-
公开(公告)号:US20220150263A1
公开(公告)日:2022-05-12
申请号:US17526953
申请日:2021-11-15
Applicant: Palantir Technologies Inc.
Inventor: Juan Ricafort , Harkirat Singh , Philip Martin
IPC: H04L9/40
Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.
-
公开(公告)号:US11201879B2
公开(公告)日:2021-12-14
申请号:US16822646
申请日:2020-03-18
Applicant: Palantir Technologies Inc.
Inventor: Juan Ricafort , Harkirat Singh , Philip Martin
Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.
-
公开(公告)号:US20210258146A1
公开(公告)日:2021-08-19
申请号:US17308370
申请日:2021-05-05
Applicant: Palantir Technologies Inc.
Inventor: Ryan Castellucci , Philip Martin
Abstract: A verifiable, redactable log, which, in some embodiments, may contain multiple hash values per entry in order to sever confidentiality of a log from verifiability. Logs may be verified using recalculation of hashes and verification of trusted digital signatures. In some embodiments, the log may be divided into segments, each signed by a time server or self-signed using a system of ephemeral keys. In some embodiments, log messages regarding specific objects or events may be nested within the log to prevent reporting omission. The logging system may receive events or messages to enter into the log.
-
公开(公告)号:US11032065B2
公开(公告)日:2021-06-08
申请号:US16009094
申请日:2018-06-14
Applicant: Palantir Technologies Inc.
Inventor: Ryan Castellucci , Philip Martin
Abstract: A verifiable, redactable log, which, in some embodiments, may contain multiple hash values per entry in order to sever confidentiality of a log from verifiability. Logs may be verified using recalculation of hashes and verification of trusted digital signatures. In some embodiments, the log may be divided into segments, each signed by a time server or self-signed using a system of ephemeral keys. In some embodiments, log messages regarding specific objects or events may be nested within the log to prevent reporting omission. The logging system may receive events or messages to enter into the log.
-
公开(公告)号:US09338013B2
公开(公告)日:2016-05-10
申请号:US14223918
申请日:2014-03-24
Applicant: Palantir Technologies, Inc.
Inventor: Ryan Castellucci , Philip Martin
CPC classification number: H04L9/0643 , G06F11/3476 , G06F17/30144 , G06F21/552 , G06F21/64 , G06F2221/2151 , H04L9/3247 , H04L9/3265 , H04L9/3297
Abstract: A verifiable, redactable log, which, in some embodiments, may contain multiple hash values per entry in order to sever confidentiality of a log from verifiability. Logs may be verified using recalculation of hashes and verification of trusted digital signatures. In some embodiments, the log may be divided into segments, each signed by a time server or self-signed using a system of ephemeral keys. In some embodiments, log messages regarding specific objects or events may be nested within the log to prevent reporting omission. The logging system may receive events or messages to enter into the log.
Abstract translation: 在一些实施例中,可验证的可修改日志,其在每个条目中可以包含多个哈希值,以便将日志的机密性确认为可验证性。 可以使用重新计算散列和验证可信数字签名来验证日志。 在一些实施例中,日志可以被划分成段,每个段由时间服务器签名或使用临时密钥系统进行自签名。 在一些实施例中,关于特定对象或事件的日志消息可以嵌套在日志内以防止报告省略。 日志记录系统可能会收到进入日志的事件或消息。
-
Patent Agency Ranking
公开(公告)号:US12192218B2
公开(公告)日:2025-01-07
申请号:US18360713
申请日:2023-07-27
Applicant: Palantir Technologies Inc.
Inventor: Juan Ricafort , Harkirat Singh , Philip Martin
IPC: H04L9/40 , H04L61/5007 , G06F21/55
Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.
-
公开(公告)号:US11757905B2
公开(公告)日:2023-09-12
申请号:US17526953
申请日:2021-11-15
Applicant: Palantir Technologies Inc.
Inventor: Juan Ricafort , Harkirat Singh , Philip Martin
IPC: H04L9/40 , H04L61/5007 , G06F21/55
CPC classification number: H04L63/1416 , H04L61/5007 , H04L63/029 , H04L63/0272 , H04L63/145 , H04L63/1425 , H04L63/1441 , H04L63/20 , G06F21/556
Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.
-
公开(公告)号:US20200220884A1
公开(公告)日:2020-07-09
申请号:US16822646
申请日:2020-03-18
Applicant: Palantir Technologies Inc.
Inventor: Juan Ricafort , Harkirat Singh , Philip Martin
Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.
-
公开(公告)号:US10609046B2
公开(公告)日:2020-03-31
申请号:US15891873
申请日:2018-02-08
Applicant: Palantir Technologies Inc.
Inventor: Juan Ricafort , Harkirat Singh , Philip Martin
Abstract: Various systems and methods are provided that detect malicious network tunneling. For example, VPN logs and data connection logs may be accessed. The VPN logs may list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs may list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs may be parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address may be retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated.
-
公开(公告)号:US10027473B2
公开(公告)日:2018-07-17
申请号:US15149499
申请日:2016-05-09
Applicant: Palantir Technologies Inc.
Inventor: Ryan Castellucci , Philip Martin
CPC classification number: H04L9/0643 , G06F11/3476 , G06F16/1734 , G06F21/552 , G06F21/64 , G06F2221/2151 , H04L9/3247 , H04L9/3265 , H04L9/3297
Abstract: A verifiable, redactable log, which, in some embodiments, may contain multiple hash values per entry in order to sever confidentiality of a log from verifiability. Logs may be verified using recalculation of hashes and verification of trusted digital signatures. In some embodiments, the log may be divided into segments, each signed by a time server or self-signed using a system of ephemeral keys. In some embodiments, log messages regarding specific objects or events may be nested within the log to prevent reporting omission. The logging system may receive events or messages to enter into the log.
-
-
-
-
-
-
-
-
-
Search Results
20
records
(took 0.02 seconds)
