Patent · US Active

Detection of anomalous events

US9361463B2 · kind B2 · utility

17Cited by

3References

30Claims

0Family size

Assignee

UT-BATTELLE, LLC · US

Inventors

Erik M. Ferragut · Oak Ridge, US
Jason A. Laska · Oak Ridge, US
Robert A. Bridges · Oak Ridge, US

Key dates

Filing date	Dec 11, 2013
Grant date	Jun 7, 2016
Priority date	—
Expiry date	Dec 26, 2033

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A system is described for receiving a stream of events and scoring the events based on anomalousness and maliciousness (or other classification). The system can include a plurality of anomaly detectors that together implement an algorithm to identify low-probability events and detect atypical traffic patterns. The anomaly detector provides for comparability of disparate sources of data (e.g., network flow data and firewall logs.) Additionally, the anomaly detector allows for regulatability, meaning that the algorithm can be user configurable to adjust a number of false alerts. The anomaly detector can be used for a variety of probability density functions, including normal Gaussian distributions, irregular distributions, as well as functions associated with continuous or discrete variables.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.