Patent · US Active

Multi-baseline unsupervised security-incident and network behavioral anomaly detection in cloud-based compute environments

US11425149B2 · kind B2 · utility

6Cited by

0References

20Claims

0Family size

Assignee

Rapid7, Inc. · US

Inventors

Nitzan Niv · Nesher, IL
Gad Naor · Tel Aviv-Yafo, IL

Key dates

Filing date	Jan 31, 2019
Grant date	Aug 23, 2022
Priority date	—
Expiry date	Feb 7, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04W12/06
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method and system for detecting anomalous network activity in a cloud-based compute environment. The method comprises receiving configuration data and network activity observations for a set of virtual entities in the cloud-based compute environment; creating a profile for each virtual entity in the set of virtual entities, when the virtual entity does not already have an associated profile; dynamically updating the virtual entity of a profile with the respective network activity observations of the virtual entity; and determining whether anomalies have been detected.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.