专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08856928B1 Protecting electronic assets using false profiles in social networks 有权
标题翻译：在社交网络中使用虚假资料保护电子资产
公开(公告)号：US08856928B1
公开(公告)日：2014-10-07
申请号：US13535417
申请日：2012-06-28
申请人： Uri Rivner , Idan Aharoni
发明人： Uri Rivner , Idan Aharoni
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16
CPC分类号： H04L67/306 , G06F21/566 , G06Q50/01 , H04L63/1491
摘要： An improved technique utilizes a honeypot-style seeding of synthetic user identifiers which, if used by spear-phishing intruders, enable easy discovery of the intruders. Along these lines, an administrator of a network constructs false employee profiles on a social network with the intent of intercepting any email to that employee. Such employee profiles correspond to no actual employee of the corporation, but are in fact synthetic entities designed to appear to be an actual employee. These profiles contain identifiers that describe the employee, such as a name, position within the corporation, telephone number, educational background, past positions, and social connections. The administrator configures a receiver at the corporate network to block from entering the secure network emails that include references to any of these identifiers.
摘要翻译：一种改进的技术利用合成用户标识符的蜜罐式种子，如果使用spear-phishing入侵者，可以轻松发现入侵者。按照这些方式，网络的管理员在社交网络上构建虚假的雇员简档，目的是拦截对该雇员的任何电子邮件。这样的员工资料对应于公司的实际雇员，但实际上是综合实体，其设计似乎是一名实际雇员。这些配置文件包含描述员工的标识符，例如公司内的姓名，职位，电话号码，教育背景，过往职位和社交关系。管理员在公司网络中配置接收器以阻止输入包括对这些标识符中的任何一个的引用的安全网络电子邮件。

2. 发明授权

US08683592B1 Associating network and storage activities for forensic analysis 有权
标题翻译：关联网络和存储活动进行法医分析
公开(公告)号：US08683592B1
公开(公告)日：2014-03-25
申请号：US13341174
申请日：2011-12-30
申请人： Yedidya Dotan , Assaf Natanzon , Uri Rivner
发明人： Yedidya Dotan , Assaf Natanzon , Uri Rivner
IPC分类号： G06F21/55 , H04L29/06
CPC分类号： G06F21/552 , G06F2221/2151 , H04L63/1408 , H04L63/1425
摘要： An improved technique for performing forensic investigations in an electronic system includes capturing and associating multiple streams of information. The streams include a network stream and a storage stream. The network stream includes a record of network activities. The storage stream includes a record of storage activities. In some examples, the storage stream includes both disk activities and memory activities, including both reads and writes. Records of the captured streams are stored in a data storage array and are associated by applying a common timing reference to the records. A comprehensive history is thus obtained, with both network and storage activities coordinated in time, to enable examination and tracing of suspect or malicious occurrences across network and storage domains. The improved technique can be used in both physical and virtual computing environments and affords particular advantages in virtual and cloud environments where forensic analysis has proven to be difficult.
摘要翻译：用于在电子系统中执行取证调查的改进技术包括捕获和关联多个信息流。流包括网络流和存储流。网络流包括网络活动的记录。存储流包括存储活动的记录。在一些示例中，存储流包括磁盘活动和内存活动，包括读取和写入。捕获的流的记录被存储在数据存储阵列中，并且通过对记录应用公共定时参考来相关联。因此，能够及时协调网络和存储活动，从而实现对网络和存储域的可疑或恶意事件的检查和跟踪。改进的技术可以在物理和虚拟计算环境中使用，并在虚拟和云环境中提供特别的优势，其中法证分析已被证明是困难的。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式