-
公开(公告)号:US20190251082A1
公开(公告)日:2019-08-15
申请号:US16276085
申请日:2019-02-14
IPC分类号: G06F16/24 , H04L29/06 , G06F16/2455 , G06F16/903
CPC分类号: G06F16/24 , G06F16/24568 , G06F16/90344 , H04L63/0245 , H04L63/1416 , H04L63/1441
摘要: System, methods, and apparatuses enable a network security system to more efficiently perform pattern matching against data items. For example, the disclosed approaches may be used to improve the way in which a deep packet inspection (DPI) microservice performs pattern matching against data items (e.g., network traffic, files, email messages, etc.) in order to detect various types of network security threats (e.g., network intrusion attempts, viruses, spam, and other potential network security issues). A DPI microservice generally refers to an executable component of a network security system that monitors and performs actions relative to input data items for purposes related to computer network security.
-
公开(公告)号:US20190207954A1
公开(公告)日:2019-07-04
申请号:US15860303
申请日:2018-01-02
IPC分类号: H04L29/06
CPC分类号: H04L63/1416 , H04L63/0236 , H04L63/0428 , H04L63/1441 , H04L63/166 , H04L63/20
摘要: Systems, methods, and apparatuses enable evaluating encrypted or obfuscated data packets being transmitted over a connection in a networked environment. In an embodiment, a security service utilizes one or more microservices operating as detectors to analyze characteristics of an encrypted or obfuscated network connection. Using the information from the detectors, the security service classifies the type of encryption protocol used on an encrypted connection and determines an extrapolated protocol state. Using the extrapolated protocol state with additional information received from the detectors, the security service determines a risk level associated with the connection and executes security actions on the connection based on the risk level.
-
公开(公告)号:US10608991B2
公开(公告)日:2020-03-31
申请号:US16276085
申请日:2019-02-14
IPC分类号: H04L29/06 , G06F16/903 , G06F16/2455
摘要: System, methods, and apparatuses enable a network security system to more efficiently perform pattern matching against data items. For example, the disclosed approaches may be used to improve the way in which a deep packet inspection (DPI) microservice performs pattern matching against data items (e.g., network traffic, files, email messages, etc.) in order to detect various types of network security threats (e.g., network intrusion attempts, viruses, spam, and other potential network security issues). A DPI microservice generally refers to an executable component of a network security system that monitors and performs actions relative to input data items for purposes related to computer network security.
-
公开(公告)号:US20180115635A1
公开(公告)日:2018-04-26
申请号:US15331039
申请日:2016-10-21
发明人: Ratinder Paul Singh Ahuja , Manuel Nedbal , Elanthiraiyan Ammoor Anbalagan , Lee Chik Cheung , Sumanth Gangashanaiah , John Richard Guzik
IPC分类号: H04L29/06
CPC分类号: H04L69/166 , H04L12/4633 , H04L63/0428 , H04L67/1097
摘要: Systems and methods are described herein generally relating to network security, and in particular, embodiments described generally relate to systems and methods for selecting microservices to process protocol data streams. For example, a method is disclosed, which calls for receiving a protocol packet, the protocol packet comprising a sequence number, generating a difference by subtracting a protocol message base from the sequence number, generating a first quotient by dividing the difference by a protocol common message length, generating a second value using the first quotient, determining a Transmission Control Protocol (TCP) reassembly resource using the generated second value, and transmitting the protocol packet to the determined TCP reassembly resource.
-
公开(公告)号:US20180034778A1
公开(公告)日:2018-02-01
申请号:US15224396
申请日:2016-07-29
CPC分类号: H04L63/0254 , G06F17/30386 , G06F17/30516 , G06F17/30985 , H04L63/1425 , H04L63/1441
摘要: System, methods, and apparatuses enable a network security system to more efficiently perform pattern matching against data items. For example, the disclosed approaches may be used to improve the way in which a deep packet inspection (DPI) microservice performs pattern matching against data items (e.g., network traffic, files, email messages, etc.) in order to detect various types of network security threats (e.g., network intrusion attempts, viruses, spam, and other potential network security issues). A DPI microservice generally refers to an executable component of a network security system that monitors and performs actions relative to input data items for purposes related to computer network security.
