专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09516041B2 Cyber security analytics architecture 有权
标题翻译：网络安全分析架构
公开(公告)号：US09516041B2
公开(公告)日：2016-12-06
申请号：US13951128
申请日：2013-07-25
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Craig Froelich , Terry McConnell , John P. McGloughlin, Jr.
IPC分类号： H04L29/06
CPC分类号： H04L63/1408
摘要： Systems and methods are disclosed for responding to security events in real time. The disclosed systems and methods utilize the vast amount of risk and asset knowledge collected in a security data warehouse and aggregated in a security information manager, without the expense and latency associated with performing such calculations in real time. The disclosed systems and methods, thereby, significantly extend the time intervals feasible for temporal analysis.
摘要翻译：公开了实时响应安全事件的系统和方法。所公开的系统和方法利用在安全数据仓库中收集的大量风险和资产知识，并将其聚合在安全信息管理器中，而无需实时执行这种计算所需的费用和延迟。因此，公开的系统和方法显着地延长了对时间分析可行的时间间隔。

2. 发明申请

US20150033337A1 CYBER SECURITY ANALYTICS ARCHITECTURE 有权
标题翻译： CYBER安全分析架构
公开(公告)号：US20150033337A1
公开(公告)日：2015-01-29
申请号：US13951128
申请日：2013-07-25
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Craig Froelich , Terry McConnell , John P. McGloughlin, JR.
IPC分类号： H04L29/06
CPC分类号： H04L63/1408
摘要： Systems and methods are disclosed for responding to security events in real time. The disclosed systems and methods utilize the vast amount of risk and asset knowledge collected in a security data warehouse and aggregated in a security information manager, without the expense and latency associated with performing such calculations in real time. The disclosed systems and methods, thereby, significantly extend the time intervals feasible for temporal analysis.
摘要翻译：公开了实时响应安全事件的系统和方法。所公开的系统和方法利用在安全数据仓库中收集的大量风险和资产知识，并将其聚合在安全信息管理器中，而无需实时执行这种计算所需的费用和延迟。因此，公开的系统和方法显着地延长了对时间分析可行的时间间隔。

3. 发明申请

US20150067848A1 DETECTING AUTOMATED SITE SCANS 有权
标题翻译：检测自动站点扫描
公开(公告)号：US20150067848A1
公开(公告)日：2015-03-05
申请号：US14012671
申请日：2013-08-28
申请人： Bank of America Corporation
发明人： Igor A. Baikalov
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , H04L63/1491
摘要： Automated site scans are often seen as precursors to a cyber attack, from URI enumeration and version mapping to timing scans used to identify the most valuable DDoS targets. Disclosed are methods and apparatuses for detecting automated site scans and identifying the source of cyber attacks. Honeypot links are provided on a web page via a server. If multiple honeypot links are selected by a visitor of the web page, the server may identify the visitor as an automated system and generate a session ID. The server induces an artificial delay prior to displaying the data associated with the selected honeypot link. After a subsequent attack, the server is able to identify the attacker by association with the stored session ID of an automated site scan.
摘要翻译：自动站点扫描通常被视为网络攻击的前兆，从URI枚举和版本映射到用于识别最有价值的DDoS目标的定时扫描。公开了用于检测自动站点扫描和识别网络攻击源的方法和装置。蜜罐链接通过服务器在网页上提供。如果网页的访问者选择了多个蜜罐链接，则服务器可以将访问者标识为自动系统并生成会话ID。在显示与所选蜜罐链路相关联的数据之前，服务器引起人为延迟。在后续攻击之后，服务器能够通过与存储的自动站点扫描的会话ID相关联来识别攻击者。

