公开(公告)号：US09003475B1

公开(公告)日：2015-04-07

申请号：US13489416

申请日：2012-06-05

Applicant: Sumesh Jaiswal ,  Sarin Sumit Manmohan

Inventor： Sumesh Jaiswal ,  Sarin Sumit Manmohan

IPC: G06F21/00 ,  G06F21/50

CPC classification number: H04L63/20 ,  G06F21/50 ,  G06F21/53 ,  G06F2221/2145

Abstract: A computer-implemented method for applying data-loss-prevention policies. The method may include (1) maintaining a list of applications whose access to sensitive data is controlled by data-loss-prevention (DLP) policies, (2) detecting an attempt by a process to access sensitive data, (3) determining that the process has a parent-child relationship with an application within the list of applications, and (4) applying, based at least in part on the determination that the process has the parent-child relationship with the application, a DLP policy associated with the application to the process in order to prevent loss of sensitive data. Various other methods, systems, and computer-readable media are also disclosed.

Abstract translation: 一种用于应用数据丢失防范策略的计算机实现方法。 该方法可以包括（1）维护对数据丢失防范（DLP）策略控制对敏感数据的访问的应用的列表，（2）检测一个进程访问敏感数据的尝试，（3）确定 过程与应用程序列表中的应用程序具有父子关系，以及（4）至少部分地基于进程与应用程序具有父子关系的确定应用与应用相关联的DLP策略 以防止敏感数据丢失。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US08682814B2

公开(公告)日：2014-03-25

申请号：US13038299

申请日：2011-03-01

Applicant: Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez ,  Sumesh Jaiswal ,  Ashish Aggarwal

Inventor： Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez ,  Sumesh Jaiswal ,  Ashish Aggarwal

IPC: G06F15/18

CPC classification number: G06N99/005 ,  G06F21/6209 ,  G06F2221/2101 ,  G06F2221/2107 ,  G06F2221/2141 ,  G06F2221/2147 ,  G06Q10/0631 ,  H04L63/20

Abstract: A computing device receives a training data set that includes a plurality of positive examples of sensitive data and a plurality of negative examples of sensitive data via a user interface. The computing device analyzes the training data set using machine learning to generate a machine learning-based detection (MLD) profile that can be used to classify new data as sensitive data or as non-sensitive data. The computing device displays a quality metric for the MLD profile in the user interface.

Abstract translation: 计算设备经由用户接口接收包括敏感数据的多个正例子和敏感数据的多个负例子的训练数据集。 计算设备使用机器学习分析训练数据集，以生成可用于将新数据分类为敏感数据或非敏感数据的基于机器学习的检测（MLD）简档。 计算设备在用户界面中显示MLD配置文件的质量度量。

公开(公告)号：US09015082B1

公开(公告)日：2015-04-21

申请号：US13326198

申请日：2011-12-14

Applicant: Sumesh Jaiswal ,  Ashish Aggarwal ,  Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez

Inventor： Sumesh Jaiswal ,  Ashish Aggarwal ,  Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez

IPC: G06N5/02 ,  G06F21/62

CPC classification number: G06F21/6227 ,  G06F21/6209 ,  G06F2221/2101 ,  G06F2221/2107 ,  G06F2221/2141 ,  G06F2221/2147 ,  G06N99/005 ,  G06Q10/0631 ,  H04L63/20

Abstract: A computing device receives a training data set that comprises a plurality of sensitive documents and a plurality of non-sensitive documents. The computing device determines a quality of the training data set. The quality may be determined using k-fold cross validation and/or latent semantic indexing. In response to determining that the training data set has a satisfactory quality, the computing device then analyzes the training data set using machine learning to train a machine learning-based detection (MLD) profile, the MLD profile to be used by a data loss prevention (DLP) system to classify new documents as sensitive documents or as non-sensitive documents.

Abstract translation: 计算设备接收包括多个敏感文档和多个非敏感文档的训练数据集。 计算设备确定训练数据集的质量。 可以使用k-折交叉验证和/或潜在语义索引来确定质量。 响应于确定训练数据集具有令人满意的质量，计算设备然后使用机器学习来分析训练数据集，以训练基于机器学习的检测（MLD）简档，通过数据丢失预防来使用的MLD简档 （DLP）系统将新文档分类为敏感文件或非敏感文件。

公开(公告)号：US08688601B2

公开(公告)日：2014-04-01

申请号：US13191018

申请日：2011-07-26

Applicant: Sumesh Jaiswal

Inventor： Sumesh Jaiswal

IPC: G06F15/18

CPC classification number: G06N99/005

Abstract: A computer-implemented method may include (1) identifying a plurality of specific categories of sensitive information to be protected by a DLP system, (2) obtaining a training data set for each specific category of sensitive information that includes a plurality of positive and a plurality of negative examples of the specific category of sensitive information, (3) using machine learning to train, based on an analysis of the training data sets, at least one machine learning-based classifier that is capable of detecting items of data that contain one or more of the plurality of specific categories of sensitive information, and then (4) deploying the machine learning-based classifier within the DLP system to enable the DLP system to detect and protect items of data that contain one or more of the plurality of specific categories of sensitive information in accordance with at least one DLP policy of the DLP system.

