&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12407699.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,407,699 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Artificial intelligence-based lateral movement identification tool</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Steven E. Sinks,  Scottsdale, AZ (US); and  Jonathan Sheedy,  Poynton (GB)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Bank of America Corporation,  Charlotte, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Bank of America Corporation,  Charlotte, NC (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Dec.  4, 2023, as Appl. No. 18/528,321.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/528,321 is a continuation of application No. 18/176,080, filed on Feb.  28, 2023, granted, now 11,888,720, issued on Jan.  30, 2024.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/176,080 is a continuation of application No. 17/466,997, filed on Sep.  3, 2021, granted, now 11,632,321, issued on Apr.  18, 2023.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 17/466,997 is a continuation of application No. 16/934,266, filed on Jul.  21, 2020, granted, now 11,146,472, issued on Oct.  12, 2021.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2024/0106729 A1, Mar.  28, 2024</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 43/10</b></i> (2022.01); <i><b>G06N 5/04</b></i> (2023.01); <i><b>H04L 9/40</b></i> (2022.01); <i><b>H04L 67/06</b></i> (2022.01); <i><b>H04L 41/0893</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/1416</b></i> (2013.01)&#xa0;[<i><b>G06N 5/04</b></i> (2013.01); <i><b>H04L 43/10</b></i> (2013.01); <i><b>H04L 67/06</b></i> (2013.01); <i>H04L 41/0893</i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12407699-20250902-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A computing platform comprising:<div class="claim_text">a processor; and</div>
                <div class="claim_text">memory storing instructions that, when executed by the processor, cause the computing platform to:<div class="claim_text">identify, from real-time monitored network communications, a communication between the computing platform and a computing device;</div>
                  <div class="claim_text">determine, by an artificial intelligence engine and based on an indication of a risk factor associated with the communication and based on an indication of a user group, a probability that the communication corresponds to an unauthorized lateral movement event on a network, wherein the risk factor is associated with a network security risk and wherein the user group comprises a group of users having a same set of user group permissions on an enterprise network associated with the monitored network communications; and</div>
                  <div class="claim_text">trigger, based on the probability, an alert identifying the risk factor that the communication between the computing platform and the computing device corresponds to the unauthorized lateral movement event on the network, wherein the alert comprises a risk score corresponding to a weighted combination of a plurality of lateral movement parameters.</div>
                </div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>