Patent · US Active

Real-time threat alert forensic analysis

US11275832B2 · kind B2 · utility

1Cited by

3References

18Claims

0Family size

Assignee

NEC CORPORATION · JP

Inventors

Ding Li · Superior, US
Kangkook Jee · Princeton, US
Zhichun Li · Princeton, US
Zhengzhang Chen · Princeton Junction, US
Xiao Yu · Princeton, US

Key dates

Filing date	Feb 4, 2020
Grant date	Mar 15, 2022
Priority date	—
Expiry date	Jun 6, 2040

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Methods and systems for security monitoring and response include assigning an anomaly score to each of a plurality of event paths that are stored in a first memory. Events that are cold, events that are older than a threshold, and events that are not part of a top-k anomalous path are identified. The identified events are evicted from the first memory to a second memory. A threat associated with events in the first memory is identified. A security action is performed responsive to the identified threat.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.