Determining whether continuous byte data of inputted data includes credential

US 10,339,297 B2
Filed: 01/30/2018
Issued: 07/02/2019
Est. Priority Date: 01/09/2015
Status: Active Grant

First Claim

Patent Images

1. A system for detecting user credentials, comprising:

one or more processors; and

one or more computer-readable media having stored thereon computer-executable instructions that are executable by the one or more processors to efficiently protect a user credential in an input data stream, the computer-executable instructions including instructions that are executable by the one or more processors to perform at least;

determine a plurality of data chunks in the input data stream; and

for one or more of the plurality of data chunks;

determine whether each byte of data in the data chunk comprises a valid byte value for the user credential;

represent each byte of data in the data chunk with a corresponding bit that indicates whether or not the byte of data comprises a valid byte value for the user credential;

using the representations of each byte of data in the data chunk, determine whether there is a continuous number of bits greater than or equal to a threshold number, that each indicates that its corresponding byte of data in the data chunk comprises a valid byte value for the user credential;

based on determining that there is a continuous number of bits greater than or equal to the threshold, determine a credential address range for a corresponding continuous number of bytes;

determine whether data stored at the credential address range comprises the user credential; and

when the data stored at the credential address range comprises the user credential prevent the user credential from being stored in public storage.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for detecting user credentials comprising an interface and a processor. The interface is configured to receive a plurality of data chunks. The processor is configured to determine a number of continuous bytes in the plurality of data chunks having appropriate values and, in the event that the number of the continuous bytes is greater than or equal to a threshold number of bytes, determine whether continuous byte data of the continuous bytes comprises a credential.

Citations

15 Claims

1. A system for detecting user credentials, comprising:
- one or more processors; and
  
  one or more computer-readable media having stored thereon computer-executable instructions that are executable by the one or more processors to efficiently protect a user credential in an input data stream, the computer-executable instructions including instructions that are executable by the one or more processors to perform at least;
  
  determine a plurality of data chunks in the input data stream; and
  
  for one or more of the plurality of data chunks;
  
  determine whether each byte of data in the data chunk comprises a valid byte value for the user credential;
  
  represent each byte of data in the data chunk with a corresponding bit that indicates whether or not the byte of data comprises a valid byte value for the user credential;
  
  using the representations of each byte of data in the data chunk, determine whether there is a continuous number of bits greater than or equal to a threshold number, that each indicates that its corresponding byte of data in the data chunk comprises a valid byte value for the user credential;
  
  based on determining that there is a continuous number of bits greater than or equal to the threshold, determine a credential address range for a corresponding continuous number of bytes;
  
  determine whether data stored at the credential address range comprises the user credential; and
  
  when the data stored at the credential address range comprises the user credential prevent the user credential from being stored in public storage.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A system as in claim 1, wherein the data chunk is determined using received data.
  - 3. A system as in claim 1, wherein the computer-executable instructions also including instructions that are executable by the one or more processors to provide data in response to a data address range.
  - 4. A system as in claim 1, wherein the threshold number comprises a minimum credential length.
  - 5. A system as in claim 1, wherein determining whether data comprises the user credential comprises matching a credential pattern.
  - 6. A system as in claim 1, wherein determining whether data comprises the user credential comprises meeting a credential entropy test.
  - 7. A system as in claim 1, wherein the valid byte value comprises a value in a range of ASCII values.
  - 8. A system as in claim 7, wherein the range of ASCII values comprises legal credential values.
  - 9. A system as in claim 1, wherein the data chunk comprises an M-byte data chunk.
  - 10. A system as in claim 9, wherein the M-byte data chunk comprises one of the following:
    - a 4 byte chunk, 8 byte chunk, a 16 byte chunk, a 32 byte chunk, a 64 byte chunk, or a 128 byte chunk.
  - 11. A system as in claim 1, wherein determining whether there is a continuous number of bits comprises determining the continuous number of bits across N chunks.
  - 12. A system as in claim 11, wherein N comprises one of the following:
    - 1 chunk, 2 chunks, 3 chunks, 4 chunks, 5 chunks, 6 chunks, 7 chunks, 8 chunks, 9 chunks, 10 chunks, 11 chunks, 12 chunks, 13 chunks, 14 chunks, 15 chunks, or 16 chunks.
  - 13. A system as in claim 1, wherein in the event that the data stored at the credential address range comprises a credential, one or more of the following are performed:
    - the credential is deleted, the credential is replaced, a code is code associated with the credential is stored in a private portion of a repository, and an indication is provided to a user or administrator that the credential has been uploaded.

14. A method implemented at a computer system that includes one or more processors, for efficiently protecting a user credential in an input data stream, comprising:
- determining a plurality of data chunks in the input data stream; and
  
  for one or more of the plurality of data chunks;
  
  determining whether each byte of data in the data chunk comprises a valid byte value for the user credential;
  
  representing each byte of data in the data chunk with a corresponding bit that indicates whether or not the byte of data comprises a valid byte value for the user credential;
  
  using the representation of each byte of data in the data chunk, determining whether there is a continuous number of bits, greater than or equal to a threshold number, that each indicates that its corresponding byte of data in the data chunk comprises a valid byte value for the user credential;
  
  based on determining that there is a continuous number of bits greater than or equal to the threshold number determining a credential address range for a corresponding continuous number of bytes;
  
  determining whether data stored at the credential address range comprises the user credential; and
  
  when the data stored at the credential address range comprises the user credential, prevent the user credential from being stored in public storage.

15. A computer program product comprising one or more hardware storage devices having stored thereon computer-executable instructions that are executable by one or more processors of a computer system to efficiently protect a user credential in an input data stream, for the computer-executable instructions including instruction that are executable to cause the computer system to perform at least the following:
- determining a plurality of data chunks in the in the input data stream; and
  
  for one or more of the plurality of data chunks;
  
  determining whether each byte of data in the data chunk comprises a valid byte value for the user credential;
  
  representing each byte of data in the data chunk with a corresponding bit that indicates whether or not the byte of data comprises a valid byte value for the user credential;
  
  using the representation of each byte of data in the data chunk, determining whether there is a continuous number of bits, greater than or equal to a threshold number, that each indicates that its corresponding byte of data in the data chunk comprises a valid byte value for the user credential;
  
  based on determining that there is a continuous number of bits greater than or equal to the threshold number determining a credential address range for a corresponding continuous number of bytes;
  
  determining whether data stored at the credential address range comprises the user credential; and
  
  when the data stored at the credential address range comprises the user credential, prevent the user credential from being stored in public storage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
GitHub Incorporated (Microsoft Corporation)
Inventors
Marti, Vicent
Primary Examiner(s)
Patel, Haresh N

Application Number

US15/883,824
Publication Number

US 20180247047A1
Time in Patent Office

518 Days
Field of Search

726 6
US Class Current
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 21/46   by designing passwords or c...

G06F 21/64   Protecting data integrity, ...

G06F 8/71   Version control security ar...

Determining whether continuous byte data of inputted data includes credential

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Determining whether continuous byte data of inputted data includes credential

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links