Patent · US Active

Data-driven alert prioritization

US9601000B1 · kind B1 · utility

48Cited by

2References

23Claims

0Family size

Assignee

EMC IP Holding Company LLC · US

Inventors

Eyal Gruss · Herzliya, IL
Alex Vaystikh · Hod HaSharon, IL
Eyal Kolman · Nes Ziona, IL
Alon Kaufman · Herut, IL
Yael Villa · Nes Ziona, IL
Ereli Eran · London, GB

Key dates

Filing date	Sep 27, 2013
Grant date	Mar 21, 2017
Priority date	—
Expiry date	Aug 15, 2035

Classification

Technology area (CPC G)Physics
CPC primaryG06Q20/405
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A technique provides alert prioritization. The technique involves selecting attributes to use as alert scoring factors. The technique further involves updating, for an incoming alert having particular attribute values for the selected attributes, count data to represent encounter of the incoming alert from perspectives of the selected attributes. The technique further involves generating an overall significance score for the incoming alert based on the updated count data. The overall significance score is a measure of alert significance relative to other alerts. Scored alerts then can be sorted so that investigators focus on the alerts with the highest significance scores. Such a technique is well suited for adaptive authentication (AA) and Security Information and Event Management (SIEM) systems among other alert-based systems such as churn analysis systems, malfunction detection systems, and the like.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.