The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Apr. 02, 2024
Filed:
Jul. 07, 2022
Netskope, Inc., Santa Clara, CA (US);
Yi Zhang, Santa Clara, CA (US);
Siying Yang, Saratoga, CA (US);
Yihua Liao, Fremont, CA (US);
Dagmawi Mulugeta, London, GB;
Raymond Joseph Canzanese, Jr., Philadelphia, PA (US);
Ari Azarafrooz, Rancho Santa Margarita, CA (US);
Netskope, Inc., Santa Clara, CA (US);
Abstract
The disclosed technology teaches facilitate User and Entity Behavior Analytics (UEBA) by classifying a file being transferred as encrypted or not. The technology involves monitoring movement of a files by a user over a wide area network, detecting file encryption for the files using a trained classifier, wherein the detecting includes processing by the classifier some or all of the following features extracted from each of the files: a chi-square randomness test; an arithmetic mean test; a serial correlation coefficient test; a Monte Carlo-Pi test; and a Shannon entropy test, counting a number of the encrypted files moved by the user in a predetermined period, comparing a predetermined maximum number of encrypted files allowed in the predetermined period to the count of the encrypted files moved by the user and detecting that the user has moved more encrypted files than the predetermined maximum number, and generating an alert.