-
公开(公告)号:US20210112081A1
公开(公告)日:2021-04-15
申请号:US16653532
申请日:2019-10-15
IPC分类号: H04L29/06
摘要: Systems, methods, and apparatuses enable one or more security microservices to resolve the disparate impact of security exploits to resources within a resource group. When a resource group is determined to be impacted by a security exploit, the one or more security microservices determines whether the members of the resource group are disparately impacted. In response, the one or more security microservices splits the resource group into an impacted resource group and a non-impacted resource group and applies exploit mitigation to the resource group members in the impacted resource group. When the one or more security microservices determine that the resource group members of the split resource group are no longer disparately impacted, the one or more security microservices combine the impacted resource group and the non-impacted resource group back into a single resource group.
-
公开(公告)号:US20200351306A1
公开(公告)日:2020-11-05
申请号:US16402946
申请日:2019-05-03
发明人: Manuel Nedbal , Ratinder Paul Singh Ahuja , Sumanth Gangashanaiah , Venkata Ramani Yellapragada , Xiaodong Ye
IPC分类号: H04L29/06
摘要: Systems, methods, and apparatuses enable a security service configurator to configure security policies for network traffic sent from internal resources of a secure environment. The security service configurator receives an indication of intrusion activity in network activity directed to a first internal resource of the secure environment. The security service configurator determines the occurrence a pivot of an intrusion between the first internal resource and a second internal resource within the secure environment. In response, the security service configurator configures an extrusion detection policy for the second internal resource. When the security service configurator receives an indication of extrusion activity in network activity directed from the second internal resource to a system external to the secure environment, the security service configurator performs a security process on the network activity.
-
公开(公告)号:US10404838B2
公开(公告)日:2019-09-03
申请号:US15331039
申请日:2016-10-21
发明人: Ratinder Paul Singh Ahuja , Manuel Nedbal , Elanthiraiyan Ammoor Anbalagan , Lee Chik Cheung , Sumanth Gangashanaiah , John Richard Guzik
摘要: Systems and methods are described herein generally relating to network security, and in particular, embodiments described generally relate to systems and methods for selecting microservices to process protocol data streams. For example, a method is disclosed, which calls for receiving a protocol packet, the protocol packet comprising a sequence number, generating a difference by subtracting a protocol message base from the sequence number, generating a first quotient by dividing the difference by a protocol common message length, generating a second value using the first quotient, determining a Transmission Control Protocol (TCP) reassembly resource using the generated second value, and transmitting the protocol packet to the determined TCP reassembly resource.
-
公开(公告)号:US10212133B2
公开(公告)日:2019-02-19
申请号:US15224401
申请日:2016-07-29
摘要: System, methods, and apparatuses enable a network security system to more efficiently perform pattern matching against data items. For example, the disclosed approaches may be used to improve the way in which a deep packet inspection (DPI) microservice performs pattern matching against data items (e.g., network traffic, files, email messages, etc.) in order to detect various types of network security threats (e.g., network intrusion attempts, viruses, spam, and other potential network security issues). A DPI microservice generally refers to an executable component of a network security system that monitors and performs actions relative to input data items for purposes related to computer network security.
-
公开(公告)号:US10212132B2
公开(公告)日:2019-02-19
申请号:US15224396
申请日:2016-07-29
摘要: System, methods, and apparatuses enable a network security system to more efficiently perform pattern matching against data items. For example, the disclosed approaches may be used to improve the way in which a deep packet inspection (DPI) microservice performs pattern matching against data items (e.g., network traffic, files, email messages, etc.) in order to detect various types of network security threats (e.g., network intrusion attempts, viruses, spam, and other potential network security issues). A DPI microservice generally refers to an executable component of a network security system that monitors and performs actions relative to input data items for purposes related to computer network security.
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.015 秒)
