公开(公告)号：US20220286379A1

公开(公告)日：2022-09-08

申请号：US17392888

申请日：2021-08-03

Applicant: Barracuda Networks, Inc.

Inventor： Hannes Hofer ,  Leonhard Hoeckner

IPC: H04L12/751 ,  H04L29/06

Abstract: A new approach is proposed to support firewall protection of dynamically introduced routes in an internal communication network. Under the proposed approach, all routes dynamically introduced into the internal communication network via a dynamic routing service are dynamically learned and tagged by a route collection engine. A dynamic network object is created, which is a software component configured to store a plurality of single IP addresses and/or IP address ranges of the dynamically learned routes in a dynamic routing network. A firewall engine of the internal communication network is configured to create one or more firewall rules referencing the dynamic network object and apply various security measures/policies to network data packets routed on the dynamically learned routes in the dynamic routing network based on IP address matching with the dynamic network object.

公开(公告)号：US20220141252A1

公开(公告)日：2022-05-05

申请号：US17247356

申请日：2020-12-08

Applicant: Barracuda Networks, Inc.

Inventor： Fleming Shi

IPC: H04L29/06 ,  G06K9/62 ,  G06N20/00

Abstract: A new approach is proposed to support data filtering in machine learning (ML) to detect impersonation attacks. First, filters are applied to filter data or information collected from a user in order to extract features that are specific and/or unique for the identification of the user. The features extracted from the set of data are then used to train ML models configured to identify a set of key characteristics of electronic messages or web-based resources originated by the user. When a new electronic message or web-based resource purported to be from the user is intercepted, one or more of the trained ML models that are applicable are utilized to determine or predict if the newly intercepted electronic message or web-based resource is indeed originated by the user or is impersonated by an attacker under the same filtering criteria as training of the corresponding ML models.

公开(公告)号：US11126417B2

公开(公告)日：2021-09-21

申请号：US16947075

申请日：2020-07-17

Applicant: Barracuda Networks, Inc.

Inventor： Mathew Levac ,  Fleming Shi

IPC: G06F8/61 ,  G06F8/71 ,  G06F21/53 ,  G06F11/30 ,  G06F11/34 ,  G06F16/2455 ,  G06F9/445

Abstract: A new approach is proposed that contemplates systems and methods to support a sandboxed application plug-in distribution framework. An installation package containing a monitoring plug-in, a display plug-in, and/or third part components is received by a first application running on a first computing device. The first application installs the display plug-in and saves the monitoring plug-in to a centralized database. The first application sends an instruction to a second application running on a second computing device to retrieve the monitoring plug-in from the database and install the monitoring plug-in on the second computing device. Upon receiving a user request, the display plug-in of the first application sends a query to the monitor plug-in of the second application. In response to the query, the monitoring plug-in sends the requested monitored data collected by the second application to the display plug-in, which then formats and presents the monitored data to the user.

公开(公告)号：US20210185010A1

公开(公告)日：2021-06-17

申请号：US17179972

申请日：2021-02-19

Applicant: Barracuda Networks, Inc.

Inventor： Martin WEISSHAUPT ,  Reinhard STAUDACHER ,  Christoph RAUCHEGGER

IPC: H04L29/06 ,  G05B19/418 ,  H04L29/08

Abstract: A new network security device/appliance is proposed to not only protect, but also to control and operate an industrial IoT device. Specifically, the network security device is configured to detect and block cyber attacks such as viruses, hacking attempts, and other types of cyber threats launched from an outside network against the industrial IoT device based on a set of configurable rules. In addition, the network security device is further configured to control and operate the industrial IoT device remotely in response to the cyber attacks by issuing and communicating certain instructions/command to the industrial IoT device. Besides accepting and executing control command from the network security device, the industrial IoT device is also configured to send a request to the network security device to make certain adjustments to the rules concerning network traffic directed to the industrial IoT device.

公开(公告)号：US20200314137A1

公开(公告)日：2020-10-01

申请号：US16899570

申请日：2020-06-11

Applicant: Barracuda Networks, Inc.

Inventor： Alexey Tsitkin ,  Marco Schweighauser ,  Nadia Korshun ,  Shachar Sapir ,  Fleming Shi

IPC: H04L29/06

Abstract: A new approach is proposed to support generating and presenting to a user cyber attack monetary impact estimation of a current or future cyber attack, which is used to stop monetary losses or to mitigate monetary impacts. First, both historic data and real time data on monetary impact of current and/or potential cyber attacks is continuously collected from a plurality of data pools. The collected data is then synchronized, correlated and filtered/cleansed once the data is available to create fidelity among the data from the plurality of data pools. The cyber attack monetary impact is calculated based on the correlated and cleansed data, and is presented to the user along with one or more suggested applications by the user in response to the cyber attack monetary impact, to mitigate the monetary impact of the current or future cyber attack.

