专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

EP3128449B1 PROCESSING MALICIOUS COMMUNICATIONS 有权转让
公开(公告)号：EP3128449B1
公开(公告)日：2018-12-12
申请号：EP16183052.6
申请日：2016-08-05
申请人： Palantir Technologies Inc.
发明人： SPIRO, Ezra , STAEHLE, Joseph , LEVINE, Andrew , RICAFORT, Juan , MORALES, Alvaro
IPC分类号： G06F17/30 , G06F21/56 , H04L29/06
CPC分类号： H04L63/1425 , G06F3/0482 , G06F17/3053 , G06F17/30864 , G06F21/552 , H04L51/12 , H04L63/1416 , H04L63/1433 , H04L63/1483
摘要： A data analysis system receives potentially spam, phishing or malicious electronic communications and automatically groups them in computationally-efficient data clusters, automatically analyze those data clusters, automatically tags and groups those data clusters, and provides results of the automated analysis and grouping in an optimized way. The automated analysis of the data clusters may include an automated application of various criteria or rules so as to generate an ordered display of the groups of related data clusters such that quick and efficient evaluation the groups of data clusters may be performed. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable quick navigation among information associated with various groups of data clusters and efficiently evaluation of those data clusters.

2. 发明公开

EP3451201A1 PROCESSING MALICIOUS COMMUNICATIONS 有权
公开(公告)号：EP3451201A1
公开(公告)日：2019-03-06
申请号：EP18202651.8
申请日：2016-08-05
申请人： Palantir Technologies Inc.
发明人： SPIRO, Ezra , STAEHLE, Joseph , RICAFORT, Juan , MORALES, Alvaro
IPC分类号： G06F17/30 , G06F21/56 , H04L29/06
摘要： A data analysis system receives potentially spam, phishing or malicious electronic communications and automatically groups them in computationally-efficient data clusters, automatically analyze those data clusters, automatically tags and groups those data clusters, and provides results of the automated analysis and grouping in an optimized way. The automated analysis of the data clusters may include an automated application of various criteria or rules so as to generate an ordered display of the groups of related data clusters such that quick and efficient evaluation the groups of data clusters may be performed. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable quick navigation among information associated with various groups of data clusters and efficiently evaluation of those data clusters.

3. 发明公开

EP3349414A1 MALICIOUS TUNNELING HANDLING SYSTEM 有权
公开(公告)号：EP3349414A1
公开(公告)日：2018-07-18
申请号：EP18161005.6
申请日：2015-08-13
申请人： Palantir Technologies, Inc.
发明人： RICAFORT, Juan , SINGH, Harkirat , MARTIN, Philip
IPC分类号： H04L29/06 , H04L29/12 , G06F21/55
CPC分类号： H04L63/1416 , G06F21/556 , H04L61/2007 , H04L63/0272 , H04L63/1425 , H04L63/1441
摘要： Various systems and methods are provided that detect malicious network tunneling. VPN logs and data connection logs are accessed. The VPN logs list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs are parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address is retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated the one or more identified malicious tunneling connections are terminated.

4. 发明授权

EP2985974B1 MALICIOUS TUNNELING HANDLING SYSTEM 有权
标题翻译： MALICIOUS TUNNELING处理系统
公开(公告)号：EP2985974B1
公开(公告)日：2018-04-18
申请号：EP15180985.2
申请日：2015-08-13
申请人： Palantir Technologies, Inc.
发明人： RICAFORT, Juan , SINGH, Harkirat , MARTIN, Philip
IPC分类号： H04L29/06 , H04L29/12 , G06F21/55
CPC分类号： H04L63/1416 , G06F21/556 , H04L61/2007 , H04L63/0272 , H04L63/1425 , H04L63/1441
摘要： Various systems and methods are provided that detect malicious network tunneling. VPN logs and data connection logs are accessed. The VPN logs list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs are parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address is retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated the one or more identified malicious tunneling connections are terminated.

