The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jul. 20, 2021
Filed:
Jan. 30, 2019
Palo Alto Networks (Israel Analytics) Ltd., Tel Aviv, IL;
Idan Amit, Ramat Gan, IL;
Yinnon Meshi, Kibbutz Revivim, IL;
Jonathan Allon, Haifa, IL;
Aviad Meyer, Hod-Hasharon, IL;
PALO ALTO NETWORKS (ISRAEL ANALYTICS) LTD., Tel Aviv, IL;
Abstract
A method, including identifying, in network data traffic, multiple scans, each of the scans including an access, in the traffic, of a plurality of ports on a given destination node by a given source node during a predefined period. Respective first probabilities of being accessed during any given scan computed for the communication ports that were accessed in the identified scans, and a respective second probability that both of the ports in the pair were accessed during any given scan are computed for each pair of the ports in the identified scans. Upon detecting a scan by one of the nodes including accesses of first and second ports on a given destination node for which the respective second probability for the pair of the first and second ports is lower than a threshold dependent upon the respective first probabilities of the first and second ports, a preventive action is initiated.