公开(公告)号：US11627147B2

公开(公告)日：2023-04-11

申请号：US16416000

申请日：2019-05-17

Applicant: Charter Communications Operating, LLC

Inventor： Pratik Lotia ,  Charles Manser

IPC: H04L9/40

Abstract: Method and systems for detecting and mitigating a malicious bot. Threat information is obtained, the threat information identifying one or more indicators of compromise (IOC) corresponding to suspected or known malicious network traffic. A control list (CL) corresponding to the threat information is generated, the CL describing rules for identifying network flows to be logged in a network log. The network log identifying the network flows is obtained and a suspect network flow identified by both the threat information and the network log is identified. An address corresponding to the suspect network flow is identified and the address is correlated with a user identifier. A notification is issued to a user associated with the user identifier, the notification indicating a suspected existence of a malicious bot.

公开(公告)号：US20230199009A1

公开(公告)日：2023-06-22

申请号：US18111580

申请日：2023-02-19

Applicant: Charter Communications Operating, LLC

Inventor： Pratik Lotia ,  Charles Manser

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1458 ,  H04L63/1425 ,  H04L63/1483

Abstract: Method and systems for detecting and mitigating a malicious bot. Threat information is obtained, the threat information identifying one or more indicators of compromise (IOC) corresponding to suspected or known malicious network traffic. A control list (CL) corresponding to the threat information is generated, the CL describing rules for identifying network flows to be logged in a network log. The network log identifying the network flows is obtained and a suspect network flow identified by both the threat information and the network log is identified. An address corresponding to the suspect network flow is identified and the address is correlated with a user identifier. A notification is issued to a user associated with the user identifier, the notification indicating a suspected existence of a malicious bot.

公开(公告)号：US20200213353A1

公开(公告)日：2020-07-02

申请号：US16235499

申请日：2018-12-28

Applicant: Charter Communications Operating, LLC

Inventor： Pratik Mukeshchandra Lotia ,  Charles Manser

IPC: H04L29/06

Abstract: A method and system for detecting and mitigating a malicious bot is disclosed. Address information is obtained from a third-party threat intelligence provider, the address information corresponding to network traffic that has been identified as malicious network traffic. Network traffic originating on a networked device is inspected in search of packets that correspond to the obtained address information. A check is performed to determine if a given one of the searched packets corresponds to an address associated with the address information and, responsive to the check indicating that the given one of the searched packets corresponds to the address associated with the address information, a managed router service is configured to mitigate the malicious network traffic.

公开(公告)号：US20240179171A1

公开(公告)日：2024-05-30

申请号：US18072022

申请日：2022-11-30

Applicant: Charter Communications Operating, LLC

Inventor： Jeffrey Rowell ,  Charles Manser

IPC: H04L9/40

CPC classification number: H04L63/1433

Abstract: A network vulnerability scanning system scans a target device for vulnerabilities to obtain initial network connection data for the target device via a first network interface of the target device, the initial network connection data identifying an initial network connection between the target device and a first hidden network system. The network vulnerability scanning system installs a network scanning application on the target device subsequent to scanning the target device for vulnerabilities to obtain the initial network connection data. The network vulnerability system scans the first hidden network system for vulnerabilities via the network scanning application. Subsequent to scanning the first hidden network system for vulnerabilities, the network vulnerability scanning system obtains additional network connection data for the target device via the first network interface of the target device, the additional network connection data identifying an additional network connection between the target device and a second hidden network system.

公开(公告)号：US20240168976A1

公开(公告)日：2024-05-23

申请号：US17993492

申请日：2022-11-23

Applicant: Charter Communications Operating, LLC

Inventor： Jeffrey Rowell ,  Charles Manser

IPC: G06F16/28

CPC classification number: G06F16/285

Abstract: A set of computing nodes that compose a container orchestration computing cluster are identified. A set of taints that are associated with the set of computing nodes are identified, wherein each taint in the set of taints prohibits scheduling of a container group, which is defined by a container group specification that does not meet a condition defined by the taint, on a computing node associated with the taint. A first container group specification that meets the condition defined by each taint is generated, wherein the first container group specification identifies a container image. The container group, via the first container group specification, is caused to be deployed on each computing node in the set of computing nodes that has an associated taint.

公开(公告)号：US12231455B2

公开(公告)日：2025-02-18

申请号：US18072022

申请日：2022-11-30

Applicant: Charter Communications Operating, LLC

Inventor： Jeffrey Rowell ,  Charles Manser

IPC: H04L29/06 ,  H04L9/40

Abstract: A network vulnerability scanning system scans a target device for vulnerabilities to obtain initial network connection data for the target device via a first network interface of the target device, the initial network connection data identifying an initial network connection between the target device and a first hidden network system. The network vulnerability scanning system installs a network scanning application on the target device subsequent to scanning the target device for vulnerabilities to obtain the initial network connection data. The network vulnerability system scans the first hidden network system for vulnerabilities via the network scanning application. Subsequent to scanning the first hidden network system for vulnerabilities, the network vulnerability scanning system obtains additional network connection data for the target device via the first network interface of the target device, the additional network connection data identifying an additional network connection between the target device and a second hidden network system.

公开(公告)号：US20240179172A1

公开(公告)日：2024-05-30

申请号：US18072057

申请日：2022-11-30

Applicant: Charter Communications Operating, LLC

Inventor： Jeffrey Rowell ,  Charles Manser

IPC: H04L9/40

CPC classification number: H04L63/1433

Abstract: A network vulnerability scanning system scans a target device for vulnerabilities to obtain network connection data for the target device. The network vulnerability scanning system determines the network connection data includes a network connection between the target device and a hidden network system. The network vulnerability scanning system installs a network scanning application on the target device in response to determining the network connection data includes the network connection between the target device and the hidden network system. The network vulnerability scanning system scans the hidden network system for vulnerabilities via the network scanning application installed on the target device.

公开(公告)号：US11902305B2

公开(公告)日：2024-02-13

申请号：US18111580

申请日：2023-02-19

Applicant: Charter Communications Operating, LLC

Inventor： Pratik Lotia ,  Charles Manser

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1425 ,  H04L63/1458 ,  H04L63/1483

Abstract: Method and systems for detecting and mitigating a malicious bot. Threat information is obtained, the threat information identifying one or more indicators of compromise (IOC) corresponding to suspected or known malicious network traffic. A control list (CL) corresponding to the threat information is generated, the CL describing rules for identifying network flows to be logged in a network log. The network log identifying the network flows is obtained and a suspect network flow identified by both the threat information and the network log is identified. An address corresponding to the suspect network flow is identified and the address is correlated with a user identifier. A notification is issued to a user associated with the user identifier, the notification indicating a suspected existence of a malicious bot.

公开(公告)号：US11363063B2

公开(公告)日：2022-06-14

申请号：US16235499

申请日：2018-12-28

Applicant: Charter Communications Operating, LLC

Inventor： Pratik Mukeshchandra Lotia ,  Charles Manser

IPC: H04L9/40

Abstract: A method and system for detecting and mitigating a malicious bot is disclosed. Address information is obtained from a third-party threat intelligence provider, the address information corresponding to network traffic that has been identified as malicious network traffic. Network traffic originating on a networked device is inspected in search of packets that correspond to the obtained address information. A check is performed to determine if a given one of the searched packets corresponds to an address associated with the address information and, responsive to the check indicating that the given one of the searched packets corresponds to the address associated with the address information, a managed router service is configured to mitigate the malicious network traffic.