Patent · US Active

Context-aware compromise assessment

US10154066B1 · kind B1 · utility

2Cited by

1References

20Claims

0Family size

Assignee

EMC IP Holding Company LLC · US

Inventors

Anadi Madhukar · Savanuru, IN
Vishnu C. Pedasingu · Bengaluru, IN
Renjith Damodara Pisharady · Bengaluru, IN

Key dates

Filing date	Jul 21, 2017
Grant date	Dec 11, 2018
Priority date	—
Expiry date	Jul 31, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/102
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Assessing compromises of data security is achieved by establishing access control policies for data files in storage devices across an enterprise. A list is compiled of the data files that were accessed by processes executing on processors of the enterprise. A suspicion score is assigned to each of the processes based on deviations of in-memory behaviors of the processes from established criteria. In response to the suspicion score meeting a suspicious process criterion, the file system operations performed by the suspicious process are analyzed against the access control policies and the suspicion score is modified based on a degree to which the file system operations performed by the suspicious process violate the access control policies.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.