公开(公告)号：US20230376362A1

公开(公告)日：2023-11-23

申请号：US18360482

申请日：2023-07-27

Applicant: CAPITAL ONE SERVICES, LLC

Inventor： Austin WALTERS ,  Mark WATSON ,  Anh TRUONG ,  Jeremy GOODSITT ,  Reza FARIVAR ,  Kate KEY ,  Vincent PHAM ,  Galen RAFFERTY

IPC: G06F9/54 ,  G06N20/00 ,  G06F17/16 ,  G06N3/04 ,  G06F11/36 ,  G06N3/088 ,  G06F21/62 ,  G06N5/04 ,  G06F17/15 ,  G06T7/194 ,  G06T7/254 ,  G06T7/246 ,  G06F16/2455 ,  G06F16/22 ,  G06F16/28 ,  G06F16/906 ,  G06F16/93 ,  G06F16/903 ,  G06F16/9038 ,  G06F16/9032 ,  G06F16/25 ,  G06F16/335 ,  G06F16/242 ,  G06F16/248 ,  G06F30/20 ,  G06F40/166 ,  G06F40/117 ,  G06F40/20 ,  G06F8/71 ,  G06F17/18 ,  G06F21/55 ,  G06F21/60 ,  G06N7/00 ,  G06Q10/04 ,  G06T11/00 ,  H04L9/40 ,  H04L67/306 ,  H04L67/00 ,  H04N21/234 ,  H04N21/81 ,  G06N5/00 ,  G06N5/02 ,  G06V30/196 ,  G06F18/22 ,  G06F18/23 ,  G06F18/24 ,  G06F18/40 ,  G06F18/213 ,  G06F18/214 ,  G06F18/21 ,  G06F18/20 ,  G06F18/2115 ,  G06F18/2411 ,  G06F18/2415 ,  G06N3/044 ,  G06N3/045 ,  G06N7/01 ,  G06V30/194 ,  G06V10/98 ,  G06V10/70 ,  G06N3/06 ,  G06N3/08

CPC classification number: G06F9/541 ,  G06N20/00 ,  G06F17/16 ,  G06N3/04 ,  G06F11/3628 ,  G06N3/088 ,  G06F21/6254 ,  G06N5/04 ,  G06F17/15 ,  G06F21/6245 ,  G06T7/194 ,  G06T7/254 ,  G06T7/246 ,  G06T7/248 ,  G06F16/24568 ,  G06F16/2237 ,  G06F16/285 ,  G06F16/906 ,  G06F16/93 ,  G06F16/90335 ,  G06F16/9038 ,  G06F16/90332 ,  G06F16/258 ,  G06F16/288 ,  G06F16/283 ,  G06F16/335 ,  G06F16/2264 ,  G06F16/2423 ,  G06F16/248 ,  G06F16/254 ,  G06F30/20 ,  G06F40/166 ,  G06F40/117 ,  G06F40/20 ,  G06F8/71 ,  G06F9/54 ,  G06F9/547 ,  G06F11/3608 ,  G06F11/3636 ,  G06F17/18 ,  G06F21/552 ,  G06F21/60 ,  G06N7/00 ,  G06Q10/04 ,  G06T11/001 ,  H04L63/1416 ,  H04L63/1491 ,  H04L67/306 ,  H04L67/34 ,  H04N21/23412 ,  H04N21/8153 ,  G06N5/00 ,  G06N5/02 ,  G06V30/1985 ,  G06F18/22 ,  G06F18/23 ,  G06F18/24 ,  G06F18/40 ,  G06F18/213 ,  G06F18/214 ,  G06F18/217 ,  G06F18/285 ,  G06F18/2115 ,  G06F18/2148 ,  G06F18/2193 ,  G06F18/2411 ,  G06F18/2415 ,  G06N3/044 ,  G06N3/045 ,  G06N7/01 ,  G06V30/194 ,  G06V10/993 ,  G06V10/768 ,  G06N3/06 ,  G06N3/08 ,  G06T2207/20084 ,  G06T2207/10016 ,  G06T2207/20081

Abstract: Systems and methods for generating synthetic data are disclosed. For example, a system may include one or more memory units storing instructions and one or more processors configured to execute the instructions to perform operations. The operations may include receiving a dataset including time-series data. The operations may include generating a plurality of data segments based on the dataset, determining respective segment parameters of the data segments, and determining respective distribution measures of the data segments. The operations may include training a parameter model to generate synthetic segment parameters. Training the parameter model may be based on the segment parameters. The operations may include training a distribution model to generate synthetic data segments. Training the distribution model may be based on the distribution measures and the segment parameters. The operations may include generating a synthetic dataset using the parameter model and the distribution model and storing the synthetic dataset.

