US 10,812,497 B2
Systems and Methods for Detecting and Responding To Security Threats Using Application Execution and Connection Lineage TracingGeneral
US 10,812,497 B2
Systems and Methods for Detecting and Responding To Security Threats Using Application Execution and Connection Lineage Tracing
Tech Center:
2400 Networking, Multiplexing, Cable, and Security
Examiner:
Eleni A Shiferaw
Art Unit:
2497 Cryptography and Security
Agent:
Inventors:
Anjan Venkatramani; Chihwei Chao
Assignee:
CORNER VENTURE PARTNERS, LLC
Priority:
12/07/16
Filed:
12/07/16
Granted:
10/20/20
Expiration:
12/29/36
Abstract
Systems and methods for detecting security threats using application execution and connection lineage tracing with embodiments of the invention are disclosed. In one embodiment, detecting suspicious activity in a network includes receiving at a collector server a first activity data including a first set of attributes, combining a first set of context information with the first activity data to generate a first activity record, comparing the first activity record to a set of baseline signatures, incrementing a count of a first matching baseline signature when the first activity record has the same values for all attributes, receiving a second activity data including a third set of attributes, combining a second set of context information with the second activity data to generate a second activity record, and generating an alert when the attributes of the second activity record differ from all baseline signatures.
Cooperative Patent Classification (CPC)
H04H04L63/1425H04L