4. 发明申请

US20160080224A1 MATRIX ACCESS REVIEW 有权
标题翻译： MATRIX访问审查
公开(公告)号：US20160080224A1
公开(公告)日：2016-03-17
申请号：US14486066
申请日：2014-09-15
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Armen Moloian , David Pritchard
IPC分类号： H04L12/26 , H04W4/08
CPC分类号： H04W4/08
摘要： A computing platform may receive, from a plurality of computing systems, data identifying permissions of a plurality of users to access one or more resources of the plurality of computing systems. The computing platform may identify, from amongst the plurality of users, a plurality of groups of users. The computing platform may identify, from amongst the permissions, a plurality of sets of permissions. Each set of permissions may include permissions shared by each user of a group of users of the plurality of groups of users. The computing platform may generate a graphical depiction of the plurality of groups of users and the plurality of sets of permissions. The graphical depiction may graphically depict, for each group of the plurality of groups, one or more sets of permissions, of the plurality of sets of permissions, shared by each user of the group.
摘要翻译：计算平台可以从多个计算系统接收识别多个用户访问多个计算系统中的一个或多个资源的许可的数据。计算平台可以从多个用户中识别多个用户组。计算平台可以从权限中识别多个权限集合。每组权限可以包括多个用户组中的一组用户的每个用户共享的许可。计算平台可以生成多个用户组和多组权限的图形描绘。图形描绘可以图形地描绘对于该组的每个用户共享的多组权限集中的每组多组中的一组或多组。

5. 发明申请

US20130091569A1 LOGIN INITIATED SCANNING OF COMPUTING DEVICES 有权
标题翻译：登录启动扫描设备
公开(公告)号：US20130091569A1
公开(公告)日：2013-04-11
申请号：US13691462
申请日：2012-11-30
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Craig Froelich , Craig Kirby , Cris T. Paltenghe , Ravi Pritmani
IPC分类号： H04L29/06
CPC分类号： H04L63/1408 , G06F21/56 , G06F21/57 , G06F21/577 , H04L63/0218 , H04L63/1433
摘要： Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning. In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.
摘要翻译：本发明的实施例涉及用于登录启动的计算机设备的远程扫描的系统，方法和计算机程序产品。本发明通过接入管理系统检测登录到网络。登录数据提供标识设备的信息，以便可以针对扫描数据库检查设备，以确定是否以及何时发生先前的扫描。根据扫描数据库中的发现，确定是否执行扫描。此外，可以根据以前的扫描日期和以前的扫描结果来确定扫描级别，这可能决定了定制扫描。此外，即将到来的扫描的优先级可能由先前的扫描日期和结果决定。进一步的实施例提供了在完成扫描的同时或近实时地评估风险，例如风险评分等，从而可以传达警报。

6. 发明授权

US09584525B2 Entitlement predictions 有权
标题翻译：权利预测
公开(公告)号：US09584525B2
公开(公告)日：2017-02-28
申请号：US14840440
申请日：2015-08-31
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Randy Jia
IPC分类号： G06F21/00 , G06F21/31 , G06F21/44 , G06F21/62 , H04L29/06 , G06F21/57 , G06F21/60
CPC分类号： H04L63/102 , G06F21/31 , G06F21/577 , G06F21/604
摘要： Systems, methods, and devices for predicting entitlements to computing resources are described. An entitlement associated with a user of a computer system may be identified. The entitlement may indicate a computing resource of the computer system that is accessible to the user. A set of attributes associated with the user may be selected, and an entitlement probability value may be obtained. The entitlement probability value may be based on the set of attributes and indicate a probability that the user is authorized to have the entitlement. The entitlement probability value may be used to determine whether to include the entitlement in an access review. Depending on the entitlement probability value the entitlement may be included in the access review or excluded from the access review.
摘要翻译：描述了用于预测计算资源的权利的系统，方法和设备。可以识别与计算机系统的用户相关联的授权。权利可以指示用户可访问的计算机系统的计算资源。可以选择与用户相关联的一组属性，并且可以获得授权概率值。授权概率值可以基于该属性集合并且指示用户被授权具有授权的概率。授权概率值可用于确定是否将权利包括在访问审核中。取决于权利概率值，权利可能被包含在访问审查中或被排除在访问审查之外。

7. 发明授权

US08695099B2 Login initiated scanning of computing devices 有权
标题翻译：登录启动扫描计算设备
公开(公告)号：US08695099B2
公开(公告)日：2014-04-08
申请号：US13691462
申请日：2012-11-30
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Craig Froelich , Craig Kirby , Cris T. Paltenghe , Ravi Pritmani
IPC分类号： H04L29/06 , G06F11/30 , G06F15/177
CPC分类号： H04L63/1408 , G06F21/56 , G06F21/57 , G06F21/577 , H04L63/0218 , H04L63/1433
摘要： Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning. In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.
摘要翻译：本发明的实施例涉及用于登录启动的计算机设备的远程扫描的系统，方法和计算机程序产品。本发明通过接入管理系统检测登录到网络。登录数据提供标识设备的信息，以便可以针对扫描数据库检查设备，以确定是否以及何时发生先前的扫描。根据扫描数据库中的发现，确定是否执行扫描。此外，可以根据以前的扫描日期和以前的扫描结果来确定扫描级别，这可能决定了定制扫描。此外，即将到来的扫描的优先级可能由先前的扫描日期和结果决定。进一步的实施例提供了在完成扫描的同时或近实时地评估风险，例如风险评分等，从而可以传达警报。

