The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 21, 2025
Filed:
Jul. 02, 2021
Palo Alto Networks, Inc., Santa Clara, CA (US);
Krishnan Shankar Narayan, San Jose, CA (US);
Palo Alto Networks, Inc., Santa Clara, CA (US);
Abstract
A system processes an API specification provided by a vendor to determine and classify the functions defined therein by CRUD operation type based on analysis of the function names. Classification of the function includes associating a bitmask corresponding to the class with the function name. The system then subscribes to an event stream including logged API function call events during a time window overlapping with a 'blind spot' period of attack detection. The system analyzes incoming events to identify an associated resource and an API function call. The system classifies the function based on the determined function classes and performs a bitwise operation between bit values maintained for the identified resource that are indicative of resource state and the bitmask of the function class. If the resulting bit values indicate that the resource was both created and deleted during the time window, the system flags the resource as potentially involved in an attack.