-
公开(公告)号:US10462187B2
公开(公告)日:2019-10-29
申请号:US15688705
申请日:2017-08-28
发明人: Roderick Locke
摘要: A network security system monitors, during a time period, data traffic transmitted between devices in a network to identify a plurality of commands transmitted between the devices. The network security system determines, from the plurality of commands, a first set of commands that were transmitted between a first device and a second device in the network. The network security system determines that the first set of commands includes a threshold number of commands from a first predetermined command group of a plurality of predetermined command groups. Each predetermined command group includes a listing of commands. The network security system generates a first policy based on the first predetermined command group.
-
公开(公告)号:US20190068643A1
公开(公告)日:2019-02-28
申请号:US15688705
申请日:2017-08-28
发明人: Roderick Locke
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , G06F21/50 , G06F21/53 , H04L43/06 , H04L63/0245 , H04L63/0263 , H04L63/101 , H04L63/104 , H04L63/1425 , H04L67/12
摘要: A network security system monitors, during a time period, data traffic transmitted between devices in a network to identify a plurality of commands transmitted between the devices. The network security system determines, from the plurality of commands, a first set of commands that were transmitted between a first device and a second device in the network. The network security system determines that the first set of commands includes a threshold number of commands from a first predetermined command group of a plurality of predetermined command groups. Each predetermined command group includes a listing of commands. The network security system generates a first policy based on the first predetermined command group.
-
公开(公告)号:US10721212B2
公开(公告)日:2020-07-21
申请号:US15799850
申请日:2017-10-31
发明人: Armel Chao , Roderick Locke
摘要: A network security system monitors data traffic being transmitted between a first device and a second device in a network to identify a plurality of commands being transmitted between the first device and the second device. The network security system then generates a whitelisting policy based on the plurality of commands being transmitted between the first device and the second device. After generating the whitelisting policy, the network security system receives subsequent data traffic being transmitted between the first device and the second device, and determines, based on the subsequent data traffic, a first command being transmitted between the first device and the second device. In response to determining that the first command is not included in the whitelisting policy, the network security system generates an alert in relation to the first command.
-
公开(公告)号:US20180176186A1
公开(公告)日:2018-06-21
申请号:US15799850
申请日:2017-10-31
发明人: Armel Chao , Roderick Locke
摘要: A network security system monitors data traffic being transmitted between a first device and a second device in a network to identify a plurality of commands being transmitted between the first device and the second device. The network security system then generates a whitelisting policy based on the plurality of commands being transmitted between the first device and the second device. After generating the whitelisting policy, the network security system receives subsequent data traffic being transmitted between the first device and the second device, and determines, based on the subsequent data traffic, a first command being transmitted between the first device and the second device. In response to determining that the first command is not included in the whitelisting policy, the network security system generates an alert in relation to the first command.
-
-
-
搜索结果
4 条记录 (耗时 0.013 秒)
