The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Aug. 31, 2021
Filed:
Feb. 17, 2019
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Tal Joseph Maor, Tel Aviv, IL;
Gal Zeev Bruchim, Tel Aviv, IL;
Igal Gofman, Bat-Yam, IL;
Itai Grady Ashkenazy, Ramat Hasharon, IL;
Microsoft Technology Licensing, LLC, Redmond, WA (US);
Abstract
Cybersecurity is enhanced to detect credential spray attacks. Accounts with access failure events are divided into buckets B. . . BN based on access failure count ranges R. . . RN. For instance, accounts with one logon failure may go in B, accounts with two failures in B, etc. Buckets will thus have account involvement extents E. . . EN, which are compared to thresholds T. . . TN. An intrusion detection tool generates an alert when some Ei hits its Ti. Detection may spot any credential sprays, not merely password sprays. False positives may be reduced by excluding items from consideration, such as logon attempts using old passwords. False positives and false negatives may be balanced by tuning threshold parameters. Breached accounts may be found. Detection may also permit other responses, such as attack disruption, harm mitigation, and attacker identification. Credential spray attack detection may be combined with other security mechanisms for defense in depth of cloud and other network accounts.