公开(公告)号：US10778714B2

公开(公告)日：2020-09-15

申请号：US15920855

申请日：2018-03-14

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Fleming Shi

IPC: H04L29/06 ,  G06N5/02 ,  G06F16/33 ,  G06F21/57 ,  G06F16/34 ,  G06F16/2458

Abstract: A new approach is proposed to support generating and presenting a single composite Cyber Security Threat Index (CSTI) to a user, wherein the CSTI provides the user with an indication of risk of cyber attacks globally and/or in the context of his/her current networking environment. First, various pools of operational data are collected over networks, systems, and/or products, wherein such data includes files being weaponized in the cyber attacks against computer systems and networks, the surfaces and contexts on which the cyber attacks are launched, and influential factors on these data. The data collected from various pools is then synchronized, correlated, and filtered/cleansed so that it can be used to assess risk of the cyber attacks. The CSTI is calculated based on the correlated data on the cyber attacks and interactively presented to the user, who then takes corresponding remediation actions to prevent a cyber attack from happening or spreading.

公开(公告)号：US10542572B2

公开(公告)日：2020-01-21

申请号：US15881019

申请日：2018-01-26

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Michael Perone ,  Fleming Shi

IPC: H04W76/10 ,  H04L12/46 ,  H04W76/11 ,  H04W48/12 ,  H04W88/16

Abstract: A device includes a database, a controller, and a PVN router. The database is configured to store network settings information and tracks devices connected to a network. The controller is configured to control access of devices to one another after establishing a connection to the network. The PVN router is configured to receive a provisioning request from a requesting to connect to the network. The PVN router is further configured to transmit a provisioning response to the requesting device based on instantiation of a PVN template received from the database. The PVN template is generated based on the network settings information and further based on the control access determined by the controller. The provisioning response establishes a connection between the requesting device and the network. The requesting device is inaccessible by a subset of devices already connected in the network after the connection is established and vice versa.

公开(公告)号：US20190318653A1

公开(公告)日：2019-10-17

申请号：US16358503

申请日：2019-03-19

Applicant: Barracuda Networks, Inc.

Inventor： Fleming SHI

IPC: G09B19/00 ,  H04L29/06

Abstract: An approach is proposed to support user-specific real time anti-phishing training of email recipients using real phishing attacks. When a recipient triggers an active content such as an URL link embedded in and/or opens an attachment to an email arrived at the recipient's account, the triggered active content is synchronously intercepted and examined in real time for potential malicious intent of a phishing attack. If the triggered active content is determined to be safe, the recipient is allowed to access the content. If the active content is determined to be malicious, the active content is blocked and the recipient is redirected a safe blocking mechanism. The recipient is then provided with an anti-phishing training exercise, which is specifically customized for the recipient based on the blocked active content in the payload of the email and/or the recipient's security posture and awareness.

公开(公告)号：US10439990B2

公开(公告)日：2019-10-08

申请号：US16031963

申请日：2018-07-10

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Fleming Shi ,  Gean Han

IPC: H04L29/06 ,  H04L12/46 ,  H04L12/66 ,  H04W84/12 ,  H04L12/911

Abstract: An approach is proposed that contemplates system and method to configure firewall rules of a VPN gateway of a protected network so that users of devices in the protected network can access Internet securely via a captive network. First, the proposed approach enables the VPN gateway to probe the captive network with an HTTP request to discover a captive portal of the captive network. After the captive portal is discovered, one or more firewall rules of the VPN gateway are added so that network traffic from the devices in the protected network are redirected to the captive portal for authentication. Once the users are authenticated and a VPN tunnel is established between the VPN gateway and a remote VPN tunnel terminal, the firewall rules previously added are removed from the VPN gateway and all network traffic from the devices in the protected network are routed over the VPN tunnel.

公开(公告)号：US20190026461A1

公开(公告)日：2019-01-24

申请号：US15693367

申请日：2017-08-31

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Asaf Cidon ,  Lior Gavish ,  Michael Perone

IPC: G06F21/55 ,  H04L29/06 ,  H04W12/12 ,  G06N5/04

Abstract: A new approach is proposed to support electronic messaging threat scanning and detection to identify security threats missed by an existing security software of an electronic messaging system. An AI engine first retrieves an entire inventory of historical electronic messages by the users on the electronic messaging system over a certain time. The AI engine scans the retrieved inventory of historical electronic messages to identify various types of security threats to the electronic messaging system in the past. The AI engine compares the identified security threats to those that have been identified by the existing security software to identify a set of security threats that had eluded or missed by the existing security software in the past. The AI engine then removes, modifies, or quarantines electronic messages that contain the missed security threats so that none of them will trigger an attack to the electronic messaging system in the future.