Abstract: A method for detecting and/or identifying a cyber-attack on a network can include segmenting the network using a segmentation method with machine learning to generate one or more network segments; assigning a score to a data point within each network segment based on a presence or absence of an identified anomalous behavior of the data point; analyzing network data flow, via behavioral modeling, to provide a context for characterizing the anomalous behavior; combining, via a reinforcement learning agent, outputs of the segmentation method with behavioral modelling and assigned score to detect and/or identify a cyber-attack; providing one or more alerts to an analyst; receiving an analyst assessment of an effectiveness of the detection and/or identification; and providing the analyst assessment as feedback to the reinforcement learning agent.
Type:
Grant
Filed:
March 10, 2020
Date of Patent:
February 23, 2021
Assignee:
BOOZ ALLEN HAMILTON INC.
Inventors:
Aaron Sant-Miller, Andre Tai Nguyen, William Hall Badart, Sarah Olson, Jesse Shanahan
Abstract: Secure and remote operation of a remote computer from a local computer over a network includes authenticating at least one remote computer for connection to at least one computer over the network and/or at least one local computer for connection to at least one remote computer over the network; establishing a secure connection therebetween; and integrating a desktop of at least one remote computer on a display of at least one local computer. Functions that are performed may include one or more of: integrating a file structure of accessible files accessed at the second or first computer, into a file structure contained at the first or second computer, respectively; at least one of integrating a desktop of the second computer on a display of the first computer and integrating a desktop of the first computer on a display of the second computer; and directly operating the second computer from the first computer or the first computer from the second computer.
Type:
Grant
Filed:
January 22, 2014
Date of Patent:
May 24, 2016
Assignee:
Western Digital Technologies, Inc.
Inventors:
Lambertus Hesselink, Dharmarus Rizal, Eric S. Bjornson
Abstract: A machine learning model is used to identify normal scripts in a client computer. The machine learning model may be built by training using samples of known normal scripts and samples of known potentially malicious scripts and may take into account lexical and semantic characteristics of the sample scripts. The machine learning model and a feature set may be provided to the client computer by a server computer. In the client computer, the machine learning model may be used to classify a target script. The target script does not have to be evaluated for malicious content when classified as a normal script. Otherwise, when the target script is classified as a potentially malicious script, the target script may have to be further evaluated by an anti-malware or sent to a back-end system.
Type:
Grant
Filed:
April 28, 2011
Date of Patent:
September 16, 2014
Assignee:
Trend Micro Incorporated
Inventors:
Xuewen Zhu, Lili Diao, Da Li, Dibin Tang
Abstract: Architecture that facilitates validation of a data mapping of data from a data source to a data target. There is included a signature generation component that generates a source signature of all or a portion of the data source and a target signature of all or a corresponding portion of the data target, and a sampling component that obtains a sample of the source data a corresponding sample of the target data. The data signatures and data samples are compared respectively and processed with a processing component to determine the status of the validation process.
Type:
Grant
Filed:
May 28, 2003
Date of Patent:
January 27, 2009
Assignee:
Microsoft Corporation
Inventors:
Neeraj Garg, Cale D. Carter, Kulothungan Rajasekaran, Deuane J. Martin, Pankaj K. Singh