Detecting local user security-related anomalies using active scans

Embodiments are directed to monitoring local users' activity without installing an agent on a monitored machine. Periodic scans of the local users' directory using the standard protocol messages and APIs of a remote admin interface provide access to local machine data. Using the remote adm...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Simakov, Marina, Be'ery, Tal, Maor, Tal Joseph, Ashkenazy, Itai Grady, Hoch, Chaim Menachem
Format:	Patent
Sprache:	eng
Schlagworte:	CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue
container_start_page
container_title
container_volume
creator	Simakov, Marina Be'ery, Tal Maor, Tal Joseph Ashkenazy, Itai Grady Hoch, Chaim Menachem
description	Embodiments are directed to monitoring local users' activity without installing an agent on a monitored machine. Periodic scans of the local users' directory using the standard protocol messages and APIs of a remote admin interface provide access to local machine data. Using the remote admin interface, defenders gain visibility to local users' logons, group membership, password changes, and other parameters. Security applications enabled by this visibility include, but are not limited to, abnormal logons detection, abnormal group addition and removal detection, and abnormal password changes detection.
format	Patent
fullrecord	<record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10915622B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10915622B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10915622B23</originalsourceid><addsrcrecordid>eNrjZHBySS1JTS7JzEtXyMlPTsxRKC1OLVIoTk0uLcosqdQtSs1JLElNUUjMy89NzMlMLQbKg9QmArWUpSoUJyfmFfMwsKYl5hSn8kJpbgZFN9cQZw_d1IL8-NTigsTk1LzUkvjQYEMDS0NTMyMjJyNjYtQAAG5mMos</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Detecting local user security-related anomalies using active scans</title><source>esp@cenet</source><creator>Simakov, Marina ; Be'ery, Tal ; Maor, Tal Joseph ; Ashkenazy, Itai Grady ; Hoch, Chaim Menachem</creator><creatorcontrib>Simakov, Marina ; Be'ery, Tal ; Maor, Tal Joseph ; Ashkenazy, Itai Grady ; Hoch, Chaim Menachem</creatorcontrib><description>Embodiments are directed to monitoring local users' activity without installing an agent on a monitored machine. Periodic scans of the local users' directory using the standard protocol messages and APIs of a remote admin interface provide access to local machine data. Using the remote admin interface, defenders gain visibility to local users' logons, group membership, password changes, and other parameters. Security applications enabled by this visibility include, but are not limited to, abnormal logons detection, abnormal group addition and removal detection, and abnormal password changes detection.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2021</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20210209&DB=EPODOC&CC=US&NR=10915622B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,778,883,25547,76298</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20210209&DB=EPODOC&CC=US&NR=10915622B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Simakov, Marina</creatorcontrib><creatorcontrib>Be'ery, Tal</creatorcontrib><creatorcontrib>Maor, Tal Joseph</creatorcontrib><creatorcontrib>Ashkenazy, Itai Grady</creatorcontrib><creatorcontrib>Hoch, Chaim Menachem</creatorcontrib><title>Detecting local user security-related anomalies using active scans</title><description>Embodiments are directed to monitoring local users' activity without installing an agent on a monitored machine. Periodic scans of the local users' directory using the standard protocol messages and APIs of a remote admin interface provide access to local machine data. Using the remote admin interface, defenders gain visibility to local users' logons, group membership, password changes, and other parameters. Security applications enabled by this visibility include, but are not limited to, abnormal logons detection, abnormal group addition and removal detection, and abnormal password changes detection.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2021</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZHBySS1JTS7JzEtXyMlPTsxRKC1OLVIoTk0uLcosqdQtSs1JLElNUUjMy89NzMlMLQbKg9QmArWUpSoUJyfmFfMwsKYl5hSn8kJpbgZFN9cQZw_d1IL8-NTigsTk1LzUkvjQYEMDS0NTMyMjJyNjYtQAAG5mMos</recordid><startdate>20210209</startdate><enddate>20210209</enddate><creator>Simakov, Marina</creator><creator>Be'ery, Tal</creator><creator>Maor, Tal Joseph</creator><creator>Ashkenazy, Itai Grady</creator><creator>Hoch, Chaim Menachem</creator><scope>EVB</scope></search><sort><creationdate>20210209</creationdate><title>Detecting local user security-related anomalies using active scans</title><author>Simakov, Marina ; Be'ery, Tal ; Maor, Tal Joseph ; Ashkenazy, Itai Grady ; Hoch, Chaim Menachem</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10915622B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2021</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Simakov, Marina</creatorcontrib><creatorcontrib>Be'ery, Tal</creatorcontrib><creatorcontrib>Maor, Tal Joseph</creatorcontrib><creatorcontrib>Ashkenazy, Itai Grady</creatorcontrib><creatorcontrib>Hoch, Chaim Menachem</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Simakov, Marina</au><au>Be'ery, Tal</au><au>Maor, Tal Joseph</au><au>Ashkenazy, Itai Grady</au><au>Hoch, Chaim Menachem</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Detecting local user security-related anomalies using active scans</title><date>2021-02-09</date><risdate>2021</risdate><abstract>Embodiments are directed to monitoring local users' activity without installing an agent on a monitored machine. Periodic scans of the local users' directory using the standard protocol messages and APIs of a remote admin interface provide access to local machine data. Using the remote admin interface, defenders gain visibility to local users' logons, group membership, password changes, and other parameters. Security applications enabled by this visibility include, but are not limited to, abnormal logons detection, abnormal group addition and removal detection, and abnormal password changes detection.</abstract><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier
ispartof
issn
language	eng
recordid	cdi_epo_espacenet_US10915622B2
source	esp@cenet
subjects	CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title	Detecting local user security-related anomalies using active scans
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-16T12%3A33%3A07IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Simakov,%20Marina&rft.date=2021-02-09&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10915622B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true