-
公开(公告)号:US10536482B2
公开(公告)日:2020-01-14
申请号:US15469539
申请日:2017-03-26
Applicant: Microsoft Technology Licensing, LLC
Inventor: Yuri Gabaev , Elad Iwanir , Gal Tamir
Abstract: Described technologies automatically detect computing system security attacks. Departure of occurrence distributions, which are based on leading digit(s) of digital item occurrence data, from model distributions that correspond to particular data sources, indicates a presence likelihood for particular attack types. Some model distributions exhibit Benford's Phenomenon. Described mechanisms detect security attack types such as ransomware, bitcoin mining, and others, using particular corresponding data sources such as file extensions, processor statistics, etc. Mechanisms detect security attacks without a captured baseline of healthy normal behavior, and without relying on malware code signatures. When an item occurrence distribution departs from a model distribution by at least a predefined degree, the technology electronically raises a security attack alert. Then countermeasures may be asserted for a possible type X security attack on the computing system. Countermeasures may include more computationally intensive tests for determining the precise extent or precise nature of an attack, for instance.
-
公开(公告)号:US20180314517A1
公开(公告)日:2018-11-01
申请号:US15499702
申请日:2017-04-27
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Gal Tamir , Mario A. Rodriguez , Chen Lahav
CPC classification number: G06F8/71 , G06F11/3668
Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
-
公开(公告)号:US11500626B2
公开(公告)日:2022-11-15
申请号:US16870171
申请日:2020-05-08
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Gal Tamir , Mario A. Rodriguez , Chen Lahav
Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
-
公开(公告)号:US10558458B2
公开(公告)日:2020-02-11
申请号:US15174688
申请日:2016-06-06
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Gal Tamir , Amir Eluk , Eli Koreh
IPC: G06F8/72 , G06F16/2453
Abstract: Methods, systems, apparatuses, and computer program products are provided for increasing an efficiency of queries in program code. A plurality of queries is detected in program code. A laziness is extended by which the queries are evaluated in the program code. The queries are decomposed into a plurality of query components. A ruleset that includes a plurality of rules is applied to the query components to generate a functionally equivalent query set to the plurality of queries that evaluates more efficiently relative to the plurality of queries.
-
公开(公告)号:US20170351512A1
公开(公告)日:2017-12-07
申请号:US15174688
申请日:2016-06-06
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Gal Tamir , Amir Eluk , Eli Koreh
Abstract: Methods, systems, apparatuses, and computer program products are provided for increasing an efficiency of queries in program code. A plurality of queries is detected in program code. A laziness is extended by which the queries are evaluated in the program code. The queries are decomposed into a plurality of query components. A ruleset that includes a plurality of rules is applied to the query components to generate a functionally equivalent query set to the plurality of queries that evaluates more efficiently relative to the plurality of queries.
-
Patent Agency Ranking
公开(公告)号:US10715533B2
公开(公告)日:2020-07-14
申请号:US15375001
申请日:2016-12-09
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Chen Lahav , Gal Tamir
Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.
-
公开(公告)号:US10250587B2
公开(公告)日:2019-04-02
申请号:US15282656
申请日:2016-09-30
Applicant: Microsoft Technology Licensing, LLC.
Inventor: Elad Iwanir , Gal Tamir , Shahar Weiss , Eli Koreh
IPC: H04L29/06
Abstract: The misuse of public key, private key, and public/private key certificates poses significant security challenges to computer networks that are addressed by certificate monitoring. Certificate monitoring allows network administrators to detect and remedy poor security practices related to public key certificates and to detect and combat the malicious use of public key certificates in a centralized environment. Best practices and detection methods and systems are developed over time via machine learning to improve network security, and any detected misuse may be brought to a network administrator's attention or automatically remedied.
-
公开(公告)号:US20180097803A1
公开(公告)日:2018-04-05
申请号:US15282656
申请日:2016-09-30
Applicant: Microsoft Technology Licensing, LLC.
Inventor: Elad Iwanir , Gal Tamir , Shahar Weiss , Eli Koreh
IPC: H04L29/06
CPC classification number: H04L63/0823 , H04L63/0815 , H04L63/14
Abstract: The misuse of public key, private key, and public/private key certificates poses significant security challenges to computer networks that are addressed by certificate monitoring. Certificate monitoring allows network administrators to detect and remedy poor security practices related to public key certificates and to detect and combat the malicious use of public key certificates in a centralized environment. Best practices and detection methods and systems are developed over time via machine learning to improve network security, and any detected misuse may be brought to a network administrator's attention or automatically remedied.
-
公开(公告)号:US20180034835A1
公开(公告)日:2018-02-01
申请号:US15375001
申请日:2016-12-09
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Chen Lahav , Gal Tamir
IPC: H04L29/06
Abstract: A system for detecting by a cloud service a ransomware attack on a client device is provided. The system monitors changes to files of the client device that are stored by the cloud service. The system assesses whether a change to a file appears to be malicious in that the change may be caused by ransomware. When the change to the file appears to be malicious, the system performs a countermeasure to prevent synchronization of files of the client device with other client devices and with the cloud service to prevent the propagating of files from the client device, which is undergoing a ransomware attack.
-
公开(公告)号:US20200264871A1
公开(公告)日:2020-08-20
申请号:US16870171
申请日:2020-05-08
Applicant: Microsoft Technology Licensing, LLC
Inventor: Elad Iwanir , Gal Tamir , Mario A. Rodriguez , Chen Lahav
Abstract: Methods for intelligent automatic merging of source control queue items are performed by systems and apparatuses. Project changes are submitted in build requests to a gated check-in build queue requiring successful builds to commit changes to a code repository according to source control. Multiple pending build requests in the build queue are intelligently and automatically merged into a single, pending merged request based on risk factor values associated with the build requests. For merged requests successfully built, files in the build requests are committed and the build requests are removed from the queue. Merged requests unsuccessfully built are divided into equal subsets based on updated risk factor values using information from the unsuccessful build. Successful builds of subsets allow for committing of files and removal from the build queue, while unsuccessful builds are further divided and processed until single build requests are processed to identify root cause errors.
-
-
-
-
-
-
-
-
-
Search Results
14
records
(took 0.027 seconds)
