Patent · US Active

System, method and process for detecting advanced and targeted attacks with the recoupling of kerberos authentication and authorization

US9729538B2 · kind B2 · utility

5Cited by

2References

10Claims

0Family size

Assignee

Microsoft Israel Research and Development (2002) · US

Inventors

Idan Plotnik · Dimona, IL
Tal Arieh Be'ery · Netanya, IL
Michael Dolinsky · Netanya, IL
Ohad Plotnik · Savyon, IL
Gregory Messerman · Herzliya, IL
Sivan Krigsman · Herzliya, IL

Key dates

Filing date	Sep 1, 2014
Grant date	Aug 8, 2017
Priority date	—
Expiry date	Sep 1, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1416
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method, system and computer program for recoupling Kerberos Authentication and Authorization requests, the method including the steps of: (a) extracting authorization information, including a copy of a Ticket Granting Ticket (TGT), from an authorization request; (b) retrieving authentication information including the TGT, the authentication information having been previously extracted from an authentication transaction and stored; (c) cross-referencing the extracted authorization information with the retrieved authentication information, such that a discrepancy between the cross-referenced information invokes a security event alert.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.