Security threat monitoring for network-accessible devices

Various aspects related to threat management are disclosed. An example method includes monitoring network traffic on a computer network that includes a plurality of endpoints, identifying a software application executing on at least one endpoint from one or more of the sent data or the received data...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Ackerman, Karl
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Ackerman, Karl
description Various aspects related to threat management are disclosed. An example method includes monitoring network traffic on a computer network that includes a plurality of endpoints, identifying a software application executing on at least one endpoint from one or more of the sent data or the received data, where execution of the software application is associated with a startup time window and a post-startup time window, determining a security status score for the at least one endpoint based on a comparison of the sent data and the received data with a known pattern of network activity associated with the software application, wherein the known pattern of network activity is based upon the startup time window of the software application, determining a threat status for the at least one endpoint based on the security status score, and, generating an indication of the threat status for the at least one endpoint.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US12010133B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US12010133B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US12010133B23</originalsourceid><addsrcrecordid>eNrjZLAMTk0uLcosqVQoyShKTSxRyM3PyyzJL8rMS1dIyy9SyEstKc8vytZNTE5OLS7OTMpJVUhJLcsEcngYWNMSc4pTeaE0N4Oim2uIs4duakF-fGpxQWJyKlBzfGiwoZGBoYGhsbGTkTExagCTni9f</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Security threat monitoring for network-accessible devices</title><source>esp@cenet</source><creator>Ackerman, Karl</creator><creatorcontrib>Ackerman, Karl</creatorcontrib><description>Various aspects related to threat management are disclosed. An example method includes monitoring network traffic on a computer network that includes a plurality of endpoints, identifying a software application executing on at least one endpoint from one or more of the sent data or the received data, where execution of the software application is associated with a startup time window and a post-startup time window, determining a security status score for the at least one endpoint based on a comparison of the sent data and the received data with a known pattern of network activity associated with the software application, wherein the known pattern of network activity is based upon the startup time window of the software application, determining a threat status for the at least one endpoint based on the security status score, and, generating an indication of the threat status for the at least one endpoint.</description><language>eng</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240611&amp;DB=EPODOC&amp;CC=US&amp;NR=12010133B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20240611&amp;DB=EPODOC&amp;CC=US&amp;NR=12010133B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Ackerman, Karl</creatorcontrib><title>Security threat monitoring for network-accessible devices</title><description>Various aspects related to threat management are disclosed. An example method includes monitoring network traffic on a computer network that includes a plurality of endpoints, identifying a software application executing on at least one endpoint from one or more of the sent data or the received data, where execution of the software application is associated with a startup time window and a post-startup time window, determining a security status score for the at least one endpoint based on a comparison of the sent data and the received data with a known pattern of network activity associated with the software application, wherein the known pattern of network activity is based upon the startup time window of the software application, determining a threat status for the at least one endpoint based on the security status score, and, generating an indication of the threat status for the at least one endpoint.</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZLAMTk0uLcosqVQoyShKTSxRyM3PyyzJL8rMS1dIyy9SyEstKc8vytZNTE5OLS7OTMpJVUhJLcsEcngYWNMSc4pTeaE0N4Oim2uIs4duakF-fGpxQWJyKlBzfGiwoZGBoYGhsbGTkTExagCTni9f</recordid><startdate>20240611</startdate><enddate>20240611</enddate><creator>Ackerman, Karl</creator><scope>EVB</scope></search><sort><creationdate>20240611</creationdate><title>Security threat monitoring for network-accessible devices</title><author>Ackerman, Karl</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US12010133B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Ackerman, Karl</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Ackerman, Karl</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Security threat monitoring for network-accessible devices</title><date>2024-06-11</date><risdate>2024</risdate><abstract>Various aspects related to threat management are disclosed. An example method includes monitoring network traffic on a computer network that includes a plurality of endpoints, identifying a software application executing on at least one endpoint from one or more of the sent data or the received data, where execution of the software application is associated with a startup time window and a post-startup time window, determining a security status score for the at least one endpoint based on a comparison of the sent data and the received data with a known pattern of network activity associated with the software application, wherein the known pattern of network activity is based upon the startup time window of the software application, determining a threat status for the at least one endpoint based on the security status score, and, generating an indication of the threat status for the at least one endpoint.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US12010133B2
source esp@cenet
subjects ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title Security threat monitoring for network-accessible devices
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-25T13%3A53%3A22IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Ackerman,%20Karl&rft.date=2024-06-11&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS12010133B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true