Intelligent security management

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Alexander Watson · Severn, US
• Daniel Brim · Seattle, US
• Christopher Simmons · Catoosa, US
• Paul Radulovic · Seattle, US
• Tyler Stuart Bray · San Diego, US
• Jennifer Anne Brinkley · Portland, US
• Eric Johnson · Santa Clara, US
• Victor Chin · Bellevue, US
• Jack Rasgaitis · San Diego, US
• Nai Qin Cai · Seattle, US
• Michael L. Gough · Quincy, US
• Max Anger · Seattle, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06N3/084
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A corpus of documents (and other data objects) stored for an entity can be analyzed to determine one or more topics for each document. Elements of the documents can be analyzed to also assign a risk score. The types of topics and security elements, and the associated risk scores, can be learned and adapted over time using, for example, a topic model and random forest regressor. Activity with respect to the documents is monitored, and expected behavior for a user determined using a trained recurrent neural network. Ongoing user activity is processed to determine whether the activity excessively deviates from the expected user activity. The activity can also be compared against the activity of user peers to determine whether the activity is also anomalous among the user peer group. For anomalous activity, risk scores of the accessed documents can be analyzed to determine whether to generate an alert.