公开(公告)号：US20210136098A1

公开(公告)日：2021-05-06

申请号：US16733324

申请日：2020-01-03

申请人： Citrix Systems, Inc.

发明人： Asterios Stergioudis ,  Aikaterini Kalou ,  Georgios Papaloukopoulos

IPC分类号： H04L29/06 ,  G06F11/07 ,  G06N20/00 ,  G06K9/62

摘要： Described embodiments provide systems and methods for anomaly detection and root cause analysis. A root cause analyzer receives a plurality of data samples input to an anomaly detection engine, and a corresponding plurality of anomaly labels output from the anomaly detection engine. The root cause analyzer trains a classification model using the plurality of data samples and the corresponding plurality of anomaly labels. The root cause analyzer determines, using the trained classification model and the plurality of data samples, relative contributions of anomalous features in a data sample of the plurality of data samples, to a prediction that the data sample is anomalous. The root cause analyzer provides the relative contributions of anomalous features to a device, to determine an action in response to the prediction that the data sample is anomalous.

公开(公告)号：US20220230095A1

公开(公告)日：2022-07-21

申请号：US17188167

申请日：2021-03-01

申请人： Citrix Systems, Inc.

发明人： Asterios Stergioudis

IPC分类号： G06N20/00 ,  G06N5/04

摘要： Systems and methods of training a model is provided. The system can identify an unlabeled data set with phrases received by a virtual assistant that interfaces with one or more virtual applications to execute one or more functions. The system can query the unlabeled data set to select a first set of phrases based at least on one or more confidence scores output by a surrogate model that corresponds to a third-party model maintained by a third-party system. The system can receive, via a user interface, indications of functions to be executed by the one or more virtual applications responsive to the selected first set of phrases. The system can provide, to the third-party system, the indications of functions for the selected first set of phrases to train the third-party model and configure the virtual assistant to execute a function responsive to a phrase in the first set of phrases.

公开(公告)号：US20220222326A1

公开(公告)日：2022-07-14

申请号：US17171243

申请日：2021-02-09

申请人： Citrix Systems, Inc.

发明人： Daniel G. Wing ,  Asterios Stergioudis ,  Manbinder Pal Singh ,  Pratik Shah

IPC分类号： G06F21/31 ,  G06N20/00 ,  G06F11/34 ,  G06N3/04

摘要： A method may include receiving, by a computing system and from a first device, first data. The first data may be based at least in part on a first output from a first instance of a model processed by the first device. The method may further include receiving, by the computing system and from the first device, second data that was processed by the first instance of the model to produce the first output. The method may also include processing, by the computing system, the second data with at least a portion of a second instance of the model to produce a second output. The method may additionally include determining, by the computing system, third data based at least in part on the second output. Further, the method may include determining, by the computing system, that the third data is consistent with the first data.

公开(公告)号：US20220201008A1

公开(公告)日：2022-06-23

申请号：US17188601

申请日：2021-03-01

申请人： Citrix Systems, Inc.

发明人： Asterios Stergioudis

IPC分类号： H04L29/06 ,  H04L29/08 ,  G06N20/00

摘要： Described embodiments provide systems and methods for managing session accessed by a client device. The systems and methods can include one or more processors configured to receive data in a plurality of modalities corresponding to a plurality of features of a session for an entity accessed by a client device. The one or more processors can determine based on the data of the session and a distance model trained with historical data of the entity, a distance between a representation of the data of the session and a predetermined representation for the entity established based on the historical data of the entity. The one or more processors can compare the distance with a threshold established for the entity. The one or more processors can generate, based on the comparison between the distance with the threshold, an action to manage access by the client device to the session for the entity.

公开(公告)号：US11595415B2

公开(公告)日：2023-02-28

申请号：US16733324

申请日：2020-01-03

申请人： Citrix Systems, Inc.

发明人： Asterios Stergioudis ,  Aikaterini Kalou ,  Georgios Papaloukopoulos

IPC分类号： H04L9/40 ,  G06N20/00 ,  G06F11/07 ,  G06K9/62

摘要： Described embodiments provide systems and methods for anomaly detection and root cause analysis. A root cause analyzer receives a plurality of data samples input to an anomaly detection engine, and a corresponding plurality of anomaly labels output from the anomaly detection engine. The root cause analyzer trains a classification model using the plurality of data samples and the corresponding plurality of anomaly labels. The root cause analyzer determines, using the trained classification model and the plurality of data samples, relative contributions of anomalous features in a data sample of the plurality of data samples, to a prediction that the data sample is anomalous. The root cause analyzer provides the relative contributions of anomalous features to a device, to determine an action in response to the prediction that the data sample is anomalous.

公开(公告)号：US11533330B2

公开(公告)日：2022-12-20

申请号：US17016985

申请日：2020-09-10

申请人： Citrix Systems, Inc.

发明人： Asterios Stergioudis ,  Aikaterini Kalou

IPC分类号： H04L29/00 ,  H04L9/40

摘要： Described embodiments provide systems, methods, computer readable media for determining risk metrics. A device may provide a risk model for a network environment. The risk model may include an input level and an output level. The input level may process first datasets each corresponding to a feature and a time window. The first datasets may include factors on access requests. The output level may generate a first aggregate risk metric of a first access request according to the datasets processed by the input level. The device may identify a second dataset corresponding to a second access request over the features and time windows. The device may determine a second aggregate risk metric by applying the second dataset to the risk model. The device may generate a response to the second access request according to an access control policy and the second aggregate risk metric.

公开(公告)号：US20210400075A1

公开(公告)日：2021-12-23

申请号：US17016985

申请日：2020-09-10

申请人： Citrix Systems, Inc.

发明人： Asterios Stergioudis ,  Aikaterini Kalou

IPC分类号： H04L29/06

摘要： Described embodiments provide systems, methods, computer readable media for determining risk metrics. A device may provide a risk model for a network environment. The risk model may include an input level and an output level. The input level may process first datasets each corresponding to a feature and a time window. The first datasets may include factors on access requests. The output level may generate a first aggregate risk metric of a first access request according to the datasets processed by the input level. The device may identify a second dataset corresponding to a second access request over the features and time windows. The device may determine a second aggregate risk metric by applying the second dataset to the risk model. The device may generate a response to the second access request according to an access control policy and the second aggregate risk metric.