Determining whether continuous byte data of inputted data includes credential

US 9,916,438 B2
Filed: 02/28/2017
Issued: 03/13/2018
Est. Priority Date: 01/09/2015
Status: Active Grant

First Claim

Patent Images

1. A system for detecting user credentials, comprising:

an interface configured toreceive a plurality of data chunks;

a processor configured to;

determine a number of continuous bytes in the plurality of data chunks having appropriate values, comprising to;

determine whether a first byte and a second byte in the continuous bytes both correspond to an alphanumeric character, the first byte and the second byte both being next to each other in the continuous bytes; and

in response to a determination that the first byte and the second byte both correspond to the alphanumeric character, assign an appropriate value to both the first byte and the second byte;

in response to a determination that the number of the continuous bytes is greater than or equal to a threshold number of bytes, determine whether continuous byte data of the continuous bytes comprises a credential, comprising to;

perform one or more of the following;

A) determine whether the continuous byte data matches a credential pattern, the credential pattern including a length, a digit pattern, known digits, or any combination thereof; and

in response to a determination that the continuous byte data matches the credential pattern, indicate that the continuous byte data includes the credential;

orB) determine whether the continuous byte data meets a credential entropy test, the credential entropy test including determining whether the continuous byte data has a higher entropy that regular text; and

in response to a determination that the continuous byte data meets the credential entropy test, indicate that the continuous byte data includes the credential; and

in response to a determination that the continuous byte data of the continuous bytes comprises the credential, perform one or more of the following;

A) delete the credential from the plurality of data chunks;

orB) replace the credential with a code; and

store the credential in portion of a repository associated with the code.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for detecting user credentials comprising an interface and a processor. The interface is configured to receive a plurality of data chunks. The processor is configured to determine a number of continuous bytes in the plurality of data chunks having appropriate values and, in the event that the number of the continuous bytes is greater than or equal to a threshold number of bytes, determine whether continuous byte data of the continuous bytes comprises a credential.

Citations

15 Claims

1. A system for detecting user credentials, comprising:
- an interface configured toreceive a plurality of data chunks;
  
  a processor configured to;
  
  determine a number of continuous bytes in the plurality of data chunks having appropriate values, comprising to;
  
  determine whether a first byte and a second byte in the continuous bytes both correspond to an alphanumeric character, the first byte and the second byte both being next to each other in the continuous bytes; and
  
  in response to a determination that the first byte and the second byte both correspond to the alphanumeric character, assign an appropriate value to both the first byte and the second byte;
  
  in response to a determination that the number of the continuous bytes is greater than or equal to a threshold number of bytes, determine whether continuous byte data of the continuous bytes comprises a credential, comprising to;
  
  perform one or more of the following;
  
  A) determine whether the continuous byte data matches a credential pattern, the credential pattern including a length, a digit pattern, known digits, or any combination thereof; and
  
  in response to a determination that the continuous byte data matches the credential pattern, indicate that the continuous byte data includes the credential;
  
  orB) determine whether the continuous byte data meets a credential entropy test, the credential entropy test including determining whether the continuous byte data has a higher entropy that regular text; and
  
  in response to a determination that the continuous byte data meets the credential entropy test, indicate that the continuous byte data includes the credential; and
  
  in response to a determination that the continuous byte data of the continuous bytes comprises the credential, perform one or more of the following;
  
  A) delete the credential from the plurality of data chunks;
  
  orB) replace the credential with a code; and
  
  store the credential in portion of a repository associated with the code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A system as in claim 1, wherein the determining of whether the continuous byte data of the continuous bytes comprises the credential comprises:
    - performing the following;
      
      A) determining whether the continuous byte data matches a credential pattern, the credential pattern including a length, a digit pattern, known digits, or any combination thereof; and
      
      in response to a determination that the continuous byte data matches the credential pattern, indicating that the continuous byte data includes the credential; and
      
