Patent · US Active

Recurrent neural network based anomaly detection

US11775637B2 · kind B2 · utility

0Cited by

3References

20Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Heqing Huang · Mahwah, US
Taesung Lee · White Plains, US
Ian M. Molloy · Chappaqua, US
Zhongshu Gu · Ridgewood, US
Jialong Zhang · White Plains, US
Josyula R. Rao · Briarcliff Manor, US

Key dates

Filing date	Mar 14, 2022
Grant date	Oct 3, 2023
Priority date	—
Expiry date	Mar 14, 2042

Classification

Technology area (CPC G)Physics
CPC primaryG06N20/00
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Mechanisms are provided for detecting abnormal system call sequences in a monitored computing environment. The mechanisms receive, from a computing system resource of the monitored computing environment, a system call of an observed system call sequence for evaluation. A trained recurrent neural network (RNN), trained to predict system call sequences, processes the system call to generate a prediction of a subsequent system call in a predicted system call sequence. Abnormal call sequence logic compares the subsequent system call in the predicted system call sequence to an observed system call in the observed system call sequence and identifies a difference between the predicted system call sequence and the observed system call sequence based on results of the comparing. The abnormal call sequence logic generates an alert notification in response to identifying the difference.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.