公开(公告)号：US20240364762A1

公开(公告)日：2024-10-31

申请号：US18770256

申请日：2024-07-11

Applicant: Google LLC

Inventor： Daniel Petersson ,  Artem Vladimirovich Titarenko ,  James Michael McCollum ,  Stefan Lindmark

IPC: H04L65/403 ,  H04L9/40 ,  H04N7/15

CPC classification number: H04L65/403 ,  H04L63/0428 ,  H04L63/1416 ,  H04L63/1441 ,  H04N7/15

Abstract: A computing system and method that can be used for a video conferencing system including a watchdog to ensure that all data associated with the video conference is encrypted from end-to-end. In particular, aspects of the present disclosure provide a secure and private approach to conducting remote meetings. For example, the watchdog can monitor the data associated with the video conference, ranging from call setup data to video image and audio data transmitted from one or more client computing devices. In particular, the present disclosure provides a method for ensuring that the video conference data is protected by using multiple steps and monitoring the video conference data while the video conference is ongoing such that remedial measures can be taken immediately when a breach in security is determined.

公开(公告)号：US12126636B2

公开(公告)日：2024-10-22

申请号：US17137193

申请日：2020-12-29

Applicant: Darktrace Limited

Inventor： Tom Dean ,  Jack Stockdale

IPC: H04L9/40 ,  G06F21/55

CPC classification number: H04L63/1425 ,  G06F21/552 ,  H04L63/1441

Abstract: Disclosed herein is a method for use in detection of anomalous behavior of a device of a computer system. The method is arranged to be performed by a processing system. The method includes deriving values, m1, . . . , mN, of a metric, M, representative of data associated with the device; modeling a distribution of the values; and determining, in accordance with the distribution of the values, the probability of observing a more extreme value of the metric than a given value, in, of the metric, wherein the probability is used to determine whether the device is behaving anomalously. Also disclosed is an equivalent computer readable medium and anomalous behavior detection system.

公开(公告)号：US20240348663A1

公开(公告)日：2024-10-17

申请号：US18754140

申请日：2024-06-25

Applicant: QOMPLX LLC

Inventor： Jason Crabtree ,  Richard Kelley ,  Jason Hopper ,  David Park

IPC: H04L9/40 ,  G06F16/2458 ,  G06F16/951

CPC classification number: H04L63/20 ,  G06F16/2477 ,  G06F16/951 ,  H04L63/1425 ,  H04L63/1441

Abstract: An artificial intelligence-driven simulation and decision platform for reducing epistemic uncertainty in complex systems. The system integrates advanced techniques from artificial intelligence, simulation, and uncertainty quantification to generate and run scenarios, monitor progress, and adjust parameters in real-time to achieve user-defined goals. The simulation and decision platform comprises an AI system that employs natural language processing, reinforcement learning, and multi-objective optimization; a continuous and scalable simulation environment; scenario generation and guidance that provides human-readable scenario guides and contextual explanations; and an uncertainty quantification and reduction that employs entropy-based methods and Bayesian inference. The system allows users to define goals and objectives for their simulations, and the AI component generates and optimizes scenarios to achieve these goals while reducing epistemic uncertainty. The simulation and decision platform is designed to be flexible and adaptable to various domains and applications, providing a comprehensive and user-friendly solution for managing complex systems under uncertainty.

公开(公告)号：US20240348642A1

公开(公告)日：2024-10-17

申请号：US18635485

申请日：2024-04-15

Applicant: Druva Inc.

Inventor： Prabal KUMAR ,  Preethi SRINIVASAN ,  Vinay PUNERA

IPC: H04L9/40 ,  G06F11/14

CPC classification number: H04L63/1441 ,  G06F11/1464 ,  G06F11/1469 ,  H04L63/1425 ,  G06F2201/84

Abstract: A system for performing root-cause analysis of cost and/or usage anomalies in a shared data protection environment is presented. The shared backup environment includes a backup/restore system configured to backup data in a storage server and/or restore data from the storage server. The system is configured to perform the root-cause analysis based on storage server data and backup/restore system telemetry data.

