WO2017083436 SYSTEM AND METHOD FOR DETECTING LATERAL MOVEMENT AND DATA EXFILTRATION

Settings

Stemming

Single Family Member

Include NPL

Feedback

Goto Application

Publication Number WO/2017/083436

Publication Date 18.05.2017

International Application No. PCT/US2016/061201

International Filing Date 09.11.2016

IPC

CPC

Applicants

CYPHORT, INC. [US]/[US]

Inventors

GONG, Fengmin
BURT, Alexander
JAS, Frank

Agents

GURZO, Paul M.
SHAMI, Khaled
SWIATEK, Maria S.
BACH, Joseph
HAYES, Jennifer
BIRKENEDER, Erik

Priority Data

14/936,612

09.11.2015

Publication Language English (en)

Filing Language English (EN)

Designated States

View all

Title

(EN) SYSTEM AND METHOD FOR DETECTING LATERAL MOVEMENT AND DATA EXFILTRATION

(FR) SYSTÈME ET PROCÉDÉ POUR DÉTECTER UN MOUVEMENT LATÉRAL ET UNE EXFILTRATION DE DONNÉES

Abstract

(EN) A system configured to detect a threat activity on a network. The system including a digital device configured to detect a first order indicator of compromise on a network, detect a second order indicator of compromise on the network, generate a risk score based on correlating said first order indicator of compromise on the network with the second order indicator of compromise on said network, and generate at least one incident alert based on comparing the risk score to a threshold.

(FR) L'invention concerne un système configuré pour détecter une activité menaçante sur un réseau. Le système comprend un dispositif numérique configuré pour détecter un premier indicateur d'ordre de compromission sur un réseau; détecter un second indicateur d'ordre de compromission sur le réseau; générer un score de risque sur la base d'une corrélation entre ledit premier indicateur d'ordre de compromission sur le réseau et le second indicateur d'ordre de compromission sur ledit réseau; et générer au moins une alerte d'incident sur la base de la comparaison du score de risque à un seuil.

G	PHYSICS
06	COMPUTING; CALCULATING OR COUNTING
F	ELECTRIC DIGITAL DATA PROCESSING
11	Error detection; Error correction; Monitoring

G	PHYSICS
06	COMPUTING; CALCULATING OR COUNTING
F	ELECTRIC DIGITAL DATA PROCESSING
11	Error detection; Error correction; Monitoring

G	PHYSICS
06	COMPUTING; CALCULATING; COUNTING
F	ELECTRIC DIGITAL DATA PROCESSING
11	Error detection; Error correction; Monitoring

G	PHYSICS
06	COMPUTING; CALCULATING; COUNTING
F	ELECTRIC DIGITAL DATA PROCESSING
21	Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50	Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55	Detecting local intrusion or implementing counter-measures
56	Computer malware detection or handling, e.g. anti-virus arrangements
566	Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

H	ELECTRICITY
04	ELECTRIC COMMUNICATION TECHNIQUE
L	TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63	Network architectures or network communication protocols for network security
14	for detecting or protecting against malicious traffic
1408	by monitoring network traffic
1416	Event detection, e.g. attack signature detection

Processing

National Phase Entries

Authority File

Settings

Feedback

Goto Application

1. WO2017083436 - SYSTEM AND METHOD FOR DETECTING LATERAL MOVEMENT AND DATA EXFILTRATION