公开(公告)号：US11706239B2

公开(公告)日：2023-07-18

申请号：US17003450

申请日：2020-08-26

Applicant: Cisco Technology, Inc.

Inventor： Hai Vu ,  Thanh Nhan Nguyen ,  Vaishali Palkar ,  Varun Malhotra ,  Shih-Chun Chang ,  Xin Liu

IPC: H04L9/40

CPC classification number: H04L63/1433

Abstract: Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting vulnerabilities in real-time during execution of a process or an application. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to obtain real-time process information associated with a process executing in an endpoint. The device can then determine package information for a package associated with the process based on the process information. The device can then identify at least one vulnerability associated with the package information using a database of vulnerabilities stored on a backend component of the network. The backend component may have a database of vulnerabilities for packages.

公开(公告)号：US11750653B2

公开(公告)日：2023-09-05

申请号：US17556673

申请日：2021-12-20

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Shih-Chun Chang ,  Shashi Gandham ,  Xiaofei Guo ,  Hoang Viet Nguyen ,  Xin Liu ,  Thanh Trung Ngo ,  Duan Tran ,  Xuan Loc Bui

IPC: H04L9/40

CPC classification number: H04L63/1491 ,  H04L63/102 ,  H04L63/1425 ,  H04L63/20

Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.

公开(公告)号：US20220116421A1

公开(公告)日：2022-04-14

申请号：US17556673

申请日：2021-12-20

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Shih-Chun Chang ,  Shashi Gandham ,  Xiaofei Guo ,  Hoang Viet Nguyen ,  Xin Liu ,  Thanh Trung Ngo ,  Duan Tran ,  Xuan Loc Bui

IPC: G06F21/55

Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.

公开(公告)号：US20190207976A1

公开(公告)日：2019-07-04

申请号：US15862363

申请日：2018-01-04

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Shih-Chun Chang ,  Shashi Gandham ,  Xiaofei Guo ,  Hoang Viet Nguyen ,  Xin Liu ,  Thanh Trung Ngo ,  Duan Tran ,  Xuan Loc Bui

IPC: H04L29/06

CPC classification number: H04L63/1491 ,  H04L63/102 ,  H04L63/1425 ,  H04L63/20

Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.

公开(公告)号：US20220070197A1

公开(公告)日：2022-03-03

申请号：US17003450

申请日：2020-08-26

Applicant: Cisco Technology, Inc.

Inventor： Hai Vu ,  Thanh Nhan Nguyen ,  Vaishali Palkar ,  Varun Malhotra ,  Shih-Chun Chang ,  Xin Liu

IPC: H04L29/06

Abstract: Systems, methods, and non-transitory computer-readable storage media are disclosed for detecting vulnerabilities in real-time during execution of a process or an application. In one example, a device may have one or more memories storing computer-readable instructions and one or more processors configured to execute the computer-readable instructions to obtain real-time process information associated with a process executing in an endpoint. The device can then determine package information for a package associated with the process based on the process information. The device can then identify at least one vulnerability associated with the package information using a database of vulnerabilities stored on a backend component of the network. The backend component may have a database of vulnerabilities for packages.

公开(公告)号：US20210389877A1

公开(公告)日：2021-12-16

申请号：US16899290

申请日：2020-06-11

Applicant: Cisco Technology, Inc.

Inventor： Xin Liu ,  Sunil Gupta ,  Thanh Trung Ngo ,  Xuan Loc Bui ,  Hoang Viet Nguyen ,  Shashi Gandham ,  Navindra Yadav

IPC: G06F3/06 ,  G06F9/455 ,  G06F11/14

Abstract: Systems, methods, and computer-readable for defining host functionalities in a computing environment include obtaining two or more snapshots comprising information pertaining to two or more processes executing in two or more hosts, the two or more snapshots being obtained at two or more points in time from the two or more hosts. One or more long-running processes amongst the two or more processes are identified based on one or more criteria associated with long-running processes. One or more priorities associated with the one or more long-running processes and used for defining functionalities for at least a subset of the two or more hosts, where high priorities are assigned to long-running processes, such as web server or database server processes, which are unique to at least the subset of the two or more hosts. Resources may be provisioned based on these host functionalities.

公开(公告)号：US11233821B2

公开(公告)日：2022-01-25

申请号：US15862363

申请日：2018-01-04

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Shih-Chun Chang ,  Shashi Gandham ,  Xiaofei Guo ,  Hoang Viet Nguyen ,  Xin Liu ,  Thanh Trung Ngo ,  Duan Tran ,  Xuan Loc Bui

IPC: H04L29/06

Abstract: Systems, methods, and computer-readable media for gathering network intrusion counter-intelligence. A system can maintain a decoy network environment at one or more machines. The system can identify a malicious user accessing network services through the network environment. Further, the system can receive network service access requests from the user at one or more machines in the network environment and subsequently direct the network service access requests from the malicious user to the decoy network environment based on an identification of the malicious user. The network services access requests can be satisfied with network service access responses generated in the decoy network environment. Subsequently, the system can maintain malicious user analytics based on the network service access requests of the malicious user that are directed to the decoy network environment.