公开(公告)号：US12120143B2

公开(公告)日：2024-10-15

申请号：US18197763

申请日：2023-05-16

Applicant: Bank of America Corporation

Inventor： Patrick Lewis

IPC: H04L9/40 ,  G06F9/455 ,  G06F18/214 ,  G06N20/00

CPC classification number: H04L63/1433 ,  G06F9/45558 ,  G06F18/214 ,  G06N20/00 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/20 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Aspects of the disclosure relate to monitoring virtual desktops accessed by devices at remote locations using machine-learning models to mitigate potential cyber-attacks. In some embodiments, a computing platform may monitor data associated with a series of activities from a virtual desktop accessed by a remote computing device. Subsequently, the computing platform may detect new activity data on the virtual desktop accessed by the remote computing device, and evaluate the new activity data relative to the data associated with the series of activities, wherein evaluating includes applying a machine learning model to the new activity data. Based on evaluating the new activity data, the computing platform may determine if the new activity data is indicative of a potential cyber-attack. In response to determining that the new activity data is indicative of a potential cyber-attack, the computing platform may initiate one or more security response actions.

公开(公告)号：US12120133B1

公开(公告)日：2024-10-15

申请号：US16894496

申请日：2020-06-05

Applicant: UNITED SERVICES AUTOMOBILE ASSOCIATION (USAA)

Inventor： Duane E. Weldon

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/10 ,  H04L63/1441

Abstract: A system and a method are disclosed for detecting an unacceptable HTTP requests by scanning the headers of the HTTP requests.

公开(公告)号：US12113831B2

公开(公告)日：2024-10-08

申请号：US17363866

申请日：2021-06-30

Applicant: QOMPLX LLC

Inventor： Jason Crabtree ,  Andrew Sellers ,  Richard Kelley

IPC: H04L9/40 ,  G06F16/2458 ,  G06F16/951

CPC classification number: H04L63/20 ,  G06F16/2477 ,  G06F16/951 ,  H04L63/1425 ,  H04L63/1441

Abstract: A system and method for the privilege assurance of enterprise computer network environments using lateral movement detection and prevention. The system uses local session monitors to monitor logon sessions within a network, generating and verifying event logs and authentication records to ensure the legitimacy of authenticated user sessions and to revoke credentials when an illicit session is detected, halting lateral movement in real-time.

公开(公告)号：US20240323206A1

公开(公告)日：2024-09-26

申请号：US18734883

申请日：2024-06-05

Applicant: Palo Alto Networks, Inc.

Inventor： Zihang Xiao ,  Zhanhao Chen

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1441

Abstract: Domain Name System (DNS) security using process information is provided. An application accessing an internet service using a domain name is determined. Process information associated with the application along with an associated DNS query to identify an IP address associated with the domain name are identified. The process information and the associated DNS query to a DNS security service are sent. An action based on a response from the DNS security service is performed.

公开(公告)号：US20240323202A1

公开(公告)日：2024-09-26

申请号：US18649017

申请日：2024-04-29

Applicant: Rapid7 Israel Technologies Ltd.

Inventor： Nitzan Niv ,  Gad Naor

IPC: H04L9/40 ,  G06F9/54 ,  G06N20/00 ,  G06Q30/0251 ,  H04L41/14 ,  H04L41/142 ,  H04L43/062 ,  H04L67/30 ,  H04W12/06

CPC classification number: H04L63/1416 ,  G06F9/546 ,  G06N20/00 ,  G06Q30/0271 ,  H04L41/142 ,  H04L41/145 ,  H04L43/062 ,  H04L63/102 ,  H04L63/104 ,  H04L63/1425 ,  H04L63/1441 ,  H04L67/30 ,  H04W12/06

Abstract: Various embodiments include systems and methods to implement a security platform providing cyberattack detection. The security platform may, with respect to a cloud compute environment, use audit log data that is associated with a particular domain of operational activity within the cloud compute environment. Based on multiple baseline profiles associated with the operational activity, the security platform may use a probabilistic graph to determine a behavioral anomaly. The security platform may, based on the behavioral anomaly, identify a cyberattack.

公开(公告)号：US20240323199A1

公开(公告)日：2024-09-26

申请号：US18187126

申请日：2023-03-21

Applicant: Honeywell International Inc.

Inventor： Atul BASSI ,  Tarun GUPTA ,  Eli ABRAMSON

IPC: H04L9/40

CPC classification number: H04L63/1416 ,  H04L63/1441 ,  H04L63/20

Abstract: Embodiments of the present disclosure provide for remote access of a device, for example an operational technology device or an information technology device, in a manner with improved cybersecurity. Some embodiments receive remote action data from a client device in response to an initiated remote access action of the remote action data from the client device to a remotely accessible device, quarantine the remote action data from the client device, generate malicious determination data indicating whether the remote action data is determined as malicious by processing the remote action data, and determine whether to block transfer of the remote action data to the remotely accessible device based at least in part on the malicious determination data.