System, method, and computer program for automatically classifying user accounts in a computer network using keys from an identity management system

Assignee

• Exabeam, Inc. · US

Inventors

• Derek Lin · San Mateo, US
• Barry Steiman · San Ramon, US
• Domingo Mihovilovic · Menlo Park, US
• Sylvain Gil · San Francisco, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/107
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The present disclosure describes a system, method, and computer program for automatically classifying user accounts within an entity's computer network, using machine-based-learning modeling and keys from an identity management system. A system uses supervised machine learning to create a statistical model that maps individual keys or sets of keys to a probability of being associated with a first type of user account (e.g., a service account). To classify an unclassified user account, the system identifies identity management keys associated with the unclassified user account. The system creates an N-dimensional vector from the keys (where N=the number of keys), and uses the vector and the statistical model to calculate a probability that the unclassified user account is the first type of user account. In response to the probability exceeding a first threshold, the system classifies the unclassified user account as the first type of user account.