Performing cybersecurity operations based on impact scores of computing events over a rolling time interval
US11689545B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 16, 2021 |
| Grant date | Jun 27, 2023 |
| Priority date | — |
| Expiry date | Dec 16, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The disclosure herein describes automatically performing security operations associated with a client system based on aggregated event impact scores of computing events during a rolling time interval. Event data is obtained, wherein the event data is from a plurality of computing devices of the client system associated with computing events occurring during a time interval after an endpoint of the rolling time interval. Event impact scores are calculated for the computing events of the obtained event data over the time interval based at least on cardinality estimation. The calculated event impact scores are merged into the set of aggregated event impact scores associated with the rolling time interval and event impact scores associated with an expired time interval are removed from the set of aggregated event impact scores. Based on the set of aggregated event impact scores, at least one security operation is performed for at least one computing event.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.