Security test tool

US 10,164,990 B2
Filed: 03/11/2016
Issued: 12/25/2018
Est. Priority Date: 03/11/2016
Status: Active Grant

First Claim

Patent Images

1. A test tool comprising:

a hardware processor;

a connection engine implemented by the hardware processor and configured to connect to a first non-relational database, a second non-relational database, and a server, the first non-relational database is flushed periodically;

a transformation engine implemented by the hardware processor and configured to;

receive a first message from the first non-relational database, the first message comprises a name of a first column of a table in the first non-relational database, a type of the first column, and a first plurality of values stored in the first column, a value of the first plurality of values indicating whether a network intrusion is detected;

receive a second message from the second non-relational database, the second message comprises a name of a second column of a table in the second non-relational database, a type of the second column, and a second plurality of values stored in the second column; and

transform the second message into a JavaScript Object Notation message;

a validation engine implemented by the hardware processor and configured to;

compare the first message with a server log stored on the server;

determine, based on the comparison of the first message with the server log, that the server log includes a value that does not match any of the first plurality of values stored in the first column;

compare the JavaScript Object Notation message with the server log;

determine, based on the comparison of the JavaScript Object Notation message with the server log, that the JavaScript Object Notation message includes an error;

in response to the determination that the server log includes a value that does not match any of the first plurality of values stored in the first column and the determination that the JavaScript Object Notation message includes the error, determine that a security tool is malfunctioning;

a messaging engine implemented by the hardware processor and configured to communicate a message indicating that the server log includes a value that does not match any of the first plurality of values stored in the first column and that the second message contains the error, wherein a remedial action is performed in response to the message to repair the malfunctioning security tool.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A test tool includes a connection engine, a transformation engine, a validation engine, and a messaging engine. The connection engine connects to a first non-relational database, a second non-relational database, and a server. The transformation engine receives first and second messages from the first and second non-relational databases and transforms the second message into a JavaScript Object Notation message. The validation engine compares the first message with a server log stored on the server to determine whether information in the first message matches information in the server log and compares the JavaScript Object Notation message with the server log to determine whether information in the second message matches information in the server log. The messaging engine communicates a message indicating that information in the first message and the second message match information in the server log.

Citations

9 Claims

1. A test tool comprising:
- a hardware processor;
  
  a connection engine implemented by the hardware processor and configured to connect to a first non-relational database, a second non-relational database, and a server, the first non-relational database is flushed periodically;
  
  a transformation engine implemented by the hardware processor and configured to;
  
  receive a first message from the first non-relational database, the first message comprises a name of a first column of a table in the first non-relational database, a type of the first column, and a first plurality of values stored in the first column, a value of the first plurality of values indicating whether a network intrusion is detected;
  
  receive a second message from the second non-relational database, the second message comprises a name of a second column of a table in the second non-relational database, a type of the second column, and a second plurality of values stored in the second column; and
  
  transform the second message into a JavaScript Object Notation message;
  
  a validation engine implemented by the hardware processor and configured to;
  
  compare the first message with a server log stored on the server;
  
  determine, based on the comparison of the first message with the server log, that the server log includes a value that does not match any of the first plurality of values stored in the first column;
  
  compare the JavaScript Object Notation message with the server log;
  
  determine, based on the comparison of the JavaScript Object Notation message with the server log, that the JavaScript Object Notation message includes an error;
  
  in response to the determination that the server log includes a value that does not match any of the first plurality of values stored in the first column and the determination that the JavaScript Object Notation message includes the error, determine that a security tool is malfunctioning;
  
  a messaging engine implemented by the hardware processor and configured to communicate a message indicating that the server log includes a value that does not match any of the first plurality of values stored in the first column and that the second message contains the error, wherein a remedial action is performed in response to the message to repair the malfunctioning security tool.
- View Dependent Claims (2, 3)
- - 2. The test tool of claim 1, wherein the first non-relational database is a Cassandra database and the second non-relational database is a Hadoop database.
  - 3. The test tool of claim 1, wherein the validation engine is further configured to request the second message by sending a Hive query to the second non-relational database.

