| 发明名称 |
DATA MINING ALGORITHMS ADOPTED FOR TRUSTED EXECUTION ENVIRONMENT |
| 摘要 |
Distributed systems for protecting networked computer assets from compromise are disclosed. The distributed system includes one or more enterprise event sources, such as endpoint(s). The system also includes a server, such as a Big Data Analytics server, and optionally a security management server such as a Security Information and Event Management server. The Big Data Analytics server processes data collected from the enterprise event sources and produces behavioral profile models for each endpoint (or group of similar endpoints). The profiles, models, and ontology analysis are provided to the endpoints. Endpoint analytics use the output from the analytics servers to detect deviations from the endpoint's behavioral profile. |
| 申请公布号 |
US2017054738(A1) |
申请公布日期 |
2017.02.23 |
| 申请号 |
US201414498266 |
申请日期 |
2014.09.26 |
| 申请人 |
McAfee Inc. |
发明人 |
Avidan Yaniv;Nayshtut Alex;Muttik Igor;Ben-Shalom Omer |
| 分类号 |
H04L29/06;G06F17/30 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A machine-readable medium, on which are stored instructions, comprising instructions that when executed cause a machine to:
create an endpoint behavioral profile and an endpoint ontology model for a plurality of endpoints; transmit the endpoint behavioral profile and endpoint ontology model to an endpoint of the plurality of endpoints; receive security event data from the endpoint; and update the endpoint ontology model based on the received security event data. |
| 地址 |
Santa Clara CA US |
