Anomaly detection based on profile history and peer history,申请号US201313950744-传众专利搜索

首页产品黄页商标征信

会员服务注册登录

法人/股东/高管

发明名称	Anomaly detection based on profile history and peer history
摘要	A method and apparatus for automatic anomaly detection based on profile history and peer history are described. An anomaly detection system collects file-activity data pertaining to file accesses activities in a network share. The system computes file access patterns for the individual users and compares the individual user's file access pattern against a profile history to find a first deviation. The system also identifies a cluster of users from the group based on at least one of user collaborations of individual users of the group or a reporting structure of the group of users. When the first deviation is found, the system compares the user's file access pattern against a peer history of the other individual users in the cluster to find a second deviation. The system reports an anomaly in the file access patterns by the individual user when the first deviation and the second deviation are found.
申请公布号	US9166993(B1)	申请公布日期	2015.10.20
申请号	US201313950744	申请日期	2013.07.25
申请人	SYMANTEC CORPORATION	发明人	Liu Yin
分类号	H04L29/06	主分类号	H04L29/06
代理机构	Lowenstein Sandler LLP	代理人	Lowenstein Sandler LLP
主权项	1. A method comprising: collecting, by an anomaly detection system executing by a processor, file-activity data pertaining to file accesses to files in an identified network share accessed by a group of individual users; computing, by the anomaly detection system, file access patterns for the individual users in the group from the file-activity data; for one of the individual users, comparing the individual user's file access pattern against a profile history of the individual user to find a first deviation in the file accesses by the individual user; identifying, by the anomaly detection system, a cluster of users from the group based on at least one of user collaborations of individual users of the group or a reporting structure of the group of users; when the first deviation is found, comparing the individual user's file access pattern against a peer history of the other individual users in the cluster to find a second deviation; and reporting, by the anomaly detection system, an anomaly in the file access patterns by the individual user when the first deviation and the second deviation are found.
地址	Mountain View CA US

您可能感兴趣的专利

DESIGN OF SERVICE LINES SYSTEM

INTERNAL COMBUSTION ENGINE

ROTOR INTERNAL COMBUSTION ENGINE

METHOD FOR ROCK BREAKING BY BLASTING

COMPOUND FOR TREATMENT OF BOTTOM-HOLE FORMATION ZONE OF GAS-CONDENSATE FIELD

DEVICE FOR CASING CEMENTING

METHOD FOR ISOLATION OF LOST-CIRCULATION FORMATIONS IN WELLS AND DEVICE FOR ITS REALIZATION

CONTROLLED DEFLECTING TOOL FOR WELL DIRECTIONAL DRILLING

STITCHING MACHINE SLIPPING BEARING, MAINLY NEEDLE-CARRIER

METHOD FOR PROCESSING MOLYBDENITE CONCENTRATES

METHOD OF MAGNESIUM PRODUCING FROM ITS OXIDE

METHOD FOR STORAGE OF TAILINGS

METHOD FOR COAL UNDERGROUND GASIFICATION

METHOD FOR FREEING OF STUCK STRING

METAL GRAIN STORAGE

APPARATUS FOR PRODUCING SORPTION-ACTIVE FIBROUS CARBON-CONTAINING MATERIAL

CORROSION-RESISTANT STEEL

NICKEL-BASE CASTING ALLOY

LUBRICANT-COOLING LIQUID FOR POLISHING OF ALUMINIUM AND ITS ALLOYS