Patent · US Active

System and method for determining network security threats

US10412111B2 · kind B2 · utility

1Cited by

2References

21Claims

0Family size

Assignee

eSentire, Inc. · CA

Inventors

Dustin Lundring Rigg Hillard · Seattle, US
Art Munson · Seattle, US
Lawrence Cayton · Seattle, US
Scott Golder · Columbia, US

Key dates

Filing date	Dec 30, 2016
Grant date	Sep 10, 2019
Priority date	—
Expiry date	Dec 30, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

System and methods for determining network threats are disclosed. For each entity operating in a network being monitored for network security, an example method obtains an observed metric value for each metric that characterizes actions performed by the entity. Each observed metric value may be input into a machine learning model that is specific to the metric in order to determine an anomaly score for the observed metric value that represents how anomalous the observed metric value is relative to an expected metric value for the metric. A threat score may then be determined for each entity from the anomaly scores for each metric. A security threat presentation that identifies one or more high-scoring entities according to the threat scores may be generated and provided for display on a user device.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.