Real time detection of cyber threats using behavioral analytics
US11386343B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 9, 2017 |
| Grant date | Jul 12, 2022 |
| Priority date | — |
| Expiry date | Oct 18, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0263
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Real time detection of cyber threats using behavioral analytics is disclosed. An example method includes obtaining, in real time, attributes for an entity within a population of entities, the attributes being indicative of entity behavior; building an entity probability model using the attributes and associated values collected over a period of time; and establishing a control portion of the entity probability model associated with a portion of the period of time. The example method includes comparing any of the entity attribute values and the entity probability model for other portions of the period of time to the control portion to identify one or more anomalous differences, and executing a remediation action based thereon. Some embodiments include determining a set comprising the anomalous differences and additional anomalous differences for the entity or the entity's peer group, and calculating the set's overall probability to determine if the entity is malicious.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.