-
公开(公告)号:US20230388292A1
公开(公告)日:2023-11-30
申请号:US17804823
申请日:2022-05-31
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: H04L9/40
CPC分类号: H04L63/083 , H04L63/107 , H04L63/102 , H04L63/1416 , H04L63/1425
摘要: A system of monitoring a user behavior for abnormalities compared to a group behavior includes a processor configured to implement instructions for a user to group behavior signature monitor (UGBSM) with at least one user, as a monitored user, and a group of one or more users, as baseline users, to access to certain characteristics of the monitored user and certain characteristics of the baseline users, calculate a user behavioral signature of the monitored user, calculate a group behavioral signature of the baseline users, calculate a degree of variance (DoV) between the user behavioral signature of the monitored user and the group behavioral signature of baseline users, and compare the calculated DoV to a variance threshold to determine whether the user behavioral signature of the monitored user is similar or is different from the group behavioral signature of the baseline users.
-
公开(公告)号:US20240111887A1
公开(公告)日:2024-04-04
申请号:US17936409
申请日:2022-09-29
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
CPC分类号: G06F21/6227 , G06F21/602
摘要: The invention relates to a system and method that relates to creation of a digital fingerprint library for storing information of a document containing protected information. The system mainly includes a fragment generator, a fingerprint value generator, and the digital fingerprint library. The fragment generator generates fragments of the document using a sliding window method. Fragment length is determined heuristically, can be hardcoded in the program or be a parameter in GUI. The fingerprint value generator generates a fingerprint value, e.g., its hash, for each fragment. The fingerprint value represents the information related to respective fragments. The digital fingerprint library then stores the fingerprint value. Fingerprint values of individual fragments serve as key values to provide a mechanism for comparing fragments of unknown files to the digital fingerprint library.
-
公开(公告)号:US20230385404A1
公开(公告)日:2023-11-30
申请号:US17804835
申请日:2022-05-31
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: G06F21/55
CPC分类号: G06F21/552 , G06F2221/034
摘要: A system to optimize required resources at an endpoint needed to monitor a user behavior for abnormalities with the endpoint includes a processor processing a plurality of agents running at the endpoint to intercept network traffic metrics, intercept device access metrics, intercept app-specific user-mode metrics, parse intercepted data, and submit the intercepted data to a backend component at a server to collect the intercepted data from the endpoint, predict deviation from a normal profile, in which the backend component assesses available characteristics of a particular endpoint, calculates an endpoint user profile, calculates a degree of variance (DoV) between the user profile and the normal profile, compares the calculated DoV to a predetermined Variance Threshold (VT), and predicts, based on machine learning algorithms, a movement of a trend of the DoV within the VT, creates an adjusted metrics list, and distributes adjusted metrics to a related endpoint.
-
公开(公告)号:US12105852B2
公开(公告)日:2024-10-01
申请号:US17804833
申请日:2022-05-31
发明人: Nickolay Berko , Ivan Klimov , Serg Bell , Stanislav Protasov
CPC分类号: G06F21/64 , G06Q50/184
摘要: A system for identifying of presence of protected data in an unknown file includes a processor coupled to a memory storing instructions, the processor being configured to implement the instructions to apply a sliding window process to generate one or more fragments of length, for each generated fragment, check whether information about the generated fragment exists in a library of known fragments of protected data, and if the information about the generated fragment from the unknown file exists in the library of known fragments of protected data, perform steps to reflect an existence of the information about the generated fragment.
-
公开(公告)号:US20240114034A1
公开(公告)日:2024-04-04
申请号:US17936414
申请日:2022-09-29
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: H04L9/40
CPC分类号: H04L63/105 , H04L63/0876
摘要: A system and method for adding a fingerprint of a fragment of fixed size and hierarchical classification level to a digital fingerprint library containing information about fingerprints of fragments of fixed size and their hierarchical classification levels and used to identify files that contain known fragments of data in an environment with hierarchical information security classification.
-
公开(公告)号:US12026204B2
公开(公告)日:2024-07-02
申请号:US17804829
申请日:2022-05-31
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: G06F16/906
CPC分类号: G06F16/906
摘要: An automatic incident dispatcher calculates an incident signature of a new incident, calculates a degree of variance (DoV) of the new incident from an incident signature of the previously classified incident, compares the calculated DoV to a predetermined threshold, and determines that the new incident belongs to a same class as a class of the previously classified the new incident if the calculated DoV is less than or equal to the threshold.
-
公开(公告)号:US20230388313A1
公开(公告)日:2023-11-30
申请号:US17804832
申请日:2022-05-31
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: H04L9/40
CPC分类号: H04L63/104 , H04L63/102 , H04L63/107
摘要: A system of automatically managing assignments of users to user groups comprises
a processor to implement instructions for an automatic user group manage (AUGM) to access to two or more users and the assignments of the users to the user groups, observe activity of the users, calculate user behavior signatures for one of at least two users of the users, at least one user of the users and one group of the user groups, or at least two groups of the user groups, calculate a numeric degree of variance between at least two of the user behavior signatures, compare the calculated degree of variance to at least one threshold, and determine if a behavior of one of the at least two users, the at least one user and the one group, or the at least two groups are similar or different.-
公开(公告)号:US20230385342A1
公开(公告)日:2023-11-30
申请号:US17804829
申请日:2022-05-31
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: G06F16/906
CPC分类号: G06F16/906
摘要: An automatic incident dispatcher calculates an incident signature of a new incident, calculates a degree of variance (DoV) of the new incident from an incident signature of the previously classified incident, compares the calculated DoV to a predetermined threshold, and determines that the new incident belongs to a same class as a class of the previously classified the new incident if the calculated DoV is less than or equal to the threshold.
-
9.发明公开公开(公告)号:US20240111882A1
公开(公告)日:2024-04-04
申请号:US17936410
申请日:2022-09-29
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
IPC分类号: G06F21/62 , G06F16/13 , G06F16/185
CPC分类号: G06F21/6218 , G06F16/137 , G06F16/185
摘要: A system and a method for automatically assigning a hierarchical security level to a source of data, e.g., a file or a database, that can be used as a source to generate, e.g., to calculate or to extract, fingerprints of fragments of a fixed size N using a digital fingerprint library that contains fingerprints of known fragments fixed size and their hierarchical security levels are disclosed herein. The method comprises assignment of an initial hierarchical security level to a source of data and further comparison of fingerprints of its fragments of fixed size to the fingerprints of fingerprints of fixed size and their related hierarchical security levels stored in the digital fingerprint library.
-
公开(公告)号:US20230388347A1
公开(公告)日:2023-11-30
申请号:US17804824
申请日:2022-05-31
发明人: Nickolay Berko , Serg Bell , Stanislav Protasov
CPC分类号: H04L63/20 , H04L63/104 , H04L63/102 , G06N20/00
摘要: A system to create an initial list of DLP policies and adjust a DLP policies list overtime includes a processor coupled to a memory storing instructions, the processor implementing the instructions to process a plurality of agents running at an endpoint to intercept a data transfer in a network traffic, intercept the data transfer in a device access, extract textual data from intercepted objects, analyze content for detection of sensitive data in an intercepted data, record justification of the data transfer, prevent the data transfer in case the data transfer is not allowed by rules, and create new data flow/DLP policy rule, and through cloud server side, storing a database of the DLP policy and logs, processing data received from endpoints, storing data classifier database and functions to update data classifier database, and managing and applying DLP policy rules and make system setup.
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.012 秒)
