Patent · US Active

Graph-based user tracking and threat detection

US10419469B1 · kind B1 · utility

95Cited by

17References

33Claims

0Family size

Assignee

Lacework, Inc. · US

Inventors

Harish Kumar Bharat Singh · Mountain View, US
Vikram Kapoor · Cupertino, US
Murat Bog · Fremont, US
Yijou Chen · Cupertino, US

Key dates

Filing date	Sep 18, 2018
Grant date	Sep 17, 2019
Priority date	—
Expiry date	Sep 18, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F16/2456
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Log data associated with at least one user session associated with an original user is received. A logical graph is generated using at least a portion of the received log data. One example of such a logical graph is a privilege change graph that models privilege changes between processes. Another example of such a logical graph is a user login graph that models machines with which the original user interacts. Another example of such a logical graph is a machine-server graph that clusters machines into nodes based on resources executing on the machine. The generated logical graph is used to detect an anomaly. The detected anomaly is recorded.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.