Patent · US Active

Detection and identification of targeted attacks on a computing system

US11025665B2 · kind B2 · utility

27Cited by

9References

21Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Philip Newman · Seattle, US
Puhazholi Vetrivel · Kirkland, US
Sudhakar Narayanamurthy · Redmond, US
Ejike E. Ofuonye · Redmond, US
Suresh C. Palani · Sammamish, US
Ashish Mishra · Bhubaneshwar, IN

Key dates

Filing date	Jun 8, 2020
Grant date	Jun 1, 2021
Priority date	—
Expiry date	Jun 8, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Malicious activity data is obtained, that is indicative of attempted attacks on a computing system. Clusters of targets are identified and it is determined whether the malicious activity preferentially targets one cluster of targets over other. Also, low prevalence attacks are identified and it is determined whether a low prevalence attack has a high concentration in one or more of the target clusters. If the malicious activity either preferentially targets a cluster, or a low prevalence attack has a high concentration in a cluster, then the attack is identified as a targeted attack, so that remediation steps can be taken.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.