8. 发明授权

US09973904B2 Matrix access review 有权
公开(公告)号：US09973904B2
公开(公告)日：2018-05-15
申请号：US14486066
申请日：2014-09-15
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Armen Moloian , David Pritchard
IPC分类号： G06F3/14 , H04W4/08
CPC分类号： H04W4/08
摘要： A computing platform may receive, from a plurality of computing systems, data identifying permissions of a plurality of users to access one or more resources of the plurality of computing systems. The computing platform may identify, from amongst the plurality of users, a plurality of groups of users. The computing platform may identify, from amongst the permissions, a plurality of sets of permissions. Each set of permissions may include permissions shared by each user of a group of users of the plurality of groups of users. The computing platform may generate a graphical depiction of the plurality of groups of users and the plurality of sets of permissions. The graphical depiction may graphically depict, for each group of the plurality of groups, one or more sets of permissions, of the plurality of sets of permissions, shared by each user of the group.

9. 发明申请

US20150373028A1 Entitlement Predictions 有权
标题翻译：权利预测
公开(公告)号：US20150373028A1
公开(公告)日：2015-12-24
申请号：US14840440
申请日：2015-08-31
申请人： Bank of America Corporation
发明人： Igor A. Baikalov , Randy Jia
IPC分类号： H04L29/06 , G06F21/31
CPC分类号： H04L63/102 , G06F21/31 , G06F21/577 , G06F21/604
摘要： Systems, methods, and devices for predicting entitlements to computing resources are described. An entitlement associated with a user of a computer system may be identified. The entitlement may indicate a computing resource of the computer system that is accessible to the user. A set of attributes associated with the user may be selected, and an entitlement probability value may be obtained. The entitlement probability value may be based on the set of attributes and indicate a probability that the user is authorized to have the entitlement. The entitlement probability value may be used to determine whether to include the entitlement in an access review. Depending on the entitlement probability value the entitlement may be included in the access review or excluded from the access review.
摘要翻译：描述了用于预测计算资源的权利的系统，方法和设备。可以识别与计算机系统的用户相关联的授权。权利可以指示用户可访问的计算机系统的计算资源。可以选择与用户相关联的一组属性，并且可以获得授权概率值。授权概率值可以基于该属性集合并且指示用户被授权具有授权的概率。授权概率值可用于确定是否将权利包括在访问审核中。取决于权利概率值，权利可能被包含在访问审查中或被排除在访问审查之外。

10. 发明授权

US09178899B2 Detecting automated site scans 有权
标题翻译：检测自动化站点扫描
公开(公告)号：US09178899B2
公开(公告)日：2015-11-03
申请号：US14012671
申请日：2013-08-28
申请人： Bank of America Corporation
发明人： Igor A. Baikalov
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B13/00 , H04L29/06
CPC分类号： H04L63/1416 , H04L63/1491
摘要： Automated site scans are often seen as precursors to a cyber attack, from URI enumeration and version mapping to timing scans used to identify the most valuable DDoS targets. Disclosed are methods and apparatuses for detecting automated site scans and identifying the source of cyber attacks. Honeypot links are provided on a web page via a server. If multiple honeypot links are selected by a visitor of the web page, the server may identify the visitor as an automated system and generate a session ID. The server induces an artificial delay prior to displaying the data associated with the selected honeypot link. After a subsequent attack, the server is able to identify the attacker by association with the stored session ID of an automated site scan.
摘要翻译：自动站点扫描通常被视为网络攻击的前兆，从URI枚举和版本映射到用于识别最有价值的DDoS目标的定时扫描。公开了用于检测自动站点扫描和识别网络攻击源的方法和装置。蜜罐链接通过服务器在网页上提供。如果网页的访问者选择了多个蜜罐链接，则服务器可以将访问者标识为自动系统并生成会话ID。在显示与所选蜜罐链路相关联的数据之前，服务器引起人为延迟。在后续攻击之后，服务器能够通过与存储的自动站点扫描的会话ID相关联来识别攻击者。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式