发明名称 |
Systems and Methods for Automated Memory and Thread Execution Anomaly Detection in a Computer Network |
摘要 |
Systems and methods are provided for detecting an anomaly in a computer that is part of a population of networked computers. Snapshots are received from a plurality of computers within the population of computers, where individual snapshots include a state of assets and runtime processes of a respective computer. An asset normalization model is generated from the snapshots and serves as a baseline model for detecting an anomaly in the state of assets and runtime processes of a respective computer. A snapshot from at least one of the computers is compared to the asset normalization model in order to determine whether an anomaly is present in a state of static assets and runtime processes of the at least one of the computers. |
申请公布号 |
US2014068326(A1) |
申请公布日期 |
2014.03.06 |
申请号 |
US201213605445 |
申请日期 |
2012.09.06 |
申请人 |
QUINN MITCHELL N.;TRIUMFANT, INC. |
发明人 |
QUINN MITCHELL N. |
分类号 |
G06F11/34;G06F11/07 |
主分类号 |
G06F11/34 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|