Please download the dossier by clicking on the dossier button x
×

System and method for automatic service discovery and protection

  • US 10,594,677 B2
  • Filed: 02/14/2018
  • Issued: 03/17/2020
  • Est. Priority Date: 03/23/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for discovering unknown services operating on a network and securing the network, the method comprising:

  • collecting known service characterization data comprising characteristics of known services operating on the network, wherein known services include services identified as having an associated service identification that is known to the network;

    detecting one or more unknown services operating on the network, wherein unknown services include services without a service identification that is known to the network; and

    for each of the one or more detected unknown services;

    in response to detecting the unknown service operating on the network, collecting unknown service characterization data comprising characteristics of the detected unknown service operating on the network;

    analyzing the unknown service characterization data based on a set of expected characteristics for the unknown service, wherein analyzing the unknown service characterization data includes evaluating the unknown service characterization data using a machine learning model trained on at least the set of expected characteristics for the unknown service as a training set;

    generating a service identity probability value for the unknown service based on the analysis of the unknown service characterization data, wherein the service identity probability value indicates a likelihood that an unknown service to the network has a service identification that is known to the network; and

    in response to identifying the service identity probability value for the unknown service, applying a security measure to the unknown service based at least in part on the service identity probability value generated for the unknown service and at least one particular associated service identification that is known to the network, wherein the security measure comprises at least generating one or more security recommendations for the unknown service based at least on;

    the unknown service characterization data, a security measure required to be implemented by at least one service having the at least one particular associated service identification that is known to the network for the at least one service to continue operating on the network or for accessing the network at a future time, and a determination of whether the one or more security recommendations can be implemented with the unknown service.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×