×

Insider threat detection

  • US 20080271143A1
  • Filed: 04/24/2007
  • Published: 10/30/2008
  • Est. Priority Date: 04/24/2007
  • Status: Active Grant
First Claim
Patent Images

1. A method for insider threat detection in a network, comprising:

  • monitoring the network to collect network traffic associated with a set of network protocols;

    generating information-use events based on the collected network traffic;

    generating contextual information associated with the network;

    processing the information-use events in view of the generated contextual information to generate alerts for a user of the network when network activity of said user substantially matches one or more types of targeted behaviors;

    processing the generated alerts to determine a threat score for said user.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×