IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 12126635 B1

PDFFull Text
Date of Patent:
Oct. 22, 2024

Filed:

Mar. 25, 2019

Bio-inspired agile cyber-security assurance framework

Applicants:

B. G. Negev Technologies & Applications Ltd., AT Ben-gurion, Beer Sheva, IL;

Nanyang Technological University, Singapore, SG;

Inventors:

Yuval Elovici, D.N. Lachish, IL;

Rami Puzis, Ashdod, IL;

Polina Zilberman, Eshkolot, IL;

Elad Marco, Beer Sheva, IL;

Aviad Elitzur, Sderot, IL;

Thambipillai Srikanthan, Nanyang, SG;

Anupam Chattopadhyay, Nanyang, SG;

Siew Kei Lam, Nanyang, SG;

Jawad Haj-Yahya, Nanyang, SG;

Assignees:

B.G. NEGEV TECHNOLOGIES AND APPLICATIONS LTD., AT BEN-GURION UNIVERSITY, , IL;

NANYANG UNIVERSITY, , SG;

Attorneys:

Clark Hill PLC

James R. Foley

Primary Examiner:

Hosuk Song

Int. Cl.
CPC ...
H04L 9/40 (2022.01); G06F 9/445 (2018.01);
U.S. Cl.
CPC ...
H04L 63/1425 (2013.01); G06F 9/44526 (2013.01); H04L 2463/146 (2013.01);
Abstract

A framework for efficiently and automatically exploring a data network and accurately identifying network threats, which comprises a plurality of software and hardware-based agents, distributed over the data network. The agents are capable of adjusting or reconfiguring, on the fly, the behavior of the agents and their ability to collect data in a targeted manner, so as to investigate suspicious incidents and alerts and collect data that was not yet collected by the system; collecting forensic data by executing tasks defined in workflows, being distributed threat intercepting programs and reporting about the collected forensic data, back to a Central Control Unit (C&C). Distributed threat intercepting programs ('workflows') are used to provide instructions to agents, to perform branching and provide instructions to the Central Control Unit (C&C), which orchestrates the agents to assure proper execution of the workflows; analyzes the collected information and presents ongoing status to an operator supervising the data network.

Find Patent Forward Citations

Loading…