‌

US Patent 11770387 Graph-based detection of lateral movement in computer networks

Patent 11770387 was granted and assigned to Rapid7 on September, 2023 by the United States Patent and Trademark Office.

Overview Structured Data Issues Contributors

Is a

Patent attributes

Patent Applicant

Current Assignee

Patent Jurisdiction

United States Patent and Trademark Office

Patent Number

Patent Inventor Names

Katherine Wilbur

Vasudha Shivamoggi

Roy Donald Hodgman

Date of Patent

September 26, 2023

Patent Application Number

16931923

Date Filed

July 17, 2020

Patent Citations

US Patent 10476898 Lateral movement detection for network security analysis

US Patent 9591006 Lateral movement detection

US Patent 7624448 Intelligent intrusion detection system utilizing enhanced graph-matching of network activity with context data

US Patent 8150783 Security system for and method of detecting and responding to cyber attacks on large network systems

US Patent 8191149 System and method for predicting cyber threat

US Patent 9141790 Systems and methods for using event-correlation graphs to detect attacks on computing systems

US Patent 9202052 Dynamic graph anomaly detection framework and scalable system architecture

Patent Citations Received

US Patent 11991198 User-specific data-driven network security

0

US Patent 12126695 Enhancing security of a cloud deployment based on learnings from other cloud deployments

0

US Patent 12126643 Leveraging generative artificial intelligence (‘AI’) for securing a monitored deployment

0

US Patent 12120140 Detecting threats against computing resources based on user behavior changes

0

US Patent 12095879 Identifying encountered and unencountered conditions in software applications

0

US Patent 12095796 Instruction-level threat assessment

0

US Patent 12095794 Universal cloud data ingestion for stream processing

0

US Patent 11973784 Natural language interface for an anomaly detection framework

0

...

Patent Primary Examiner

Badri Narayanan Champakesan

CPC Code

Patent abstract

Systems and methods are disclosed to implement a cyberattack detection system that monitors a computer network for lateral movement. In embodiments, the system uses network data from a computer network to build a baseline of connection behaviors for the network. Connection graphs are generated from new network data that indicate groups of nodes that made connections with one another during a last time interval. The graphs are analyzed for connection behavior anomalies and ranked to determine a subset of graphs with suspected lateral movement. Graphs with suspected lateral movement may be further analyzed to determine a set of possible attack paths in the lateral movements. The suspected attack paths are reported to network administrators via a notification interface. Advantageously, the disclosed system is able to detect potential lateral movements in localized portions of a network by monitoring for connection behavior anomalies in network data gathered from the network.

Timeline

No Timeline data yet.

Further Resources

Title

Author

Link

Type

Date

No Further Resources data yet.

References

Find more entities like US Patent 11770387 Graph-based detection of lateral movement in computer networks

Use the Golden Query Tool to find similar entities by any field in the Knowledge Graph, including industry, location, and more.

Open Query Tool

Golden Query Tool