专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US11606368B2 Threat control method and system 有权
公开(公告)号：US11606368B2
公开(公告)日：2023-03-14
申请号：US16679980
申请日：2019-11-11
申请人： F-Secure Corporation
发明人： Matti Aksela , Mika Stahlberg
IPC分类号： H04L29/06 , G06N20/00 , H04L9/40
摘要： A method including: establishing an internal swarm intelligence network including security agent modules of a plurality of interconnected network nodes of a local computer network, collecting data related to the respective network nodes, sharing information based on the collected data in the established internal swarm intelligence network, and using the collected data and information received from the internal swarm intelligence network for generating and adapting models related to the respective network node nodes. In case a new threat is identified, the threat is verified and contained, a new threat model is generated and the generated new threat model is shared. The security alert and/or the generated new threat model is transmitted to a security service network for enabling the security service network to share the received security alert and/or the new threat model.

2. 发明授权

US11451584B2 Detecting a remote exploitation attack 有权
公开(公告)号：US11451584B2
公开(公告)日：2022-09-20
申请号：US16427470
申请日：2019-05-31
申请人： F-Secure Corporation
发明人： Mikko Suominen
IPC分类号： H04L9/40
摘要： A method of protecting a computer system against remote exploitation attacks performed over a network to which the computer system is connected. The method includes: a) identifying a network connection that is not associated with a successful authentication and which carries a traffic level in excess of a predefined threshold; b) reporting the identified network connection as a real or potential remote exploitation attack; and c) taking an action or actions to mitigate against the real or potential remote exploitation attack.

3. 发明授权

US11449610B2 Threat detection system 有权
公开(公告)号：US11449610B2
公开(公告)日：2022-09-20
申请号：US16356431
申请日：2019-03-18
申请人： F-Secure Corporation
发明人： Mikko Suominen , Dmitriy Komashinskiy , Fredrik Kock
IPC分类号： G06F21/56 , G06F8/61
摘要： There is provided a method of detecting a threat against a computer system. The method includes monitoring installation and operation of multiple different versions of the same application in a computer system; analysing evolutionary changes between the behaviours of the different versions of the same application; detecting and monitoring a new version of the same application in a computer system; monitoring the behavior of the computer system to detect one or more procedures of the monitored application that do not match expected behaviors of the monitored application on the basis of the analysis; and upon detection of one or more procedures not matching the expected behaviors of the monitored application, identifying the monitored application as malicious or suspicious.

4. 发明申请

US20220191224A1 METHOD OF THREAT DETECTION IN A THREAT DETECTION NETWORK AND THREAT DETECTION NETWORK 有权
公开(公告)号：US20220191224A1
公开(公告)日：2022-06-16
申请号：US17550094
申请日：2021-12-14
申请人： F-Secure Corporation
发明人： Mika STÅHLBERG , Matti AKSELA
IPC分类号： H04L9/40
摘要： A network node of a threat detection network, a backend server of a threat detection network, a threat detection network and a threat detection method in a threat detection network. The threat detection network comprises interconnected network nodes and a backend system, wherein at least part of the nodes comprise security agent modules which collect data related to the respective network node. The method comprises collecting and/or analyzing at the network node data related to a network node, generating at least one local behavior model at the network node related to the network node on the basis of the collected and/or analyzed data, sharing at least one generated local behavior model related to the network node with one or more other nodes and/or with the backend system, comparing user activity in a node to the generated local behavior model and/or a received behavior model, and alerting the backend and/or the other nodes, e.g. about anomalous behavior, if deviation from the generated local behavior model and/or the received behavior model is detected, and/or comparing at the backend system the anomalous data with other behavior models, e.g. with other behavior models in the same organization and/or behavior models of known malicious users, and sending from the backend system to the node results and/or data relating to the comparison.

5. 发明授权

US11265335B2 Method for threat control in a computer network security system 有权
公开(公告)号：US11265335B2
公开(公告)日：2022-03-01
申请号：US16452748
申请日：2019-06-26
申请人： F-Secure Corporation
发明人： Jarno Niemela
IPC分类号： H04L29/06 , G06N20/00
摘要： A method comprising: monitoring events collected from a plurality of network nodes; detecting a first suspicious event among the monitored events by a detection mechanism; monitoring the behaviour of the first suspicious event and any related events; in case the monitored first suspicious event and/or a related event is detected to perform an activity triggering an IOC (indicator of compromise, generating a new IOC; monitoring new events when the activity ends; comparing the behaviour of the new events with the behaviour of the generated IOC; in case a matching behaviour is found, merging the new event with the first suspicious event and/or related events related to the generated IOC; and generating a security related decision on the basis of the IOC.

