-
公开(公告)号:US20240005001A1
公开(公告)日:2024-01-04
申请号:US17868378
申请日:2022-07-19
申请人: CITRIX SYSTEMS, INC.
发明人: Andreas Varnavas , Georgios Papaloukopoulos , Asterios Stergioudis , Dimitrios Markonis , Nikolaos Tsapakis , Georgios Tsolis
CPC分类号: G06F21/566 , G06N7/005
摘要: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to detect triggering of one or more threat detectors. The at least one processor is further configured to activate a subset of nodes from a plurality of nodes in a Bayesian network in response to the detection, the activated subset of nodes associated with the triggered threat detectors. The at least one processor is further configured to calculate a probability of malicious action using the Bayesian network to combine probabilities associated with the activated subset of nodes. The at least one processor is further configured to determine that the probability exceeds a threshold value. The at least one processor is further configured to perform a security action in response to the determination.
-
公开(公告)号:US11303550B2
公开(公告)日:2022-04-12
申请号:US17002048
申请日:2020-08-25
申请人: Citrix Systems, Inc.
IPC分类号: H04L12/26 , H04L43/0817 , H04L43/067 , H04L43/065
摘要: Described embodiments provide systems and methods for monitoring server utilization and reallocating resources using upper bound values. A device can determine a value indicative of an upper bound of a processing load of a server using data points detected for the processing load over a first range of time. The upper bound can correspond to a percentage of the processing load during the first range of time. The device can monitor, using the value, the processing load of the server over a second range of time. A determination can be made whether the value of the processing load is greater than a threshold during the second range of time. The device can generate an alert for the device responsive to a comparison of the value of the processing load to the threshold.
-
公开(公告)号:US20220360596A1
公开(公告)日:2022-11-10
申请号:US17321847
申请日:2021-05-17
申请人: Citrix Systems, Inc.
发明人: Andreas Varnavas , Ananthaneni Sai Teja Chowdary , Nikolaos Tsapakis , Premkumar SJ , Manikam Muthiah
IPC分类号: H04L29/06
摘要: A system and method that detects malicious account creation in a web-based platform. A method includes detecting suspicious events associated with an account creation process using a username classifier that evaluates a username used to create a new account, an IP address classifier that evaluates an IP address used to create the new account, and a domain classifier that evaluates a domain from an email address used to create the new account; analyzing each detected suspicious event with a density analysis classifier to determine if each detected suspicious event comprises a malicious event based on a density of detected suspicious events from a collections of account creation processes; and determining an alert condition based on at least one malicious event detection.
-
公开(公告)号:US20220156154A1
公开(公告)日:2022-05-19
申请号:US17138162
申请日:2020-12-30
申请人: Citrix Systems, Inc.
摘要: Described embodiments provide systems and methods for detection of the degradation of a virtual desktop environment. A computing device may receive data from a plurality of client devices. The computing device may identify a subset of client devices from the plurality of client devices with at least one characteristic in common based on the received data. The computing device may determine a ratio of the identified subset of client devices, the ratio being a comparison of client devices of the subset with a value above a first threshold to a total number of client devices of the subset, and the value being indicative of a characteristic of performance for that client device. The computing device may identify a cause of an anomaly in the performance of the application based on the ratio exceeding a second threshold.
-
公开(公告)号:US20220029899A1
公开(公告)日:2022-01-27
申请号:US17002353
申请日:2020-08-25
申请人: Citrix Systems, Inc.
IPC分类号: H04L12/26
摘要: Described embodiments provide systems and methods for determining a change in a performance of a server. A device can receive a processing load and a request rate of a server. The device can determine a value indicative of a correlation between the processing load and the request rate of the server for a range of time. The device can determine whether the value is outside a range of a threshold for the server. The threshold can be indicative of one or more previous values determined for the server for the range of time. The device can generate an alert indicating a change in a performance of the server responsive to a comparison of the value to the threshold for the server.
-
公开(公告)号:US12001287B2
公开(公告)日:2024-06-04
申请号:US17936724
申请日:2022-09-29
申请人: Citrix Systems, Inc.
CPC分类号: G06F11/1423 , G06F9/45558 , G06F11/302 , G06F11/3495 , G06F2009/45562 , G06F2201/85 , H04L63/0272
摘要: Described embodiments provide systems and methods for detection of the degradation of a virtual desktop environment. A computing device may receive data from a plurality of client devices. The computing device may identify a subset of client devices from the plurality of client devices with at least one characteristic in common based on the received data. The computing device may determine a ratio of the identified subset of client devices, the ratio being a comparison of client devices of the subset with a value above a first threshold to a total number of client devices of the subset, and the value being indicative of a characteristic of performance for that client device. The computing device may identify a cause of an anomaly in the performance of the application based on the ratio exceeding a second threshold.
-
公开(公告)号:US11467911B2
公开(公告)日:2022-10-11
申请号:US17138162
申请日:2020-12-30
申请人: Citrix Systems, Inc.
摘要: Described embodiments provide systems and methods for detection of the degradation of a virtual desktop environment. A computing device may receive data from a plurality of client devices. The computing device may identify a subset of client devices from the plurality of client devices with at least one characteristic in common based on the received data. The computing device may determine a ratio of the identified subset of client devices, the ratio being a comparison of client devices of the subset with a value above a first threshold to a total number of client devices of the subset, and the value being indicative of a characteristic of performance for that client device. The computing device may identify a cause of an anomaly in the performance of the application based on the ratio exceeding a second threshold.
-
公开(公告)号:US20210152571A1
公开(公告)日:2021-05-20
申请号:US16714240
申请日:2019-12-13
申请人: Citrix Systems, Inc.
IPC分类号: H04L29/06
摘要: Systems and methods for identifying potential security incidents include an analytics engine that identifies a detection threshold for login failures according to a number of login successes to a system. The analytics engine may determine a number of login failures by a plurality of users to the system within a time window. The analytics engine may determine that the number of login failures to the system within the time window exceeds the detection threshold. The analytics engine may provide a notification to a device indicating a potential security incident responsive to the number of login failures exceeding the detection threshold.
-
公开(公告)号:US20220029901A1
公开(公告)日:2022-01-27
申请号:US17002048
申请日:2020-08-25
申请人: Citrix Systems, Inc.
IPC分类号: H04L12/26
摘要: Described embodiments provide systems and methods for monitoring server utilization and reallocating resources using upper bound values. A device can determine a value indicative of an upper bound of a processing load of a server using data points detected for the processing load over a first range of time. The upper bound can correspond to a percentage of the processing load during the first range of time. The device can monitor, using the value, the processing load of the server over a second range of time. A determination can be made whether the value of the processing load is greater than a threshold during the second range of time. The device can generate an alert for the device responsive to a comparison of the value of the processing load to the threshold.
-
10.发明公开公开(公告)号:US20240004995A1
公开(公告)日:2024-01-04
申请号:US18049909
申请日:2022-10-26
申请人: CITRIX SYSTEMS, INC.
CPC分类号: G06F21/554 , G06N7/005 , G06F2201/81
摘要: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to detect triggering of one or more threat detectors and activate a subset of nodes associated with the triggered threat detectors from a plurality of nodes in a Bayesian network in response to the detection. The at least one processor is further configured to determine that feedback associated with the triggered threat detectors is available and, if so, accumulate the feedback to a feedback node of the network, the feedback node associated with the triggered threat detectors. The at least one processor is further configured to calculate a probability of malicious action using the network to combine probabilities associated with the activated subset of nodes and the feedback node, determine that the probability exceeds a threshold value, and perform a security action in response to the determination.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.017 秒)
