-
1.发明授权公开(公告)号:US11632309B2
公开(公告)日:2023-04-18
申请号:US17376924
申请日:2021-07-15
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
IPC分类号: H04L41/28 , H04L9/40 , H04W12/12 , G06F21/55 , H04L67/143
摘要: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.
-
2.发明公开公开(公告)号:US20240305539A1
公开(公告)日:2024-09-12
申请号:US18668697
申请日:2024-05-20
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
IPC分类号: H04L41/28 , G06F21/55 , H04L9/40 , H04L67/143 , H04W12/12
CPC分类号: H04L41/28 , G06F21/55 , H04L63/14 , H04L63/1425 , H04L63/1441 , H04W12/12 , H04L63/20 , H04L67/143
摘要: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.
-
3.发明公开公开(公告)号:US20240195705A1
公开(公告)日:2024-06-13
申请号:US18583370
申请日:2024-02-21
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
IPC分类号: H04L41/28 , G06F21/55 , H04L9/40 , H04L67/143 , H04W12/12
CPC分类号: H04L41/28 , G06F21/55 , H04L63/14 , H04L63/1425 , H04L63/1441 , H04W12/12 , H04L63/20 , H04L67/143
摘要: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.
-
公开(公告)号:US11888900B2
公开(公告)日:2024-01-30
申请号:US16857607
申请日:2020-04-24
CPC分类号: H04L63/20 , H04L9/088 , H04L9/0825 , H04L9/0844 , H04L9/3268 , H04L63/105 , H04L9/0643
摘要: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
公开(公告)号:US20200252435A1
公开(公告)日:2020-08-06
申请号:US16857607
申请日:2020-04-24
摘要: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
公开(公告)号:US10673901B2
公开(公告)日:2020-06-02
申请号:US15854879
申请日:2017-12-27
摘要: In one embodiment, a service receives captured traffic flow data regarding a traffic flow sent via a network between a first device assigned to a first network zone and a second device assigned to a second network zone. The service identifies, from the captured traffic flow data, one or more cryptographic parameters of the traffic flow. The service determines whether the one or more cryptographic parameters of the traffic flow satisfy an inter-zone policy associated with the first and second network zones. The service causes performance of a mitigation action in the network when the one or more cryptographic parameters of the traffic flow do not satisfy the inter-zone policy associated with the first and second network zones.
-
7.发明公开公开(公告)号:US20230231777A1
公开(公告)日:2023-07-20
申请号:US18125955
申请日:2023-03-24
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
CPC分类号: H04L41/28 , H04L63/1425 , H04L63/1441 , H04W12/12 , G06F21/55 , H04L63/14 , H04L67/143
摘要: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.
-
8.发明申请公开(公告)号:US20210344573A1
公开(公告)日:2021-11-04
申请号:US17376924
申请日:2021-07-15
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
摘要: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.
-
9.发明授权公开(公告)号:US11075820B2
公开(公告)日:2021-07-27
申请号:US15848101
申请日:2017-12-20
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
摘要: In one embodiment, a service receives data regarding administration traffic in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the received data to determine whether the administration traffic is authorized. The service flags the received data as authorized, based on the analysis of the received data. The service uses the data flagged as authorized to distinguish between benign traffic and malicious traffic in the network.
-
10.发明授权公开(公告)号:US11936533B2
公开(公告)日:2024-03-19
申请号:US18125955
申请日:2023-03-24
发明人: David McGrew , Martin Rehak , Blake Harrell Anderson , Sunil Amin
IPC分类号: H04L41/28 , G06F21/55 , H04L9/40 , H04W12/12 , H04L67/143
CPC分类号: H04L41/28 , G06F21/55 , H04L63/14 , H04L63/1425 , H04L63/1441 , H04W12/12 , H04L63/20 , H04L67/143
摘要: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.014 秒)
