a directed graph constructed based on the sharing data, and simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware. The connections are created as a result of syncing and sharing the files via the sync and share mechanisms. The malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.

公开(公告)号：US12039455B2

公开(公告)日：2024-07-16

申请号：US17249133

申请日：2021-02-22

Applicant: KYNDRYL, INC.

Inventor： Tim Uwe Scheideler ,  Arjun Udupi Raghavendra ,  Matthias Seul ,  Andrea Giovannini

IPC: G06N3/088 ,  G06F21/56 ,  G06N3/045

CPC classification number: G06N3/088 ,  G06F21/56 ,  G06N3/045 ,  G06F2221/034

Abstract: The exemplary embodiments disclose a method, a computer system, and a computer program product for detecting malware. The exemplary embodiments may include aggregating known malware patterns by storing malware patterns and related malware categories of the malware patterns. The exemplary embodiments may additionally include training a first machine-learning system, comprising a generator portion and a discriminator portion, by using the known malware patterns and the related malware categories as training data. The exemplary embodiments may also include generating additional synthetic code patterns by feeding random code samples to the trained first machine-learning system. The exemplary embodiments may further include training a second machine-learning system by using benevolent code patterns and the generated additional synthetic code patterns as training data. The exemplary embodiments may include determining a statistical distribution of predicted malicious code patterns and related categories, and determining a quality value of the training of the second machine-learning system.

公开(公告)号：US12039054B2

公开(公告)日：2024-07-16

申请号：US17358765

申请日：2021-06-25

Applicant: Citrix Systems, Inc.

Inventor： Rama Rao Katta

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to detect a request for a sign-up form from a client device to a remote server. The at least one processor is further configured to generate a code module based on the detection. The code module is configured to request a credential vulnerability check from an application management server. The at least one processor is further configured to provide the code module to the client device for execution on the client device in response to an attempted submission of the sign-up form. The at least one processor is further configured to receive a result of the credential vulnerability check from the client device and perform a security action in response to the credential vulnerability check indicating vulnerable credentials.

公开(公告)号：US12039043B2

公开(公告)日：2024-07-16

申请号：US17538652

申请日：2021-11-30

Applicant: Cyber adAPT

Inventor： Simon Williams ,  Michael Weinberger ,  Sam Stover ,  David Kramer

IPC: H04L29/06 ,  G06F21/55 ,  H04L9/40 ,  H04L43/028

CPC classification number: G06F21/554 ,  H04L43/028 ,  H04L63/10 ,  H04L63/20 ,  G06F2221/034

Abstract: A method of dynamic residential threat detection is disclosed. The method includes a packet selection component on a customer premises equipment (CPE) sending a predefined number of packets of each of a plurality of communication sessions to a detection engine based on packet selection rules. The method also includes the detection engine on the CPE receiving and inspecting the predefined number of packets. The method further includes a dynamic optimizing component on the CPE monitoring one or more factors and creating and sending updated packet selection rules based on the monitored factor(s) to the packet selection component. The method additionally comprises the packet selection component sending a different predefined number of packets of each of a second plurality of communication sessions to the detection engine based on the updated packet selection rules. The method further includes the detection engine receiving and inspecting the different predefined number of packets.

公开(公告)号：US20240232385A1

公开(公告)日：2024-07-11

申请号：US18559071

申请日：2022-02-10

Applicant: CYTWIST LTD.

Inventor： Yosef KORAKIN ,  Yehonadav HERTZ ,  Orel BITAN

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: A system comprising a processing circuitry configured to: obtain information of one or more cyber-attack scenarios, each (i) associated with a sequence of events, and (ii) posing a threat on one or more computerized systems of an organization; for each of the cyber-attack scenarios: (a) collect preliminary information enabling determination of occurrence of a first sub-group of the sequence associated with the cyber-attack scenario; (b) analyze the preliminary information to identify the occurrence of the first sub-group; (c) upon identification of occurrence of the first sub-group, proactively collect complementary information; (d) analyze the complementary information to identify the occurrence of the second sub-group, or attempt to negate occurrence of the cyber-attack scenario; and (e) upon the analysis of the complementary information resulting in identification of occurrence of the second sub-group of the respective events, trigger an alert indicative of a potential occurrence of the cyber-attack scenario.

公开(公告)号：US20240232378A9

公开(公告)日：2024-07-11

申请号：US18048511

申请日：2022-10-21

Applicant: Dell Products, L.P.

Inventor： Raveendra Babu Madala ,  Santosh Gore

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: Systems and methods are provided for vulnerability proofing the use of machine learning recommendations by an IHS. A machine learning recommendation is detected that provides configurations for one or more of the hardware components of the IHS. Catalogs specifying known vulnerabilities of hardware components are accessed to determine whether any of the hardware configurations from the machine learning recommendations are identified as vulnerable in one or more of the catalogs. If a machine learning recommendation is identified as vulnerable, use of the machine learning recommendation by the IHS is blocked until the recommendation is modified to include no recommended hardware configurations with vulnerabilities identified in the catalogs.

公开(公告)号：US20240232350A1

公开(公告)日：2024-07-11

申请号：US18617953

申请日：2024-03-27

Applicant: ARRIS Enterprises LLC

Inventor： Matt Frick

IPC: G06F21/56 ,  G06F16/17 ,  G06F21/64

CPC classification number: G06F21/565 ,  G06F16/1734 ,  G06F21/64 ,  G06F2221/034

Abstract: A method is provided for validating an inventory of files in a file system of a customer premises equipment (CPE). The method includes developing a database containing a file system inventory of a validated CPE operating in different scenarios or under different operating conditions that may include different networks, different service provider configurations and different end user feature settings. The validated CPE will be allowed to operate in these different scenarios so that an inventory of files and their attributes may be obtained at different times, such as after a reboot, after a change in software feature configurations, and so on. A file system inventory of a CPE system under test is obtained and each entry in the inventory is compared to the entries in the validated file system database to identify unexpected discrepancies.