	US 11,736,509 B2
	Malware spread simulation for cloud security
Sean Hittel, Calgary (CA); and Ravindra K. Balupari, San Jose, CA (US)
Assigned to Netskope, Inc., Santa Clara, CA (US)
Filed by Netskope, Inc., Santa Clara, CA (US)
Filed on Dec. 2, 2020, as Appl. No. 17/110,132.
Application 17/110,132 is a continuation of application No. 15/911,034, filed on Mar. 2, 2018, granted, now 10,862,916.
Claims priority of provisional application 62/480,542, filed on Apr. 3, 2017.
Prior Publication US 2021/0092147 A1, Mar. 25, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/62 (2013.01); G06F 16/176 (2019.01); G06F 21/56 (2013.01); G06F 21/57 (2013.01); H04L 67/10 (2022.01)

CPC H04L 63/1433 (2013.01) [G06F 16/176 (2019.01); G06F 21/56 (2013.01); G06F 21/577 (2013.01); G06F 21/6218 (2013.01); H04L 63/145 (2013.01); H04L 67/10 (2013.01); G06F 2221/034 (2013.01)]

20 Claims

1. A computer-implemented method of simulating spread of a malware in cloud applications, the method including:

accessing sharing data for files shared between users via sync and share mechanisms of cloud applications;

tracing connections between the users by traversing a directed graph constructed based on the sharing data, wherein a connection of the connections comprises an edge between a first node representing a first user of the users and a second node representing a second user of the users, and wherein the edge is created when the sharing data indicates the first user shared a file with the second user via the sync and share mechanisms; and

simulating spread of a malware based on the traced connections to simulate user exposure to, infection by, and transmission of the malware, wherein the malware is spread by syncing and sharing of infected ones of the files via the sync and share mechanisms.