      B) determining whether the continuous byte data meets a credential entropy test, the credential entropy test including determining whether the continuous byte data has a higher entropy that regular text; and
      
      in response to a determination that the continuous byte data meets the credential entropy test, indicating that the continuous byte data includes the credential.
  - 3. A system as in claim 1, further comprising a data chunk storage configured to store the plurality of data chunks.
  - 4. A system as in claim 1, wherein appropriate values comprise values in a range of ASCII values.
  - 5. A system as in claim 1, wherein the threshold number of bytes comprises a minimum credential length.
  - 6. A system as in claim 1, wherein determining whether data of the continuous bytes comprises a credential comprises matching the continuous byte data to a credential prefix.
  - 7. A system as in claim 1, wherein a data chunk of the plurality of data chunks comprises an M-byte data chunk.
  - 8. A system as in claim 7, wherein the M-byte data chunk comprises one of the following:
    - a 4 byte chunk, 8 byte chunk, a 16 byte chunk, a 32 byte chunk, a 64 byte chunk, or a 128 byte chunk.
  - 9. A system as in claim 1, wherein a bit is used to indicate a byte having the appropriate value.
  - 10. A system as in claim 9, wherein the number of the continuous bytes is represented using a continuous number of bits.
  - 11. A system as in claim 10, wherein determining whether the number of the continuous bytes is greater than or equal to the threshold number of bytes comprises determining the continuous number of bits across N data chunks.
  - 12. A system as in claim 11, wherein N comprises one of the following:
    - 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 or 16.
  - 13. A system as in claim 1, wherein receiving the plurality of data chunks comprises receiving input data and determining the plurality of data chunks from the input data.

14. A method for detecting user credentials, comprising:
- receiving a plurality of data chunks;
  
  determining, using a processor, a number of continuous bytes in the plurality of data chunks having appropriate values, comprising;
  
  determining whether a first byte and a second byte in the continuous bytes both correspond to an alphanumeric character, the first byte and the second byte both being next to each other in the continuous bytes; and
  
  in response to a determination that the first byte and the second byte both correspond to the alphanumeric character, assigning an appropriate value to both the first byte and the second byte;
  
  in response to a determination that the number of the continuous bytes is greater than or equal to a threshold number of bytes, determining whether continuous byte data of the continuous bytes comprises a credential, comprising;
  
  performing one or more of the following;
  
  A) determining whether the continuous byte data matches a credential pattern, the credential pattern including a length, a digit pattern, known digits, or any combination thereof; and
  
  in response to a determination that the continuous byte data matches the credential pattern, indicating that the continuous byte data includes the credential;
  
  orB) determining whether the continuous byte data meets a credential entropy test, the credential entropy test including determining whether the continuous byte data has a higher entropy that regular text; and
  
  in response to a determination that the continuous byte data meets the credential entropy test, indicating that the continuous byte data includes the credential; and
  
  in response to a determination that the continuous byte data of the continuous bytes comprises the credential, performing one or more of the following;
  
  A) deleting the credential from the plurality of data chunks;
  
  orB) replacing the credential with a code; and
  
  storing the credential in portion of a repository associated with the code.

15. A computer program product for detecting user credentials, the computer program product being embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
- receiving a plurality of data chunks;
  
  determining, using a processor, a number of continuous bytes in the plurality of data chunks having appropriate values, comprising;
  
  determining whether a first byte and a second byte in the continuous bytes both correspond to an alphanumeric character, the first byte and the second byte both being next to each other in the continuous bytes; and
  
  in response to a determination that the first byte and the second byte both correspond to the alphanumeric character, assigning an appropriate value to both the first byte and the second byte;
  
  in response to a determination that the number of the continuous bytes is greater than or equal to a threshold number of bytes, determining whether continuous byte data of the continuous bytes comprises a credential, comprising;
  
  performing one or more of the following;
  
  A) determining whether the continuous byte data matches a credential pattern, the credential pattern including a length, a digit pattern, known digits, or any combination thereof; and
  
  in response to a determination that the continuous byte data matches the credential pattern, indicating that the continuous byte data includes the credential;
  
  orB) determining whether the continuous byte data meets a credential entropy test, the credential entropy test including determining whether the continuous byte data has a higher entropy that regular text; and
  
  in response to a determination that the continuous byte data meets the credential entropy test, indicating that the continuous byte data includes the credential; and
  
  in response to a determination that the continuous byte data of the continuous bytes comprises the credential, performing one or more of the following;
  
  A) deleting the credential from the plurality of data chunks;
  
  orB) replacing the credential with a code; and
  
  storing the credential in portion of a repository associated with the code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
GitHub Incorporated (Microsoft Corporation)
Inventors
Marti, Vicent
Primary Examiner(s)
Patel, Haresh N

Application Number

US15/445,463
Publication Number

US 20170169210A1
Time in Patent Office

378 Days
Field of Search

726 4- 7
US Class Current
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 21/46   by designing passwords or c...

G06F 21/64   Protecting data integrity, ...

G06F 8/71   Version control security ar...

Determining whether continuous byte data of inputted data includes credential

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Determining whether continuous byte data of inputted data includes credential

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links