17455021. DETECTING AND PREVENTING DISTRIBUTED DATA EXFILTRATION ATTACKS simplified abstract (International Business Machines Corporation)

From WikiPatents
Jump to navigation Jump to search

DETECTING AND PREVENTING DISTRIBUTED DATA EXFILTRATION ATTACKS

Organization Name

International Business Machines Corporation

Inventor(s)

Ilgen Banu Yuceer of London (GB)

SARITHA Arunkumar of Basingstoke (GB)

JULIET Grout of Evesham (GB)

Seema Nagar of Bangalore (IN)

DETECTING AND PREVENTING DISTRIBUTED DATA EXFILTRATION ATTACKS - A simplified explanation of the abstract

This abstract first appeared for US patent application 17455021 titled 'DETECTING AND PREVENTING DISTRIBUTED DATA EXFILTRATION ATTACKS

Simplified Explanation

The patent application describes a computer system and method for detecting and preventing distributed data exfiltration attacks. Here is a simplified explanation of the abstract:

  • The computer system calculates historical usage statistics for a service, instances of the service, and clients requesting the instances.
  • It generates a baseline of normal usage activities for the clients and instances based on the historical usage statistics.
  • The system monitors the current activities of the clients to build signatures of queries by the clients and signatures of the instances.
  • It correlates the signatures to determine if a data exfiltration attack is happening.
  • If a data exfiltration attack is detected, the system increases risk scores associated with the attack.
  • If the risk scores and overall risk score of the service exceed a predetermined threshold, the system generates an alert for the data exfiltration attack.

Potential applications of this technology:

  • Cybersecurity systems and software
  • Network monitoring and intrusion detection systems
  • Cloud service providers
  • Data protection and privacy tools

Problems solved by this technology:

  • Detecting and preventing distributed data exfiltration attacks
  • Identifying abnormal usage activities and potential security breaches
  • Providing real-time alerts for data exfiltration attacks

Benefits of this technology:

  • Enhanced security and protection against data exfiltration attacks
  • Early detection and prevention of potential security breaches
  • Efficient monitoring and analysis of client activities
  • Customizable risk scoring system for accurate threat assessment


Original Abstract Submitted

A computer-implemented method and a computer system for detecting and preventing distributed data exfiltration attacks. The computer system calculates historical usage statistics for a service, instances of the service, and clients requesting the instances, generates a baseline of normal usage activities for the clients and the instances based on the historical usage statistics, monitors current activities of the clients to build signatures of queries by the clients and signatures of the instances, and correlates the signatures to determine whether a data exfiltration attack is in progress. In response to determining that the data exfiltration attack is in progress, the computer system increases one or more risk scores corresponding to the data exfiltration attack. In response to determining that the one or more risk scores and an overall risk score of the service exceed a predetermined threshold, the computer system generates an alert of the data exfiltration attack.

Retrieved from "http://wikipatents.org/index.php?title=17455021._DETECTING_AND_PREVENTING_DISTRIBUTED_DATA_EXFILTRATION_ATTACKS_simplified_abstract_(International_Business_Machines_Corporation)&oldid=23534"