User and entity behavioral analysis with network topology enhancements
US11089045B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 2, 2020 |
| Grant date | Aug 10, 2021 |
| Priority date | — |
| Expiry date | Mar 2, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method for network cybersecurity analysis that uses user and entity behavioral analysis combined with network topology information to provide improved cybersecurity. The system and method involve gathering network entity information, establishing baseline behaviors for each entity, and monitoring each entity for behavioral anomalies that might indicate cybersecurity concerns. Further, the system and method involve incorporating network topology information into the analysis by generating a model of the network, annotating the model with risk and criticality information for each entity in the model and with a vulnerability level between entities, and using the model to evaluate cybersecurity risks to the network. Risks and vulnerabilities associated with user entities may be represented, in part or in whole, by the behavioral analyses and monitoring of those user entities.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.