4. A method comprising:
- connecting, by a hardware processor, to a first non-relational database, a second non-relational database, and a server, the first non-relational database is flushed periodically;
  
  receiving, by a hardware processor, a first message from the first non-relational database, the first message comprises a name of a first column of a table in the first non-relational database, a type of the first column, and a first plurality of values stored in the first column, a value of the first plurality of values indicating whether a network intrusion is detected;
  
  receiving, by a hardware processor, a second message from the second non-relational database, the second message comprises a name of a second column of a table in the second non-relational database, a type of the second column, and a second plurality of values stored in the second column;
  
  transforming, by a hardware processor, the second message into a JavaScript Object Notation message;
  
  comparing, by a hardware processor, the first message with a server log stored on the server;
  
  determining, based on the comparison of the first message with the server log, that the server log includes a value that does not match any of the first plurality of values stored in the first column;
  
  comparing, by a hardware processor, the JavaScript Object Notation message with the server log;
  
  determining, based on the comparison of the JavaScript Object Notation message with the server log, that the JavaScript Object Notation message includes an error;
  
  in response to the determination that the server log includes a value that does not match any of the first plurality of values stored in the first column and the determination that the JavaScript Object Notation message includes the error, determining that a security tool is malfunctioning;
  
  communicating, by a hardware processor, a message indicating that the server log includes a value that does not match any of the first plurality of values stored in the first column and that the second message contains the error, wherein a remedial action is performed in response to the message to repair the malfunctioning security tool.
- View Dependent Claims (5, 6)
- - 5. The method of claim 4, wherein the first non-relational database is a Cassandra database and the second non-relational database is a Hadoop database.
  - 6. The method of claim 4, further comprising requesting the second message by sending a Hive query to the second non-relational database.

7. A system comprising:
- a first non-relational database that is flushed periodically;
  
  a second non-relational database;
  
  a server;
  
  a security tool; and
  
  a test tool comprising a hardware processor configured to implement;
  
  a transformation engine configured to;
  
  receive a first message from the first non-relational database, the first message comprises a name of a first column of a table in the first non-relational database, a type of the first column, and a first plurality of values stored in the first column, a value of the first plurality of values indicating whether a network intrusion is detected;
  
  receive a second message from the second non-relational database, the second message comprises a name of a second column of a table in the second non-relational database, a type of the second column, and a second plurality of values stored in the second column; and
  
  transform the second message into a JavaScript Object Notation message;
  
  a validation engine configured to;
  
  compare the first message with a server log stored on the server;
  
  determine, based on the comparison of the first message with the server log, that the server log includes a value that does not match any of the first plurality of values stored in the first column;
  
  compare the second JavaScript Object Notation message with the server log;
  
  determine, based on the comparison of the JavaScript Object Notation message with the server log, that the JavaScript Object Notation message includes an error;
  
  in response to the determination that the server log includes a value that does not match any of the first plurality of values stored in the first column and the determination that the JavaScript Object Notation message includes the error, determine that a security tool is malfunctioning;
  
  a messaging engine configured to communicate a message indicating that the server log includes a value that does not match any of the first plurality of values stored in the first column and that the second message contains the error, wherein a remedial action is performed in response to the message to repair the malfunctioning security tool.
- View Dependent Claims (8, 9)
- - 8. The system of claim 7, wherein the first non-relational database is a Cassandra database and the second non-relational database is a Hadoop database.
  - 9. The system of claim 7, wherein the validation engine is further configured to request the second message by sending a Hive query to the second non-relational database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Jaganmohan, Karthik, Biswas, Indrajit
Primary Examiner(s)
Lesniewski, Victor

Application Number

US15/068,177
Publication Number

US 20170264625A1
Time in Patent Office

1,019 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/2365   Ensuring data consistency a...

G06F 21/552   involving long-term monitor...

G06F 21/57   Certifying or maintaining t...

G06F 21/604   Tools and structures for ma...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

Security test tool

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Security test tool

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links