Patent · US Active

Systems and methods for identifying attack patterns or suspicious activity in client networks

US11588834B2 · kind B2 · utility

2Cited by

94References

16Claims

0Family size

Assignee

Secureworks Corp. · US

Inventors

William Parke Bowditch · Edinburgh, GB
Raul Garcia Calvo · Edinburgh, GB
John M. Nicholas · Fairfax, US
Tomasz Sarota-Raczek · Naperville, US
Radoslaw Gasiorek · Edinburgh, GB

Key dates

Filing date	Sep 3, 2020
Grant date	Feb 21, 2023
Priority date	—
Expiry date	May 13, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/10
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Systems and methods for identifying attack patterns or suspicious activity can include a profile builder, a primitive creator, and a compromise detector. The profile builder can populate one or more baseline activity profiles for each client of the plurality of clients or entities associated therewith. The primitive creator can create primitives by comparing identified or extracted features to information in the one or more baseline activity profiles. The compromise detector can receive primitives, and based on identified combinations or sequences of primitives, generate compromise events to be provided to clients.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.