×

Method and system for detecting unusual events and application thereof in computer intrusion detection

  • US 20020082886A1
  • Filed: 12/27/2000
  • Published: 06/27/2002
  • Est. Priority Date: 09/06/2000
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of processing event to detect the occurrence of unusual events, said method comprising the steps of:

  • receiving a historical event data set;

    classifying all events in said historical event data set according to a context in which they occurred;

    performing pattern analysis on said historical event data set with context classifications to generate frequent event patterns;

    comparing said frequent event patterns to a current event data set and to their context classification to identify unexpected event occurrences or unexpected event absences in said current event data set; and

    outputting an unusual event indication whenever an unexpected event occurrence or unexpected event absence is identified.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×