-
1.发明授权公开(公告)号:US12088430B2
公开(公告)日:2024-09-10
申请号:US17322045
申请日:2021-05-17
申请人: CA, INC.
发明人: Mark McConnaughay , Gary Tomic , Ron Frederick
IPC分类号: H04L12/46 , H04L61/251 , H04L67/1001 , H04L69/167 , H04L69/22
CPC分类号: H04L12/4633 , H04L12/4641 , H04L61/251 , H04L67/1001 , H04L69/167 , H04L69/22
摘要: In some embodiments, a computing system includes a communication interface; and a processor that is coupled to the communication interface. In some embodiments, least one of the communication interface or the processor receives a network packet from the network via a network adapter port; encapsulates the received network packet with a tunnel header, wherein the tunnel header comprises network identifier information identifying the network adapter port; addresses, based on the network identifier information, an outer Internet protocol (IP) header of the encapsulated network packet with an outer IP address corresponding to a network function in a first computing device; and sends the encapsulated network packet toward the network function identified by the outer IP address.
-
公开(公告)号:US20240048590A1
公开(公告)日:2024-02-08
申请号:US18071435
申请日:2022-11-29
申请人: CA, Inc.
IPC分类号: H04L9/40
CPC分类号: H04L63/166 , H04L63/0442 , H04L63/30
摘要: Aspects of the disclosure include replacing, by a DNS proxy in DNS responses, a cryptographic key associated with a client-facing server for an origin content server with another cryptographic key received from a TLS proxy. A device may encrypt an extension of a ClientHello message with the other cryptographic key, such that the encrypted ClientHello (ECH) extension can be decrypted by the TLS proxy. The TLS proxy can then allow or deny the connection using a TLS intercept policy and decrypted information in the ClientHello message, and if the TLS connection is allowed, re-encrypt the ECH with the cryptographic key in the DNS response for the client-facing server to decrypt for establishment of the TLS connection with the origin content server. To preserve selective intercept while using ECH, a TLS Intercept Policy may be used to decide whether the TLS proxy feeds an Application Layer Proxy.
-
公开(公告)号:US11853454B1
公开(公告)日:2023-12-26
申请号:US16427884
申请日:2019-05-31
申请人: CA, INC.
发明人: Yuval Tarsi , Stefano Emiliozzi
CPC分类号: G06F21/6245 , G06F21/602 , H04L9/0643 , H04L9/0869 , H04L9/3213 , H04L9/3242
摘要: The disclosed computer-implemented method for preparing a secure search index for securely detecting personally identifiable information may include (i) receiving, at a computing device, a dataset including a record, where the record has a field including a value describing personally identifiable information and (ii) performing, at the computing device, a security action. The security action may include (i) generating, using a perfect hash function, a respective hashed key from the value and (ii) adding, to the secure search index (a) the respective hashed key or (b) a subsequent hashed key created from the respective hashed key. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US11665171B2
公开(公告)日:2023-05-30
申请号:US17863998
申请日:2022-07-13
申请人: CA, Inc.
发明人: David Patimer , Lior Lev-Tov , Eldad Rudich , Leonid Belkind
CPC分类号: H04L63/102 , G06F9/452 , G06F21/305 , G06F21/33 , H04L63/02 , H04L63/0281 , H04L63/0853 , H04L63/20 , H04L63/0272 , H04L63/0428 , H04L63/205
摘要: Secure access to a corporate application with translation between an internal address and an external address. In some embodiments, a method may include receiving, at a secure access cloud point of delivery (PoD), from a client application on a client device, a request to access a corporate web application that is deployed in a corporate datacenter. The method may also include forwarding, from the secure access cloud PoD, to a connector that is also deployed in the corporate datacenter, the request to access the corporate web application. The method may further include brokering, by the connector and the secure access cloud PoD, authentication of a user, authorization of access by the user, and a secure communication session between the client application and the corporate web application by translating between an internal address of the corporate web application and an external address of the corporate web application.
-
公开(公告)号:US11551137B1
公开(公告)日:2023-01-10
申请号:US16399725
申请日:2019-04-30
申请人: CA, Inc.
