Derek Lin
42Patents
16h-index
27Co-inventors
77Inventor score
Filing activity: Feb 28, 2011 → Feb 16, 2023
Most-cited inventions
| Patent | Title | Area | Cited by | Status |
|---|---|---|---|---|
| US9112895B1 | Anomaly detection system for enterprise network security | Electricity | 252 | Active |
| US9369479B2 | Detection of malware beaconing activities | Electricity | 106 | Active |
| US9189623B1 | Historical behavior baseline modeling and anomaly detection in machine generated end to end event log | Electricity | 78 | Active |
| US9038178B1 | Detection of malware beaconing activities | Electricity | 67 | Active |
| US9202052B1 | Dynamic graph anomaly detection framework and scalable system architecture | Physics | 62 | Active |
| US9727723B1 | Recommendation system based approach in reducing false positives in anomaly detection | Electricity | 58 | Active |
| US8479302B1 | Access control via organization charts | Physics | 48 | Active |
| US9479518B1 | Low false positive behavioral fraud detection | Electricity | 44 | Active |
| US8880441B1 | Click stream analysis for fraud detection | Physics | 40 | Active |
| US9060018B1 | Finding command and control center computers by communication link tracking | Electricity | 38 | Active |
| US9503469B2 | Anomaly detection system for enterprise network security | Electricity | 33 | Active |
| US8925058B1 | Authentication involving authentication operations which cross reference authentication factors | Physics | 31 | Active |
| US9898604B2 | Dynamic graph anomaly detection framework and scalable system architecture | Physics | 30 | Active |
| US10496815B1 | System, method, and computer program for classifying monitored assets based on user labels and for detecting potential misuse of monitored assets based on the classifications | Physics | 28 | Active |
| US10645109B1 | System, method, and computer program for detection of anomalous user network activity based on multiple data sources | Physics | 21 | Active |
| US9195826B1 | Graph-based method to detect malware command-and-control infrastructure | Electricity | 20 | Active |
| US9460390B1 | Analyzing device similarity | Physics | 14 | Active |
| US11178168B1 | Self-learning cybersecurity threat detection system, method, and computer program for multi-domain data | Electricity | 14 | Active |
| US11423143B1 | Anomaly detection based on processes executed within a network | Physics | 12 | Active |
| US10841338B1 | Dynamic rule risk score determination in a cybersecurity monitoring system | Electricity | 12 | Active |
| US10178108B1 | System, method, and computer program for automatically classifying user accounts in a computer network based on account behavior | Electricity | 11 | Active |
| US10887325B1 | Behavior analytics system for determining the cybersecurity risk associated with first-time, user-to-entity access alerts | Electricity | 10 | Active |
| US10164995B1 | Determining malware infection risk | Physics | 9 | Active |
| US9804909B1 | Scalable predictive early warning system for data backup event log | Physics | 8 | Active |
| US11431741B1 | Detecting unmanaged and unauthorized assets in an information technology network with a recurrent neural network that identifies anomalously-named assets | Electricity | 8 | Active |
Source: USPTO / EPO open patent data. Inventor disambiguation is heuristic; counts are objective bibliographic measures.