Facility for detecting intruders and suspect callers in a computer installation and a security system including such a facility

Assignee

• Alcatel Alsthom Compagnie Generale d'Electricite · FR

Inventors

• Jean-Marc Lermuzeaux · Saint-Michel-sur-Orge, FR
• Thierry Emery · Arpajon, FR
• Patrice Gonthier · Antony, FR

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2101
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A facility for detecting intrusions and suspect users in a computer installation, and a security system incorporating such a facility that makes use of surveillance data relating to the operation of the installation. The facility includes elements for modelling the computer installation, its users, and their respective behavior with the help of a semantic network; elements for comparing the modellized behavior of the system and of its users relative to modellized normal behavior; elements for interpreting observed anomalies in terms of intrusions and of intrusion hypothesis; elements for interpreting observed intrusion hypotheses and intrusions in order to indicate them and enable restraint actions to be prepared. Elements are provided to evaluate the degree of suspicion of users. The elements co-operate with one another for the purpose of providing information.