Real-time user awareness for a computer network
First Claim
1. A method performed by a computer system, for determining a user name likely to be associated with an attack, a configuration, or a vulnerability, comprising:
- obtaining first data which associates user names with individual IP addresses onto which the user names were logged in;
obtaining second data which associates attacks, configurations, or vulnerabilities with individual IP addresses on which the attacks occurred or on which the configurations or vulnerabilities exist; and
associating the user names from the first data with the attacks, configurations or vulnerabilities from the second data based on having the same IP address during a log-in,wherein an individual user name is indicated as being associated with attacks which occurred while the individual user name was logged in or with configurations or vulnerabilities for an IP address onto which the user logs in.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer system, device, computer software, and/or method performed by a computer system, is provided for determining a user name likely to be associated with an attack, a configuration, or a vulnerability. First data is obtained which associates user names with individual IP addresses onto which the user names were logged in. Second data is obtained which associates attacks, configurations, or vulnerabilities with individual IP addresses on which the attacks occurred or on which the configurations or vulnerabilities exist. The user names from the first data are associated with the attacks, configurations or vulnerabilities from the second data based on having the same IP address during a log-in. An individual user name is indicated as being associated with attacks which occurred while the individual user name was logged in or with configurations or vulnerabilities for an IP address onto which the user logs in.
141 Citations
20 Claims
-
1. A method performed by a computer system, for determining a user name likely to be associated with an attack, a configuration, or a vulnerability, comprising:
-
obtaining first data which associates user names with individual IP addresses onto which the user names were logged in; obtaining second data which associates attacks, configurations, or vulnerabilities with individual IP addresses on which the attacks occurred or on which the configurations or vulnerabilities exist; and associating the user names from the first data with the attacks, configurations or vulnerabilities from the second data based on having the same IP address during a log-in, wherein an individual user name is indicated as being associated with attacks which occurred while the individual user name was logged in or with configurations or vulnerabilities for an IP address onto which the user logs in. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable medium comprising instructions being executed by a computer, the instructions including a computer-implemented method for determining a user name likely to be associated with an attack, a configuration, or a vulnerability, the instructions for implementing:
-
obtaining first data which associates user names with individual IP addresses onto which the user names were logged in; obtaining second data which associates attacks, configurations or vulnerabilities with individual IP addresses on which the attacks occurred or on which the configurations or vulnerabilities exist; and associating the user names from the first data with the attacks, configurations or vulnerabilities from the second data based on having the same IP address during a log-in, wherein an individual user name is indicated as being associated with attacks which occurred while the individual user name was logged in and with configurations or vulnerabilities for an IP address onto which the user logs in. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer system for determining a user name likely to be associated with an attack, a configuration, or a vulnerability, comprising:
-
a display operable to receive screens to be displayed to a user, and a processor cooperatively operable with the memory and the display, and configured to facilitate; obtaining first data which associates user names with individual IP addresses onto which the user names were logged in; obtaining second data which associates attacks, configurations or vulnerabilities with individual IP addresses on which the attacks occurred or on which the configurations or vulnerabilities exist; and associating the user names from the first data with the attacks, configurations or vulnerabilities from the second data based on having the same IP address during a log-in, wherein an individual user name is indicated in a screen to be displayed to a user as being associated with attacks which occurred while the individual user name was logged in and with configurations or vulnerabilities for an IP address onto which the user logs in. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification