Detecting suspicious file activity
US11799886B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jan 10, 2023 |
| Grant date | Oct 24, 2023 |
| Priority date | — |
| Expiry date | Jan 10, 2043 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/146
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and techniques for detecting suspicious file activity are described herein. System for identifying anomalous data events is adapted to monitor a networked file system and receive an indication of a suspicious event associated with a user and a file. The system is further adapted to perform a pattern of behavior analysis for the user, perform an adjacency by time analysis based on a set of events before the suspicious event and a set of events after the suspicious event, and perform an adjacency by location analysis using a set of files located in a location of the file. The system is further adapted to determine whether the suspicious event is an anomalous event based on the pattern of behavior analysis, the adjacency by time analysis, and the adjacency by location analysis and display a report for the user including the anomalous event.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.