公开(公告)号：US11824894B2

公开(公告)日：2023-11-21

申请号：US17104013

申请日：2020-11-25

Applicant: International Business Machines Corporation

Inventor： Marco Simioni ,  Stefano Braghin ,  Killian Levacher

IPC: H04L9/40 ,  G06F21/55 ,  G06F21/62

CPC classification number: H04L63/1491 ,  G06F21/552 ,  G06F21/6227 ,  G06F21/6254

Abstract: Embodiments of the invention are directed to techniques that include receiving a query intended for a targeted database and determining that the query is from an unauthorized user. A response is returned to the unauthorized user generated by a model, the response being dynamically generated to fulfill the query. The model is configured to generate responses consistent with any previous responses returned to the unauthorized user.

公开(公告)号：US11809552B2

公开(公告)日：2023-11-07

申请号：US17222596

申请日：2021-04-05

Applicant: Power Fingerprinting Inc.

Inventor： Carlos R. Aguayo Gonzalez ,  Jeffrey H. Reed ,  Steven C. Chen

IPC: G06F21/55 ,  G01R22/00 ,  G06F21/32 ,  G06F21/75 ,  G01R1/04 ,  G01R31/28 ,  G01R21/00

CPC classification number: G06F21/552 ,  G01R21/00 ,  G01R31/2832 ,  G01R31/2887 ,  G01R31/2891 ,  G01R31/2893 ,  G06F21/32 ,  G06F21/755 ,  G01R1/0408 ,  G01R31/2886 ,  G06F2221/034

Abstract: Some embodiments described herein include a system that collects and learns reference side-channel normal activity, process it to reveal key features, compares subsequent collected data and processed data for anomalous behavior, and reports such behavior to a management center where this information is displayed and predefine actions can be executed when anomalous behavior is observed. In some instances, a physical side channel (e.g. and indirect measure of program execution such as power consumption or electromagnetic emissions and other physical signals) can be used to assess the execution status in a processor or digital circuit using an external monitor and detect, with extreme accuracy, when an unauthorized execution has managed to disrupt the normal operation of a target system (e.g., a computer system, etc.).

公开(公告)号：US20230351013A1

公开(公告)日：2023-11-02

申请号：US17732620

申请日：2022-04-29

Applicant: Dell Products L.P.

Inventor： Sanjib Mallick ,  Arieh Don ,  Elik Levin ,  Kundan Kumar ,  Gaurav Singh

IPC: G06F21/55 ,  G06F21/56 ,  G06F21/78

CPC classification number: G06F21/554 ,  G06F21/552 ,  G06F21/564 ,  G06F21/568 ,  G06F21/78

Abstract: An apparatus comprises at least one processing device configured to implement a multi-path layer in a host device, wherein the multi-path layer controls delivery of input-output (IO) operations from the host device to a storage system over selected ones of a plurality of paths through a network. The multi-path layer is configured, for each of at least a subset of the IO operations, to store at least a process identifier, a user identifier and an access type for the IO operation. The multi-path layer is further configured to perform analytics on the stored process identifiers, user identifiers and access types to detect an access pattern, and responsive to the detected access pattern having one or more designated characteristics associated with malware, to generate an alert. The alert may be generated by inserting security alert indicators into respective ones of the IO operations, for extraction therefrom by the storage system.

公开(公告)号：US20230342492A1

公开(公告)日：2023-10-26

申请号：US18217381

申请日：2023-06-30

Applicant: Rubrik, Inc.

Inventor： Mohit Gupta ,  Stephen Chu ,  Brian Victor Li

IPC: G06F21/62 ,  G06N20/00 ,  G06F21/55

CPC classification number: G06F21/6245 ,  G06N20/00 ,  G06F21/552 ,  G06F21/6218 ,  G06F2221/034

Abstract: Techniques for implementing proactive data security operations for files using an analysis of access permission levels for the files are disclosed. In some embodiments, a computer system performs operations comprising: determining that data of a file includes sensitive information based on an analysis of the data using a data classification model; determining that access to the file is open using an access classification model; and based on the determination that the data of the file includes sensitive information and the determination that the access to the file is open, causing a notification to be displayed on a computing device of a user, the notification comprising an indication that the file includes sensitive information and that access to the file is open.

公开(公告)号：US11792225B2

公开(公告)日：2023-10-17

申请号：US17978115

申请日：2022-10-31

Applicant: KnowBe4, Inc.

Inventor： Greg Kras ,  Alin Irimie

IPC: H04L9/40 ,  G06F21/55 ,  G06F21/56 ,  G06F21/57

CPC classification number: H04L63/1483 ,  G06F21/552 ,  G06F21/56 ,  G06F21/577 ,  H04L63/1433

Abstract: Embodiments of the disclosure describe systems and methods for selecting a first group of users, which is selected to receive simulated phishing emails as part of a simulated phishing campaign, and adding users to a second group of users based upon those selected users interacting with a simulated phishing email that is part of a simulated phishing campaign; tracking the completion of remediation training related to phishing emails by users in the second group of users and receiving one or more indications that the users in the second group of users have completed remedial training; and automatically adding users, who are members of the second user group, to the first user group, to a third user group, or to a predetermined user group responsive to the one or more indications that the users in the second group of users have completed remedial training.

