Apparatuses, methods, and computer program products for programmatically parsing, classifying, and labeling data objects
US-2022207163-A1 · Jun 30, 2022 · US
Behavioral modeling for dynamic security control applications
US12470498B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12470498-B2 |
| Application number | US-202318374375-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 28, 2023 |
| Priority date | Sep 28, 2023 |
| Publication date | Nov 11, 2025 |
| Grant date | Nov 11, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Baseline data characterizing actions of one or more computing resources associated with one or more entities is received. One or more functional roles performed by the one or more computing resources are identified using a machine learning model, wherein the baseline data is provided as input to the machine learning model. A security-related control to be applied to the one or more computing resources is identified based on the one or more functional roles. The security-related control is applied to the one or more computing resources.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: receiving, by a processing device, baseline data characterizing actions of one or more computing resources associated with one or more entities; identifying, using a machine learning model, one or more functional roles performed by the one or more computing resources, wherein the baseline data is provided as input to the machine learning model; identifying, based on the one or more functional roles, a security-related control to be applied to the one or more computing resources; applying the security-related control to the one or more computing resources; monitoring one or more actions of the one or more computing resources with the security-related control applied thereon; and responsive to detecting that an action of the one or more actions is incompatible with the one or more functional roles performed by the one or more computing resources, causing a remedial action to be performed with respect to the one or more computing resources. 2 . The method of claim 1 , wherein the machine learning model is trained to predict, based on given data associated with previous actions of the one or more computing resources, the one or more functional roles performed by the one or more computing resources. 3 . The method of claim 1 , wherein the baseline data characterizing the actions of the one or more computing resources is based on at least one of network traffic originated by the one or more computing resources, or network traffic received by the one or more computing resources. 4 . The method of claim 1 , wherein identifying, based on the one or more functional roles, the security-related control to be applied to the one or more computing resources comprises: identifying, for the one or more functional roles, one or more associated security-related rules; and determining, according to the one or more associated security-related rules, the security-related control to be applied to the one or more computing resources. 5 . The method of claim 4 , wherein the one or more associated security-related rules is specified by a user associated with the one or more entities. 6 . The method of claim 1 , wherein identifying, based on the one or more functional roles, the security-related control to be applied to the one or more computing resources comprises: identifying, using a second machine learning model, the security-related control to be applied to the one or more computing resources, wherein the one or more functional roles and the baseline data characterizing the actions of the one or more computing resources are provided as input to the second machine learning model. 7 . The method of claim 1 , wherein causing the remedial action to be performed with respect to the one or more computing resources further comprises: performing the remedial action to the one or more computing resources. 8 . The method of claim 7 , wherein detecting that the action of the one or more actions is incompatible with the one or more functional roles performed by the one or more computing resources comprises determining that the action is not included in a set of actions associated with the one or more functional roles, wherein the set of actions associated with the one or more functional roles is derived from the baseline data characterizing the actions of the one or more computing resources. 9 . The method of claim 7 , wherein detecting that the action of the one or more actions is incompatible with the one or more functional roles performed by the one or more computing resources comprises determining that the action does not satisfy one or more compliance requirements associated with the one or more functional roles. 10 . A system comprising: a memory device; and a processing device coupled to the memory device, the processing device to perform operations comprising: receiving, by a processing device, baseline data characterizing actions of one or more computing resources associated with one or more entities; identifying, using a machine learning model, one or more functional roles performed by the one or more computing resources, wherein the baseline data is provided as input to the machine learning model; identifying, based on the one or more functional roles, a security-related control to be applied to the one or more computing resources; applying the security-related control to the one or more computing resources; monitoring one or more actions of the one or more computing resources with the security-related control applied thereon; and responsive to detecting that an action of the one or more actions is incompatible with the one or more functional roles performed by the one or more computing resources, causing a remedial action to be performed with respect to the one or more computing resources. 11 . The system of claim 10 , wherein the machine learning model is trained to predict, based on given data associated with previous actions of the one or more computing resources, the one or more functional roles performed by the one or more computing resources. 12 . The system of claim 10 , wherein the baseline data characterizing the actions of the one or more computing resources is based on at least one of network traffic originated by the one or more computing resources, or network traffic received by the one or more computing resources. 13 . The system of claim 10 , wherein to identify, based on the one or more functional roles, the security-related control to be applied to the one or more computing resources, the processing device is to perform operations comprising: identifying, for the one or more functional roles, one or more associated security-related rules; and determining, according to the one or more associated security-related rules, the security-related control to be applied to the one or more computing resources. 14 . The system of claim 10 , wherein to identify, based on the one or more functional roles, the security-related control to be applied to the one or more computing resources, the processing device is to perform operations comprising: identifying, using a second machine learning model, the security-related control to be applied to the one or more computing resources, wherein the one or more functional roles and the baseline data characterizing the actions of the one or more computing resources are provided as input to the second machine learning model. 15 . The system of claim 10 , wherein causing the remedial action to be performed with respect to the one or more computing resources further comprises: performing the remedial action to the one or more computing resources. 16 . A non-transitory computer-readable medium comprising instructions that, when executed by a processing device, cause the processing device to perform operations comprising: receiving, by a processing device, baseline data characterizing actions of one or more computing resources associated with one or more entities; identifying, using a machine learning model, one or more functional roles performed by the one or more computing resources, wherein the baseline data is provided as input to the machine learning model; identifying, based on the one or more functional roles, a security-related control to be applied to the one or more computing resources; applying the security-related control to the one or more computing resources; monitoring one or more actions of the one or more computing resources with the security-related control applied thereon; and responsive to detecting that an action of the one or more actions is incompatible
Assignees
Inventors
Classifications
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
- H04L47/801Primary
Real time traffic · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12470498B2 cover?
- Baseline data characterizing actions of one or more computing resources associated with one or more entities is received. One or more functional roles performed by the one or more computing resources are identified using a machine learning model, wherein the baseline data is provided as input to the machine learning model. A security-related control to be applied to the one or more computing re…
- Who is the assignee on this patent?
- Google Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 11 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).