Patent · US Active

Anomaly alert system for cyber threat detection

US11470103B2 · kind B2 · utility

1Cited by

22References

18Claims

0Family size

Assignee

Darktrace Holdings Limited · GB

Inventors

Tom Dean · Cambridge, GB
Jack Stockdale · Cambridge, GB

Key dates

Filing date	May 19, 2020
Grant date	Oct 11, 2022
Priority date	—
Expiry date	Oct 13, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1441
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Disclosed herein is a method for use in detection of anomalous behavior of a device of a computer system. The method is arranged to be performed by a processing system. The method includes deriving values, m1, . . . , mN, of a metric, M, representative of data associated with the device; modeling a distribution of the values; and determining, in accordance with the distribution of the values, the probability of observing a more extreme value of the metric than a given value, m, of the metric, wherein the probability is used to determine whether the device is behaving anomalously. Also disclosed is an equivalent computer readable medium and anomalous behavior detection system.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.