Artificial intelligence-based lateral movement identification tool
US11146472B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 21, 2020 |
| Grant date | Oct 12, 2021 |
| Priority date | — |
| Expiry date | Jul 21, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L41/0893
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A lateral movement identification tool analyzes communications sent and received from a local host to identify potential instances of lateral movement. When the host-based lateral movement identification tool identifies a host to host connection, the tool processes one or more artificial intelligence algorithms to analyze information from local network resources including a directory service, a local network system such as a network basic input/output system, a domain name system, and event logs. The lateral movement identification tool correlates the aggregated information with identified host to host messaging and sends alerts when lateral movement is suspected. Alerts may be either presented locally or provided to a central console based on configuration information.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.