Patents Assigned to Corelight, Inc.
  • System and method for determining keystrokes in secure shell (SSH) sessions
    Patent number: 11729217
    Abstract: A system and method for determining human keystrokes in a secure shell (SSH) session from SSH session data traffic provides insight and evidence of an intrusion into a computer network. In one embodiment, the presence of human keystroke(s) in an SSH session may be inferred using a sensor appliance. In one embodiment, the SSH data traffic is encoded in a vector, one or more communication patterns are identified in the vector and the presence of human keystrokes may be inferred from the one or more communication patterns.
    Type: Grant
    Filed: March 24, 2021
    Date of Patent: August 15, 2023
    Assignee: CORELIGHT, INC.
    Inventor: Anthony Kasza
  • SYSTEM AND METHOD FOR NETWORK TRAFFIC CLASSIFICATION USING SNIPPETS AND ON THE FLY BUILT CLASSIFIERS
    Publication number: 20220345382
    Abstract: A system and method for traffic classification using snippets and on-the-fly traffic classifiers can build traffic classifiers that leverage interpretable feature sets without the need to inspect payloads—ensuring functionality across clear-text and encrypted flows. In one embodiment, the system identifies n-grams (“snippets”) in a network flow's sequence-of-message-lengths that are strongly indicative of a given class of traffic and predicts a network flow's class by assessing the presence of snippets relevant to different classes.
    Type: Application
    Filed: October 7, 2021
    Publication date: October 27, 2022
    Applicant: CORELIGHT, INC.
    Inventor: Julien Piet
  • System and method for network traffic classification using snippets and on the fly built classifiers
    Patent number: 11463334
    Abstract: A system and method for traffic classification using snippets and on-the-fly traffic classifiers can build traffic classifiers that leverage interpretable feature sets without the need to inspect payloads—ensuring functionality across clear-text and encrypted flows. In one embodiment, the system identifies n-grams (“snippets”) in a network flow's sequence-of-message-lengths that are strongly indicative of a given class of traffic and predicts a network flow's class by assessing the presence of snippets relevant to different classes.
    Type: Grant
    Filed: October 7, 2021
    Date of Patent: October 4, 2022
    Assignee: CORELIGHT, INC.
    Inventor: Julien Piet
  • SYSTEM AND METHOD FOR IDENTIFYING AUTHENTICATION METHOD OF SECURE SHELL (SSH) SESSIONS
    Publication number: 20220311801
    Abstract: A system and method for inferring a secure shell (SSH) authentication method from SSH session data traffic overcomes the problems with host logs. In one embodiment, the SSH authentication method may be inferred using a sensor appliance. In one embodiment, the SSH data traffic is encoded in a vector, one or more communication patterns are identified in the vector and the SSH authentication method is inferred from the one or more communication patterns.
    Type: Application
    Filed: March 24, 2021
    Publication date: September 29, 2022
    Applicant: Corelight, Inc.
    Inventor: Anthony Kasza
  • SYSTEM AND METHOD FOR DETERMING KEYSTROKES IN SECURE SHELL (SSH) SESSIONS
    Publication number: 20220311802
    Abstract: A system and method for determining human keystrokes in a secure shell (SSH) session from SSH session data traffic provides insight and evidence of an intrusion into a computer network. In one embodiment, the presence of human keystroke(s) in an SSH session may be inferred using a sensor appliance. In one embodiment, the SSH data traffic is encoded in a vector, one or more communication patterns are identified in the vector and the presence of human keystrokes may be inferred from the one or more communication patterns.
    Type: Application
    Filed: March 24, 2021
    Publication date: September 29, 2022
    Applicant: Corelight, Inc.
    Inventor: Anthony Kasza
  • System and method for network traffic classification using snippets and on the fly built classifiers
    Patent number: 11165675
    Abstract: A system and method for traffic classification using snippets and on-the-fly traffic classifiers can build traffic classifiers that leverage interpretable feature sets without the need to inspect payloads—ensuring functionality across clear-text and encrypted flows. In one embodiment, the system identifies n-grams (“snippets”) in a network flow's sequence-of-message-lengths that are strongly indicative of a given class of traffic and predicts a network flow's class by assessing the presence of snippets relevant to different classes.
    Type: Grant
    Filed: April 19, 2021
    Date of Patent: November 2, 2021
    Assignee: Corelight, Inc.
    Inventor: Julien Piet