Computer telemetry analysis
US10430581B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 22, 2016 |
| Grant date | Oct 1, 2019 |
| Priority date | — |
| Expiry date | Jul 13, 2037 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/034
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Methods, systems, and apparatus, including computer programs encoded on computer storage media, for analyzing telemetry to detect anomalous activity. One of the methods includes accessing data describing a telemetry tree that includes a plurality of nodes and edges; querying, for each of the edges in the telemetry tree using at least one value for the edge from a number of values, historical telemetry data that quantifies an anomaly score for each value to determine whether a relationship indicated by the edge in the telemetry tree represents a potentially malicious relationship; and performing an action using a result of the querying of the historical telemetry data that indicates whether one of the anomaly scores indicates that the relationship indicated by the edge in the telemetry tree represents a potentially malicious relationship.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.