Patent · US Active

Identifying security risks using distributions of characteristic features extracted from a plurality of events

US11411973B2 · kind B2 · utility

1Cited by

64References

17Claims

0Family size

Assignee

Forcepoint LLC · US

Inventors

Eduardo Luiggi · Ellicott City, US
Christopher Poirel · Baltimore, US
Ann Irvine · Baltimore, US

Key dates

Filing date	Dec 11, 2018
Grant date	Aug 9, 2022
Priority date	—
Expiry date	Jun 9, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1433
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method, system and computer-usable medium are disclosed for identifying security risks to a computer system based on a distribution of categorical features of events. Certain embodiments are directed to a computer-implemented method comprising: receiving a stream of events, the stream of events including a plurality of events; extracting a categorical feature from the plurality of events, where the categorical feature includes a set of categorical feature members, where the set of categorical feature members are generated on the fly from string values included in the extracted categorical feature; constructing a distribution for the categorical feature based on categorical feature members extracted from the plurality of events; and, analyzing the distribution of the categorical feature to identify one or more security risk factors.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.