Patent · US Active

Cloud view detection of virtual machine brute force attacks

US11159542B2 · kind B2 · utility

0Cited by

1References

20Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Tomer Weinberger · Gilon, IL
Tomer Koren · Nes Ziona, IL
Hani Hana Neuvirth · Redmond, US
Omer Karin · Tel Aviv-Yafo, IL

Key dates

Filing date	Mar 21, 2019
Grant date	Oct 26, 2021
Priority date	—
Expiry date	Feb 14, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1466
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for detecting machine logon attacks within a cloud service. The method can include accessing a collection of network traffic protocol monitoring data. The network traffic protocol monitoring data can be network traffic protocol monitoring data across a cloud service. The method can also include analyzing the collection of network traffic protocol monitoring data to identify anomalous behavior by attacker entities associated with IP addresses indicating a brute force attack by the attacker entities associated with the IP addresses. Then, based on the anomalous behavior, the method can comprise identifying the IP addresses associated with the attacker entities, and at least one of attack patterns or campaign attack characteristics. Finally, the method can include compiling IP addresses associated with the attacker entities and the at least one of attack patterns or campaign attack characteristics into a reference data structure.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.