公开(公告)号：US09866568B2

公开(公告)日：2018-01-09

申请号：US15603324

申请日：2017-05-23

Applicant: CyberArk Software Ltd.

Inventor： Matan Hart

IPC: H04L29/06

CPC classification number: H04L63/102 ,  H04L63/08 ,  H04L63/0807 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Described herein are systems and methods for performing detection operations on secure ticket data to detect potentially malicious activity. Embodiments may involve obtaining encrypted data from an encrypted portion of a secure ticket, the obtained encrypted data having been communicated over a network; obtaining a decryption key corresponding to the encrypted data; decrypting the encrypted data using the obtained decryption key to generate decrypted data elements; comparing the decrypted data elements to at least one of known valid data elements and known invalid data elements; and generating an assessment based on the comparison, the assessment identifying whether the secure ticket is indicative of potentially malicious activity in the network.