Labeling computing objects for improved threat detection

Threat detection in a network, involving processing a first object on an endpoint, the first object from a location external to the endpoint; in response to a first observed action, colouring the object with a descriptor of a context for the first observed action by persistently associating the desc...

Full description

Saved in:
Bibliographic Details
Main Authors Mark D Harris, Andrew J Thomas, John Edward Tyrone Shaw, Neil Robert Tyndale Watkiss, Harald Schutz, Robert W Cook, Simon Neil Reed, Anthony John Merry, Daniel Salvatore Schiappa, Kenneth D Ray
Format Patent
LanguageEnglish
Published 06.02.2019
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

Abstract Threat detection in a network, involving processing a first object on an endpoint, the first object from a location external to the endpoint; in response to a first observed action, colouring the object with a descriptor of a context for the first observed action by persistently associating the descriptor with the first object, the context including at least one attribute identifying the first object as exposed to external data; inheriting the descriptor at a second object when the second object is the target of an action by the first object ; applying a rule dependent on the descriptor in response to a second observed action of the second object to detect a reportable event based in part on an exposure of the second object to the external data; and transmitting information including a description of the reportable event and the second object along with the descriptor of the context to a threat management facility.
AbstractList Threat detection in a network, involving processing a first object on an endpoint, the first object from a location external to the endpoint; in response to a first observed action, colouring the object with a descriptor of a context for the first observed action by persistently associating the descriptor with the first object, the context including at least one attribute identifying the first object as exposed to external data; inheriting the descriptor at a second object when the second object is the target of an action by the first object ; applying a rule dependent on the descriptor in response to a second observed action of the second object to detect a reportable event based in part on an exposure of the second object to the external data; and transmitting information including a description of the reportable event and the second object along with the descriptor of the context to a threat management facility.
Author Mark D Harris
Harald Schutz
Andrew J Thomas
Daniel Salvatore Schiappa
Kenneth D Ray
Robert W Cook
Simon Neil Reed
Neil Robert Tyndale Watkiss
John Edward Tyrone Shaw
Anthony John Merry
Author_xml – fullname: Mark D Harris
– fullname: Andrew J Thomas
– fullname: John Edward Tyrone Shaw
– fullname: Neil Robert Tyndale Watkiss
– fullname: Harald Schutz
– fullname: Robert W Cook
– fullname: Simon Neil Reed
– fullname: Anthony John Merry
– fullname: Daniel Salvatore Schiappa
– fullname: Kenneth D Ray
BookMark eNrjYmDJy89L5WSw8ElMSs3JzEtXSM7PLSgtAbHyk7JSk0uKFdLyixQycwuK8stSUxRKMopSE0sUUlJLgHKZ-Xk8DKxpiTnFqbxQmptBwc01xNlDN7UgPz61uCAxOTUvtSTe3cnI1MzAwszQycKYCCUA28EwBw
ContentType Patent
DBID EVB
DatabaseName esp@cenet
DatabaseTitleList
Database_xml – sequence: 1
  dbid: EVB
  name: esp@cenet
  url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP
  sourceTypes: Open Access Repository
DeliveryMethod fulltext_linktorsrc
Discipline Medicine
Chemistry
Sciences
Physics
ExternalDocumentID GB2560861B8
GroupedDBID EVB
ID FETCH-epo_espacenet_GB2560861B83
IEDL.DBID EVB
IngestDate Fri Jul 19 16:24:48 EDT 2024
IsOpenAccess true
IsPeerReviewed false
IsScholarly false
Language English
LinkModel DirectLink
MergedId FETCHMERGED-epo_espacenet_GB2560861B83
Notes Application Number: GB20180011123
OpenAccessLink https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20190206&DB=EPODOC&CC=GB&NR=2560861B8
ParticipantIDs epo_espacenet_GB2560861B8
PublicationCentury 2000
PublicationDate 20190206
PublicationDateYYYYMMDD 2019-02-06
PublicationDate_xml – month: 02
  year: 2019
  text: 20190206
  day: 06
PublicationDecade 2010
PublicationYear 2019
RelatedCompanies Sophos Limited
RelatedCompanies_xml – name: Sophos Limited
Score 3.1899223
Snippet Threat detection in a network, involving processing a first object on an endpoint, the first object from a location external to the endpoint; in response to a...
SourceID epo
SourceType Open Access Repository
SubjectTerms CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Title Labeling computing objects for improved threat detection
URI https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20190206&DB=EPODOC&locale=&CC=GB&NR=2560861B8
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LT8MwDLbGeN6ggBgv5YB6q2hpl_ZSIfW1CcE2oYF2m5om1XppJxrE38eJusEFblEiWU6kz5_j2A7AneswlzNqWx4aAssrc88KuMMth7Ey53aOFKG7fU7o-M17WgwXPag2tTC6T-iXbo6IiCoQ71Lb6_VPECvRuZXtPatwqnnM5mFidrdjZLcHm5pJFKazaTKNzTgOR5E5eQ0VswfUiYId2EUv2ldgSN8jVZSy_s0o2THszVBYLU-gJ2oDDuPNx2sGHLx0790G7OsEzaLFyQ6E7SkEzznTVeSk0F8yqFHDVDylJeiCkkrHCQQncqU8QsKF1PlW9RmQLJ3HYwuVWW43vhxFW7Xdc-jXTS0ugFCb8aC0BRWs8IZC5CVzfR-x5bnCZo4_gMGfYi7_WbuCI3WCOiWZXkNffnyKG2RcyW71WX0DmmmGag
link.rule.ids 230,309,783,888,25576,76876
linkProvider European Patent Office
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1LT8MwDLbGeIwbDBDjmQPqraJds7SXCqmPbcBeQgPtVjVNKnZpJ1rE38eJtsEFblEiWU6kz5_j2A7AnWNzR3BmmRQNgUnzlJqesIVpc56nwkqRInS3zwkbvtKnRW_RgOWmFkb3Cf3SzRERURnivdb2evUTxIp0bmV1z5c4VT70535krG_HyG5dixlR4MezaTQNjTD0B4ExefEVs3vMDrwd2EUP21VgiN8CVZSy-s0o_SPYm6Gwoj6Ghiza0Ao3H6-14WC8fu9uw75O0MwqnFyDsDoBb5RyXUVOMv0lgxqVXMVTKoIuKFnqOIEUpH5XHiERstb5VsUpkH48D4cmKpNsN54Mgq3azhk0i7KQ50CYxYWXW5JJntGelGnOHddFbFFHWtx2O9D5U8zFP2u30BrOx6Nk9Dh5voRDdZo6PZldQbP--JTXyL41v9Hn9g0TtIld
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=Labeling+computing+objects+for+improved+threat+detection&rft.inventor=Mark+D+Harris&rft.inventor=Andrew+J+Thomas&rft.inventor=John+Edward+Tyrone+Shaw&rft.inventor=Neil+Robert+Tyndale+Watkiss&rft.inventor=Harald+Schutz&rft.inventor=Robert+W+Cook&rft.inventor=Simon+Neil+Reed&rft.inventor=Anthony+John+Merry&rft.inventor=Daniel+Salvatore+Schiappa&rft.inventor=Kenneth+D+Ray&rft.date=2019-02-06&rft.externalDBID=B8&rft.externalDocID=GB2560861B8