Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2018132425) ENDPOINT DETECTION AND RESPONSE UTILIZING MACHINE LEARNING
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2018/132425 International Application No.: PCT/US2018/013093
Publication Date: 19.07.2018 International Filing Date: 10.01.2018
IPC:
G06F 21/56 (2013.01) ,H04L 29/06 (2006.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55
Detecting local intrusion or implementing counter-measures
56
Computer malware detection or handling, e.g. anti-virus arrangements
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29
Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02
Communication control; Communication processing
06
characterised by a protocol
Applicants:
CYLANCE INC. [US/US]; 18201 Von Karman Avenue Irvine, CA 92612, US
Inventors:
KASHYAP, Rahul, Chander; US
KOTOV, Vadim, Dmitriyevich; US
OSWALD, Samuel, John; US
STRONG, Homer, Valentine; US
Agent:
KUKKONEN, Carl; US
JOHNSON, Matthew, W.; US
SILBERMAN, Gregory; US
PEARSON, Douglas, H.; US
CHOI, Jaime; US
Priority Data:
15/862,06704.01.2018US
62/445,17211.01.2017US
Title (EN) ENDPOINT DETECTION AND RESPONSE UTILIZING MACHINE LEARNING
(FR) DÉTECTION ET RÉPONSE DE POINT D'EXTRÉMITÉ UTILISANT UN APPRENTISSAGE AUTOMATIQUE
Abstract:
(EN) A plurality of events associated with each of a plurality of computing nodes that form part of a network topology are monitored. The network topology includes antivirus tools to detect malicious software prior to it accessing one of the computing nodes. Thereafter, it is determined that, using at least one machine learning model, at least one of the events is indicative of malicious activity that has circumvented or bypassed the antivirus tools. Data is then provided that characterizes the determination. Related apparatus, systems, techniques and articles are also described.
(FR) L'invention se rapporte à la surveillance d'une pluralité d'événements associés à chacun d'une pluralité de nœuds informatiques qui font partie d'une topologie de réseau. La topologie de réseau comprend des outils antivirus destinés à détecter un logiciel malveillant avant qu'il accède à l'un des nœuds informatiques. Il est ensuite déterminé, à l'aide d'au moins un modèle d'apprentissage automatique, qu'au moins l'un des événements indique une activité malveillante qui a contourné ou est passée à travers les outils antivirus. Des données sont alors fournies qui caractérisent la détermination. L'invention concerne également un appareil, des systèmes, des techniques et des articles associés.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)