-
公开(公告)号:US10897470B2
公开(公告)日:2021-01-19
申请号:US15885447
申请日:2018-01-31
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Puneet Sharma , Anand Mudgerikar
Abstract: An example system may comprise a first computing device comprising instructions executable by a hardware processor to: create, responsive to detecting a second computing device initially attempting to connect to a network, an unpopulated baseline profile for the second computing device; populate the baseline profile with initial processes running on the second computing device and initial system calls made by the initial processes during an initial operation time period of the second computing device; monitor, during a subsequent operation time period of the second computing device, subsequent processes running on the second computing device and subsequent system calls made by the subsequent processes; and detect an attack on the second computing device based on a comparison of the subsequent processes and the subsequent system calls to the populated baseline profile.
-
公开(公告)号:US11658986B2
公开(公告)日:2023-05-23
申请号:US17123342
申请日:2020-12-16
Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
Inventor: Puneet Sharma , Anand Mudgerikar
CPC classification number: H04L63/1416 , H04L9/3236 , H04L9/3242 , H04L9/3297 , H04L63/08 , H04L63/14 , H04L63/145
Abstract: An example system may comprise a first computing device comprising instructions executable by a hardware processor to: create, responsive to detecting a second computing device initially attempting to connect to a network, an unpopulated baseline profile for the second computing device; populate the baseline profile with initial processes running on the second computing device and initial system calls made by the initial processes during an initial operation time period of the second computing device; monitor, during a subsequent operation time period of the second computing device, subsequent processes running on the second computing device and subsequent system calls made by the subsequent processes; and detect an attack on the second computing device based on a comparison of the subsequent processes and the subsequent system calls to the populated baseline profile.
-
公开(公告)号:US20210136092A1
公开(公告)日:2021-05-06
申请号:US17123342
申请日:2020-12-16
Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
Inventor: Puneet Sharma , Anand Mudgerikar
Abstract: An example system may comprise a first computing device comprising instructions executable by a hardware processor to: create, responsive to detecting a second computing device initially attempting to connect to a network, an unpopulated baseline profile for the second computing device; populate the baseline profile with initial processes running on the second computing device and initial system calls made by the initial processes during an initial operation time period of the second computing device; monitor, during a subsequent operation time period of the second computing device, subsequent processes running on the second computing device and subsequent system calls made by the subsequent processes; and detect an attack on the second computing device based on a comparison of the subsequent processes and the subsequent system calls to the populated baseline profile.
-
公开(公告)号:US20190238567A1
公开(公告)日:2019-08-01
申请号:US15885447
申请日:2018-01-31
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Puneet Sharma , Anand Mudgerikar
CPC classification number: H04L63/1416 , H04L9/0891 , H04L9/3236 , H04L9/3242 , H04L9/3297 , H04L63/06 , H04L63/08 , H04L63/14 , H04L63/145 , H04L2209/38 , H04L2209/805
Abstract: An example system may comprise a first computing device comprising instructions executable by a hardware processor to: create, responsive to detecting a second computing device initially attempting to connect to a network, an unpopulated baseline profile for the second computing device; populate the baseline profile with initial processes running on the second computing device and initial system calls made by the initial processes during an initial operation time period of the second computing device; monitor, during a subsequent operation time period of the second computing device, subsequent processes running on the second computing device and subsequent system calls made by the subsequent processes; and detect an attack on the second computing device based on a comparison of the subsequent processes and the subsequent system calls to the populated baseline profile.
-
-
-
Search Results
4
records
(took 0.02 seconds)