Abstract translation: 计算机实现的方法可以包括（1）识别要由DLP系统保护的多个特定类别的敏感信息，（2）获得针对每个特定类别的敏感信息的训练数据集，其包括多个正的和 多个敏感信息的特定类别的负面例子，（3）使用机器学习训练，基于训练数据集的分析，至少一个基于机器学习的分类器能够检测包含一个 或多个特定类别的敏感信息，然后（4）在DLP系统内部署基于机器学习的分类器，以使DLP系统能够检测和保护包含多个特定类别中的一个或多个的数据项 根据DLP系统的至少一个DLP策略的敏感信息类别。

公开(公告)号：US08495705B1

公开(公告)日：2013-07-23

申请号：US12763593

申请日：2010-04-20

Applicant: Amit Verma ,  Anindya Banerjee ,  Rajorshi Ghosh Choudhury ,  Sumesh Jaiswal

Inventor： Amit Verma ,  Anindya Banerjee ,  Rajorshi Ghosh Choudhury ,  Sumesh Jaiswal

IPC: G06F7/04 ,  G06F17/30

CPC classification number: G06Q10/06 ,  G06Q10/10

Abstract: A computer-implemented method for data-loss prevention may include: 1) identifying data associated with a user, 2) determining that the data is subject to a data-loss-prevention scan, 3) identifying a data-loss-prevention reputation associated with the user, and then 4) performing a data-loss-prevention operation based at least in part on the data-loss-prevention reputation associated with the user. Various other methods, systems, and computer-readable media are also disclosed.

Abstract translation: 用于数据丢失防止的计算机实现的方法可以包括：1）识别与用户相关联的数据，2）确定该数据经受数据丢失防止扫描，3）识别与数据丢失预防信誉有关 并且然后4）至少部分地基于与用户相关联的数据丢失防范信誉来执行数据丢失防止操作。 还公开了各种其它方法，系统和计算机可读介质。

公开(公告)号：US09230096B2

公开(公告)日：2016-01-05

申请号：US13539848

申请日：2012-07-02

Applicant: Sumit Sarin ,  Sumesh Jaiswal

Inventor： Sumit Sarin ,  Sumesh Jaiswal

IPC: G06F21/24 ,  G06F21/50 ,  G06F21/53 ,  G06F21/55

CPC classification number: G06F21/50 ,  G06F21/53 ,  G06F21/55 ,  G06F21/556 ,  G06F2221/2101 ,  G06F2221/2149

Abstract: A data loss prevention (DLP) manager running on a security virtual machine manages DLP policies for a plurality of guest virtual machines. The DLP manager identifies a startup event of a guest virtual machine, and installs a DLP component in the guest virtual machine. The DLP component communicates with the DLP manager operating within the security virtual machine. The DLP manager also receives file system events from the DLP component, and enforces a response rule associated with the guest virtual machine if the file system event violates a DLP policy.

Abstract translation: 在安全虚拟机上运行的数据丢失预防（DLP）管理器管理多个来宾虚拟机的DLP策略。 DLP管理器识别来宾虚拟机的启动事件，并在guest虚拟机中安装DLP组件。 DLP组件与在安全虚拟机内运行的DLP管理器通信。 DLP管理器还从DLP组件接收文件系统事件，并且如果文件系统事件违反DLP策略，则强制执行与guest虚拟机相关联的响应规则。

公开(公告)号：US20140007181A1

公开(公告)日：2014-01-02

申请号：US13539848

申请日：2012-07-02

Applicant: Sumit Sarin ,  Sumesh Jaiswal

Inventor： Sumit Sarin ,  Sumesh Jaiswal

IPC: G06F21/24

CPC classification number: G06F21/50 ,  G06F21/53 ,  G06F21/55 ,  G06F21/556 ,  G06F2221/2101 ,  G06F2221/2149

Abstract: A data loss prevention (DLP) manager running on a security virtual machine manages DLP policies for a plurality of guest virtual machines. The DLP manager identifies a startup event of a guest virtual machine, and installs a DLP component in the guest virtual machine. The DLP component communicates with the DLP manager operating within the security virtual machine. The DLP manager also receives file system events from the DLP component, and enforces a response rule associated with the guest virtual machine if the file system event violates a DLP policy.