摘要: Machine learning adversarial campaign mitigation on a computing device. The method may include deploying an original machine learning model in a model environment associated with a client device; deploying a classification monitor in the model environment to monitor classification decision outputs in the machine learning model; detecting, by the classification monitor, a campaign of adversarial classification decision outputs in the machine learning model; applying a transformation function to the machine learning model in the model environment to transform the adversarial classification decision outputs to thwart the campaign of adversarial classification decision outputs; determining a malicious attack on the client device based in part on detecting the campaign of adversarial classification decision outputs; and implementing a security action to protect the computing device against the malicious attack.
-
公开(公告)号:US11461462B1
公开(公告)日:2022-10-04
申请号:US16138939
申请日:2018-09-21
申请人: CA, Inc.
发明人: Qichao Lan , Junda Zhu , Shaolong Shu , Tao Cheng , Rudy Senstad
摘要: The disclosed computer-implemented method for producing adjustments to malware-detecting services may include (1) receiving, from a plurality of malware-detecting services executing on a plurality of client computing devices, a respective plurality of probability scores with corresponding model identifiers for an analyzed file and a plurality of respective identifiers describing the malware-detecting services, (2) building a training dataset from at least a portion of the received plurality of probability scores with corresponding model identifiers, and (3) performing a security action including (A) training, with the training dataset, a malware-detecting linear regression ensemble machine learning model that is specific to an identifier in the plurality of identifiers and (B) sending the trained linear regression ensemble machine learning model to one of the plurality of malware-detecting services executing on one of the client computing devices. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US11411968B1
公开(公告)日:2022-08-09
申请号:US16574755
申请日:2019-09-18
申请人: CA, INC.
发明人: Ashok Banerjee , Susan Hassall
摘要: The disclosed computer-implemented method for protecting a cloud computing device from malware may include (i) intercepting, at a computing device, a malicious attempt by the malware to (A) access sensitive information in an encrypted file stored on the computing device and (B) send the sensitive information to the cloud computing device and (ii) performing, responsive to the attempt to access the encrypted file, a security action. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US11386208B1
公开(公告)日:2022-07-12
申请号:US16414341
申请日:2019-05-16
申请人: CA, Inc.
发明人: Qichao Lan , Tao Cheng
摘要: The disclosed computer-implemented method for malware detection using localized machine learning may include (i) generating a global score for a file using a global machine learning model, (ii) generating a localized score for the file using a localized machine learning model, (iii) determining that the file is malware using the global score, the localized score, and the local conviction threshold, and (iv) in response to determining that the file is malware, performing a security action to protect the computing device against malware. Various other methods, systems, and computer-readable media are also disclosed.
-
9.发明授权公开(公告)号:US11303670B1
公开(公告)日:2022-04-12
申请号:US16435179
申请日:2019-06-07
申请人: CA, Inc.
发明人: Candid Alex Wueest
摘要: Pre-filtering detection of an injected script on a webpage accessed by a computing device. The method may include receiving an indication of access to the webpage at a web browser of the computing device; identifying a web form associated with the webpage; determining that the webpage has been previously visited by the computing device; recording at least one current domain associated with at least one current object request made by the web form; determining a difference of a count of the at least one current domain associated with the at least one current object request and a count of at least one historical domain associated with at least one historical object request previously made by the webpage; identifying the webpage as suspicious based on determining that the difference is greater than zero and less than a domain threshold; and initiating a security action on the webpage based on the identifying.
-
10.发明授权公开(公告)号:US11297083B1
公开(公告)日:2022-04-05
申请号:US16541442
申请日:2019-08-15
申请人: CA Inc.
发明人: Aditya Kuppa , Slawomir Grzonkowski
摘要: Identifying and protecting against an attack against an anomaly detector machine learning classifier (ADMLC). In some embodiments, a method may include identifying training data points in a manifold space for an ADMLC, dividing the manifold space into multiple subspaces, merging each of the training data points into one of the multiple subspaces, training a subclassifier for each of the multiple subspaces to determine a decision boundary for each of the multiple subspaces between normal training data points and anomalous training data points, receiving an input data point into the ADMLC, determining whether the input data point is an attack on the ADMLC due to a threshold number of the subclassifiers classifying the input data point as an anomalous input data point, and, in response to identifying the attack against the ADMLC, protecting against the attack.
-
-
-
-
-
-
-
-
-
搜索结果
1741 条记录 (耗时 0.027 秒)
