US 12,206,707 B2
Rating organization cybersecurity using probe-based network reconnaissance techniques
Jason Crabtree, Vienna, VA (US); and Andrew Sellers, Monument, CO (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX LLC, Reston, VA (US)
Filed on Feb. 1, 2021, as Appl. No. 17/164,802.
Application 17/164,802 is a continuation in part of application No. 16/720,383, filed on Dec. 19, 2019, granted, now 10,944,795.
Application 16/720,383 is a continuation of application No. 15/823,363, filed on Nov. 27, 2017, granted, now 10,560,483, issued on Feb. 11, 2020.
Application 15/823,363 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul. 20, 2017, granted, now 10,735,456, issued on Aug. 4, 2020.
Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/655,113 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/616,427 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/141,752 is a continuation in part of application No. 14/986,536, filed on Dec. 31, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 15/141,752 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/091,563 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Prior Publication US 2021/0281609 A1, Sep. 9, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 16/2458 (2019.01); G06F 16/951 (2019.01)
CPC H04L 63/20 (2013.01) [G06F 16/2477 (2019.01); G06F 16/951 (2019.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01)] 8 Claims
OG exemplary drawing
 
1. A system for probe-based active network reconnaissance, comprising:
a plurality of computing devices each comprising at least a processor, a memory, and a network interface;
wherein a plurality of programming instructions stored in one or more of the memories and operating on one or more of the processors of the plurality of computing devices causes the plurality of computing devices to:
receive traffic data from a network;
from the received traffic data, identify a connection attempt from an unknown source computing device external to the network to a target device internal to the network;
transmit a plurality of probe packets to the source computing device;
receive a plurality of response packets responsive to the transmitted probe packets from the source computing device;
perform a plurality of analysis and transformation operations on at least a portion of the received plurality of response packets;
store the results of the plurality of analysis and transformation operations as time-series data in a time-series data store; and
produce a weighted score based at least in part on the output of at least a portion of the analysis and transformation operations.