US 12,452,307 B2
Advanced detection of identity-based attacks to assure identity fidelity in information technology environments
Jason Crabtree, Vienna, VA (US); and Richard Kelley, Woodbridge, VA (US)
Assigned to QOMPLX LLC, Reston, VA (US)
Filed by QOMPLX LLC, Reston, VA (US)
Filed on Oct. 18, 2022, as Appl. No. 17/968,420.
Application 17/968,420 is a continuation of application No. 17/000,504, filed on Aug. 24, 2020, granted, now 11,477,245.
Application 17/000,504 is a continuation in part of application No. 16/855,724, filed on Apr. 22, 2020, granted, now 11,218,510, issued on Jan. 4, 2022.
Application 16/855,724 is a continuation in part of application No. 16/836,717, filed on Mar. 31, 2020, granted, now 10,917,428, issued on Feb. 9, 2021.
Application 16/855,724 is a continuation in part of application No. 16/777,270, filed on Jan. 30, 2020, granted, now 11,025,674, issued on Jun. 1, 2021.
Application 16/836,717 is a continuation in part of application No. 16/720,383, filed on Dec. 19, 2019, granted, now 10,944,795, issued on Mar. 9, 2021.
Application 17/000,504 is a continuation in part of application No. 16/412,340, filed on May 14, 2019, granted, now 11,539,663.
Application 16/412,340 is a continuation in part of application No. 16/267,893, filed on Feb. 5, 2019, abandoned.
Application 16/267,893 is a continuation in part of application No. 16/248,133, filed on Jan. 15, 2019, abandoned.
Application 16/836,717 is a continuation in part of application No. 15/887,496, filed on Feb. 2, 2018, granted, now 10,783,241, issued on Sep. 22, 2020.
Application 16/248,133 is a continuation in part of application No. 15/849,901, filed on Dec. 21, 2017, granted, now 11,023,284, issued on Jun. 1, 2021.
Application 15/849,901 is a continuation in part of application No. 15/835,436, filed on Dec. 7, 2017, granted, now 10,572,828, issued on Feb. 25, 2020.
Application 15/849,901 is a continuation in part of application No. 15/835,312, filed on Dec. 7, 2017, granted, now 11,055,451, issued on Jul. 6, 2021.
Application 16/720,383 is a continuation of application No. 15/823,363, filed on Nov. 27, 2017, granted, now 10,560,483, issued on Feb. 11, 2020.
Application 15/887,496 is a continuation in part of application No. 15/823,285, filed on Nov. 27, 2017, granted, now 10,740,096, issued on Aug. 11, 2020.
Application 15/887,496 is a continuation in part of application No. 15/818,733, filed on Nov. 20, 2017, granted, now 10,673,887, issued on Jun. 2, 2020.
Application 16/248,133 is a continuation in part of application No. 15/813,097, filed on Nov. 14, 2017, abandoned.
Application 16/248,133 is a continuation in part of application No. 15/806,697, filed on Nov. 8, 2017, abandoned.
Application 15/835,436 is a continuation in part of application No. 15/790,457, filed on Oct. 23, 2017, granted, now 10,884,999, issued on Jan. 5, 2021.
Application 15/790,457 is a continuation in part of application No. 15/790,327, filed on Oct. 23, 2017, granted, now 10,860,951, issued on Dec. 8, 2021.
Application 15/823,285 is a continuation in part of application No. 15/788,718, filed on Oct. 19, 2017, granted, now 10,861,014, issued on Dec. 8, 2020.
Application 15/788,718 is a continuation in part of application No. 15/788,002, filed on Oct. 19, 2017, abandoned.
Application 15/788,002 is a continuation in part of application No. 15/787,601, filed on Oct. 18, 2017, granted, now 10,860,660, issued on Dec. 8, 2020.
Application 15/818,733 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 15/823,363 is a continuation in part of application No. 15/725,274, filed on Oct. 4, 2017, granted, now 10,609,079, issued on Mar. 31, 2020.
Application 16/248,133 is a continuation in part of application No. 15/673,368, filed on Aug. 9, 2017, abandoned.
Application 15/725,274 is a continuation in part of application No. 15/655,113, filed on Jul. 20, 2017, granted, now 10,735,456, issued on Aug. 4, 2020.
Application 15/813,097 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/655,113 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/790,327 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/787,601 is a continuation in part of application No. 15/616,427, filed on Jun. 7, 2017, abandoned.
Application 15/673,368 is a continuation in part of application No. 15/376,657, filed on Dec. 13, 2016, granted, now 10,402,906, issued on Sep. 3, 2019.
Application 15/806,697 is a continuation in part of application No. 15/376,657, filed on Dec. 13, 2016, granted, now 10,402,906, issued on Sep. 3, 2019.
Application 15/806,697 is a continuation in part of application No. 15/343,209, filed on Nov. 4, 2016, granted, now 11,087,403.
Application 15/376,657 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/655,113 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/343,209 is a continuation in part of application No. 15/237,625, filed on Aug. 15, 2016, granted, now 10,248,910, issued on Apr. 2, 2019.
Application 15/343,209 is a continuation in part of application No. 15/229,476, filed on Aug. 5, 2016, granted, now 10,454,791, issued on Oct. 22, 2019.
Application 15/237,625 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/229,476 is a continuation in part of application No. 15/206,195, filed on Jul. 8, 2016, abandoned.
Application 15/206,195 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/835,312 is a continuation in part of application No. 15/186,453, filed on Jun. 18, 2016, abandoned.
Application 15/186,453 is a continuation in part of application No. 15/166,158, filed on May 26, 2016, abandoned.
Application 15/790,327 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/166,158 is a continuation in part of application No. 15/141,752, filed on Apr. 28, 2016, granted, now 10,860,962, issued on Dec. 8, 2020.
Application 15/141,752 is a continuation in part of application No. 15/091,563, filed on Apr. 5, 2016, granted, now 10,204,147, issued on Feb. 12, 2019.
Application 15/141,752 is a continuation in part of application No. 14/986,536, filed on Dec. 31, 2015, granted, now 10,210,255, issued on Feb. 19, 2019.
Application 15/616,427 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Application 15/141,752 is a continuation in part of application No. 14/925,974, filed on Oct. 28, 2015, abandoned.
Claims priority of provisional application 62/568,298, filed on Oct. 4, 2017.
Claims priority of provisional application 62/568,312, filed on Oct. 4, 2017.
Claims priority of provisional application 62/568,305, filed on Oct. 4, 2017.
Claims priority of provisional application 62/568,291, filed on Oct. 4, 2017.
Claims priority of provisional application 62/568,307, filed on Oct. 4, 2017.
Prior Publication US 2023/0116838 A1, Apr. 13, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 16/2458 (2019.01); G06F 16/951 (2019.01)
CPC H04L 63/20 (2013.01) [G06F 16/2477 (2019.01); G06F 16/951 (2019.01); H04L 63/1425 (2013.01); H04L 63/1441 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system for detection and mitigation of authentication attacks, comprising:
a graph module comprising a first plurality of programming instructions stored in a memory of, and operating on a processor of, a computing device, wherein the first plurality of programming instructions, when operating on the processor, cause the computing device to:
retrieve information about an authentication transaction, the information comprising authentication data regarding clients, services, and key distribution centers;
create a graph representing a plurality of authentication transactions, the graph comprising nodes representing the clients, services, and key distribution centers associated with a plurality of authentication transactions and edges representing time-series identity information associated with each independent authentication transaction; and
identify cybersecurity attacks by detecting missing or anomalous data within the time-series identity information.