5. 发明公开

EP3128449A1 PROCESSING MALICIOUS COMMUNICATIONS 有权转让
标题翻译： VERARBEITUNGSCHÄDLICHERMITTEILUNGEN
公开(公告)号：EP3128449A1
公开(公告)日：2017-02-08
申请号：EP16183052.6
申请日：2016-08-05
申请人： Palantir Technologies, Inc.
发明人： SPIRO, Ezra , STAEHLE, Joseph , LEVINE, Andrew , RICAFORT, Juan , MORALES, Alvaro
IPC分类号： G06F17/30 , G06F21/56 , H04L29/06
CPC分类号： H04L63/1425 , G06F3/0482 , G06F17/3053 , G06F17/30864 , G06F21/552 , H04L51/12 , H04L63/1416 , H04L63/1433 , H04L63/1483
摘要： A data analysis system receives potentially spam, phishing or malicious electronic communications and automatically groups them in computationally-efficient data clusters, automatically analyze those data clusters, automatically tags and groups those data clusters, and provides results of the automated analysis and grouping in an optimized way. The automated analysis of the data clusters may include an automated application of various criteria or rules so as to generate an ordered display of the groups of related data clusters such that quick and efficient evaluation the groups of data clusters may be performed. In particular, the groups of data clusters may be dynamically re-grouped and/or filtered in an interactive user interface so as to enable quick navigation among information associated with various groups of data clusters and efficiently evaluation of those data clusters.
摘要翻译：数据分析系统接收潜在的垃圾邮件，网络钓鱼或恶意电子通信，并自动将其分组到计算高效的数据集群中，自动分析这些数据集群，自动标记和分组这些数据集群，并提供自动化分析和分组的结果。办法。数据集群的自动分析可以包括各种标准或规则的自动化应用，以便生成相关数据集群组的有序显示，使得可以执行数据集群的快速有效的评估。特别地，可以在交互式用户界面中动态地重新分组和/或过滤数据集群，以便能够在与各种数据集群相关联的信息之间快速导航，并有效地评估这些数据集群。

6. 发明公开

EP2985974A1 MALICIOUS TUNNELING HANDLING SYSTEM 有权
标题翻译：系统ZUR HANDHABUNGBÖSARTIGERTUNNELEFFEKTE
公开(公告)号：EP2985974A1
公开(公告)日：2016-02-17
申请号：EP15180985.2
申请日：2015-08-13
申请人： Palantir Technologies, Inc.
发明人： RICAFORT, Juan , SINGH, Harkirat , MARTIN, Philip
IPC分类号： H04L29/06 , G06F21/55
CPC分类号： H04L63/1416 , G06F21/556 , H04L61/2007 , H04L63/0272 , H04L63/1425 , H04L63/1441
摘要： Various systems and methods are provided that detect malicious network tunneling. VPN logs and data connection logs are accessed. The VPN logs list client IP addresses that have established a VPN connection with an enterprise network. The data connection logs list client IP addresses that have requested connections external to the enterprise network and remote IP addresses to which connections are requested. The VPN logs and the data connection logs are parsed to identify IP addresses that are present in the VPN logs as a client IP address and in the data connection logs as a remote IP address. If an IP address is so present, user data and traffic data associated with the IP address is retrieved to generate a risk score. If the risk score exceeds a threshold, an alert to be displayed in a GUI is generated the one or more identified malicious tunneling connections are terminated.
摘要翻译：提供了检测恶意网络隧道的各种系统和方法。 VPN日志和数据连接日志被访问。 VPN日志列出已经与企业网络建立VPN连接的客户端IP地址。数据连接日志列出了请求企业网络外部连接的客户端IP地址和请求连接的远程IP地址。解析VPN日志和数据连接日志，以将VPN日志中存在的IP地址标识为客户端IP地址，将数据连接日志标识为远程IP地址。如果IP地址如此存在，则检索与IP地址相关联的用户数据和流量数据以产生风险分数。如果风险分数超过阈值，则生成将在GUI中显示的警报，终止一个或多个所识别的恶意隧道连接。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式