公开(公告)号：US11790060B2

公开(公告)日：2023-10-17

申请号：US17190105

申请日：2021-03-02

Applicant: Abnormal Security Corporation

Inventor： Rami Faris Habal ,  Abhijit Bagri ,  Yea So Jung ,  Fang Shuo Deng ,  Jeremy Kao ,  Jeshua Alexis Bratman ,  Umut Gultepe ,  Hariank Sagar Muthakana

IPC: G06F21/31 ,  G06F21/62 ,  G06F21/57 ,  G06F21/55

CPC classification number: G06F21/316 ,  G06F21/552 ,  G06F21/577 ,  G06F21/6245

Abstract: Introduced here are computer programs and computer-implemented techniques for building, training, or otherwise developing models of the behavior of employees across more than one channel used for communication. These models can be stored in profiles that are associated with the employees. At a high level, these profiles allow behavior to be monitored across multiple channels so that deviations can be detected and then examined. Moreover, remediation may be performed if an account is determined to be compromised based on its recent activity.

公开(公告)号：US11783046B2

公开(公告)日：2023-10-10

申请号：US15855748

申请日：2017-12-27

Applicant: Elasticsearch B.V.

Inventor： Stephen Dodson ,  Thomas Veasey ,  David Mark Roberts

IPC: G06F21/57 ,  G06N20/00 ,  G06F21/55 ,  G06N20/20 ,  G06N5/025

CPC classification number: G06F21/577 ,  G06F21/552 ,  G06N20/00 ,  G06N20/20 ,  G06F2221/034 ,  G06N5/025

Abstract: Anomaly detection in computing environments is disclosed herein. An example method includes receiving an unstructured input stream of data instances from the computing environment, the unstructured input stream being time stamped; categorizing the data instances of the unstructured input stream of data instances, the data instances comprising at least one principle value and a set of categorical attributes determined through machine learning; generating anomaly scores for each of the data instances collected over a period of time; and detecting a change in the categorical attribute that is indicative of an anomaly.

公开(公告)号：US11783028B2

公开(公告)日：2023-10-10

申请号：US16924004

申请日：2020-07-08

Applicant: CAPITAL ONE SERVICES, LLC

Inventor： Chris Moradi ,  Jacob Sisk ,  Evan Bloom ,  Craig Gimby ,  Xin Sun

IPC: G06F21/55 ,  G06F16/9038 ,  G06F16/2457 ,  G06Q20/40 ,  G06Q10/0635 ,  H04W12/12 ,  H04W12/122 ,  H04W12/126 ,  G06N7/01 ,  H04L9/40 ,  G06F21/60

CPC classification number: G06F21/552 ,  G06F16/24578 ,  G06F16/9038 ,  G06F21/60 ,  G06N7/01 ,  G06Q10/0635 ,  G06Q20/4016 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1475 ,  H04W12/12 ,  H04W12/122 ,  H04W12/126

Abstract: Systems and methods are disclosed for identifying resources responsible for events. In one embodiment, a method may include determining a number of unique actors in a plurality of actors that have accessed the resource. The method may further include identifying from the plurality of actors a set of affected actors that has been affected by an event and identifying from the set of affected actors a subset of resource-affected actors that accessed the resource prior to being affected by the event. The method may further include determining a number of resource-affected actors in the subset of resource-affected actors and, based on the number of unique actors and the number of resource-affected actors, determining an event score for the resource. The event score may be a lower bound of a confidence interval of a binomial proportion of the number of resource-affected actors to the number of unique actors.

公开(公告)号：US11777908B1

公开(公告)日：2023-10-03

申请号：US17356987

申请日：2021-06-24

Applicant: NortonLifeLock Inc.

Inventor： David Luz Silva ,  Iskander Sanchez Rola

IPC: H04L9/40 ,  G06F21/55 ,  G06F16/955

CPC classification number: H04L63/0414 ,  G06F16/9566 ,  G06F21/552 ,  G06F2221/2149

Abstract: Protecting against a tracking parameter in a web link. In one embodiment, a method may include receiving an input URL during a browser navigation session on a user device, the input URL including parameters, determining that the parameters include a tracking parameter, pausing the browser navigation session on the user device, launching the input URL in a headless browser that operates in an isolated environment that simulates one or more features of the user device, landing on a destination web page in the isolated environment, identifying a URL of the destination web page as a destination URL, and resuming the browser navigation session on the user device by replacing the input URL, which includes the tracking parameter, with the destination URL, which does not include the tracking parameter, in order to protect the user device from the tracking parameter.