Search International and National Patent Collections

1. (WO2017196430) SYSTEMS AND METHODS FOR IDENTIFYING SIMILAR HOSTS

Pub. No.:    WO/2017/196430    International Application No.:    PCT/US2017/019170
Publication Date: Fri Nov 17 00:59:59 CET 2017 International Filing Date: Fri Feb 24 00:59:59 CET 2017
IPC: G06F 21/55
G06F 21/56
G06F 21/57
H04L 29/06
Applicants: ACALVIO TECHNOLOGIES, INC.
Inventors: SINGH, Satnam
KOSGI, Santosh
GOPALAKRISHNA, Rajendra
Title: SYSTEMS AND METHODS FOR IDENTIFYING SIMILAR HOSTS
Abstract:
Systems and methods for identifying potentially compromised devices using attributes of a known compromised device may be provided. In one embodiment, an attribute set can be constructed for the compromised hosts using data from these logs. Weights can be assigned to each attribute in the attribute set initially, and further weights can be learned using audits by a user. This attribute set can be used in the disclosed systems and methods for identifying hosts that are similar to compromised hosts. The similar items can be used as hosts for deception mechanisms, can be taken off the network as being likely compromised or likely to become compromised, or quarantined.