6. 发明授权

US11245666B2 Method for data reduction in a computer network security system 有权
公开(公告)号：US11245666B2
公开(公告)日：2022-02-08
申请号：US16452752
申请日：2019-06-26
申请人： F-Secure Corporation
发明人： Dmitriy Komashinskiy , Paolo Palumbo
IPC分类号： H04L29/06 , G06N5/02 , G06N5/04 , G06N20/00
摘要： A method including collecting and aligning raw data from a plurality of network nodes, wherein dissimilar data types are aligned as input events; filtering the input events by discarding events and/or parts of events that are detected to be equal or similar to previously observed events or events and/or parts of events found to be redundant by using predetermined criteria; separating processing of the input events into event aggregation and event enrichment processes, wherein the event aggregation process includes processing all the input events for generating aggregated events, and the event enrichment process includes processing only events passed by the filtering and the aggregated events from the event aggregation process; and analysing the data received from the event enrichment process for generating a security related decision.

7. 发明授权

US11188644B2 Application behaviour control 有权
公开(公告)号：US11188644B2
公开(公告)日：2021-11-30
申请号：US16356555
申请日：2019-03-18
申请人： F-Secure Corporation
发明人： Pavel Turbin , Dmitrii Tikhonov , Grigori Eskov , Janne Laaksonen
IPC分类号： G06F21/55 , G06F21/53 , G06F21/56
摘要： There is provided a method for application behaviour control on a computer system. The method includes grouping applications into a set of clusters, wherein each application is grouped to a specific cluster on the basis of predefined event profiles for applications in the specific cluster; monitoring procedures that a specific cluster performs on one or more computer devices; and generating a list of expected events and prohibited events of the specific cluster based on monitoring for enabling the one or more client computer devices and/or an administrator of the one or more client computer devices to take further action related to the applications installed on the one or more client computer devices.

8. 发明授权

US11080342B2 Method and apparatus for web page content categorization 有权
公开(公告)号：US11080342B2
公开(公告)日：2021-08-03
申请号：US14412717
申请日：2013-06-25
申请人： F-Secure Corporation
发明人： Christine Bejerasco , Karmina Aquino
IPC分类号： G06F16/951 , G06F16/9535 , G06F16/908 , G06F16/953 , G06F21/62
摘要： In accordance with an example embodiment of the present invention, there is provided an apparatus, including at least one processor; and at least one memory including computer program code the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following: detecting a listing of web content elements provided by a web search engine, the web content elements relating to web pages retrieved by the web search engine; analyzing one or more web content elements of the detected listing; and categorizing the content of one or more web pages on the basis of the analysis.

9. 发明授权

US11030309B2 Threat detection system 有权
公开(公告)号：US11030309B2
公开(公告)日：2021-06-08
申请号：US16223525
申请日：2018-12-18
申请人： F-Secure Corporation
发明人： Jarno Niemelä
IPC分类号： G06F21/55 , G06F21/57
摘要： There is provided a method of detecting a threat against a computer system. The method comprises: creating a modular representation of behavior of known applications on the basis of sub-components of a set of known applications; entering the modular representation to an evolutionary analysis system for generating previously unknown combinations of the procedures; storing the generated previously unknown combinations as candidate descendants of known applications to a future threat candidate database; monitoring the behavior of the computer system to detect one or more procedures matching the behavior of a stored candidate descendant in the future threat candidate database; and upon detection of one or more procedures matching the behavior of the stored candidate descendant and if the stored candidate descendant is determined to be malicious or suspicious, identifying the running application as malicious or suspicious.

10. 外观设计

USD911380S1 Display screen or portion thereof with transitional virtual camera shutter graphical user interface 有权
公开(公告)号：USD911380S1
公开(公告)日：2021-02-23
申请号：US29663992
申请日：2018-09-20
申请人： F-Secure Corporation
设计人： Harri Kiljander

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式