Abstract translation: 在安全虚拟机上运行的数据丢失预防（DLP）管理器管理多个来宾虚拟机的DLP策略。 DLP管理器识别来宾虚拟机的启动事件，并在guest虚拟机中安装DLP组件。 DLP组件与在安全虚拟机内运行的DLP管理器通信。 DLP管理器还从DLP组件接收文件系统事件，并且如果文件系统事件违反DLP策略，则强制执行与guest虚拟机相关联的响应规则。

公开(公告)号：US20120150773A1

公开(公告)日：2012-06-14

申请号：US13038299

申请日：2011-03-01

Applicant: Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez ,  Sumesh Jaiswal ,  Ashish Aggarwal

Inventor： Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez ,  Sumesh Jaiswal ,  Ashish Aggarwal

IPC: G06F15/18

CPC classification number: G06N99/005 ,  G06F21/6209 ,  G06F2221/2101 ,  G06F2221/2107 ,  G06F2221/2141 ,  G06F2221/2147 ,  G06Q10/0631 ,  H04L63/20

Abstract: A computing device receives a training data set that includes a plurality of positive examples of sensitive data and a plurality of negative examples of sensitive data via a user interface. The computing device analyzes the training data set using machine learning to generate a machine learning-based detection (MLD) profile that can be used to classify new data as sensitive data or as non-sensitive data. The computing device displays a quality metric for the MLD profile in the user interface.

Abstract translation: 计算设备经由用户接口接收包括敏感数据的多个正例子和敏感数据的多个负例子的训练数据集。 计算设备使用机器学习分析训练数据集，以生成可用于将新数据分类为敏感数据或非敏感数据的基于机器学习的检测（MLD）简档。 计算设备在用户界面中显示MLD配置文件的质量度量。

公开(公告)号：US08898779B1

公开(公告)日：2014-11-25

申请号：US13365897

申请日：2012-02-03

Applicant: Sumesh Jaiswal

Inventor： Sumesh Jaiswal

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/00

CPC classification number: H04L67/20 ,  G06F21/00 ,  G06F21/554 ,  G06F21/60 ,  G06F21/6227 ,  H04L63/1408

Abstract: A method and apparatus for identifying information as protected information using a structure is described. A DLP system, incorporating a structure analyzer, monitors outbound data transfers performed by the computing system for violations of a DLP policy. The DLP system analyzes a structure of information contained in an outbound data transfer against a protected structure defined in a DLP policy. The DLP system identifies the information as protected information to be protected by the DLP policy based on the analysis, and, when the information is identified as protected, the DLP system detects a violation of the DLP policy. The protected structure may be derived from document templates, document forms, or from a set of training documents.

Abstract translation: 描述了使用结构将信息识别为受保护信息的方法和装置。 包含结构分析器的DLP系统监视由计算系统执行的违反DLP策略的出站数据传输。 DLP系统根据DLP策略中定义的受保护结构分析出站数据传输中包含的信息结构。 DLP系统基于分析将信息识别为受DLP策略保护的受保护信息，并且当信息被识别为受保护时，DLP系统检测到违反DLP策略。 受保护的结构可以从文档模板，文档形式或从一组训练文档中导出。

公开(公告)号：US08862522B1

公开(公告)日：2014-10-14

申请号：US13326194

申请日：2011-12-14

Applicant: Sumesh Jaiswal ,  Ashish Aggarwal ,  Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez

Inventor： Sumesh Jaiswal ,  Ashish Aggarwal ,  Phillip DiCorpo ,  Shitalkumar S. Sawant ,  Sally Kauffman ,  Alan Dale Galindez

IPC: G06F15/18

CPC classification number: G06F21/6209 ,  G06F2221/2101 ,  G06F2221/2141 ,  G06F2221/2147 ,  H04L63/20

Abstract: A computing device receives a document that was incorrectly classified as sensitive data based on a machine learning-based detection (MLD) profile. The computing device modifies a training data set that was used to generate the MLD profile by adding the document to the training data set as a negative example of sensitive data to generate a modified training data set. The computing device then analyzes the modified training data set using machine learning to generate an updated MLD profile.

Abstract translation: 计算设备基于机器学习检测（MLD）简档接收被错误地分类为敏感数据的文档。 计算设备通过将文档添加到训练数据集作为敏感数据的负面示例来修改用于生成MLD简档的训练数据集，以生成修改的训练数据集。 然后，计算设备使用机器学习来分析修改的训练数据集，以生成更新的MLD轮廓。