×

Identifying security breaches from clustering properties

  • US 20170295189A1
  • Filed: 04/11/2016
  • Published: 10/12/2017
  • Est. Priority Date: 04/11/2016
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of identifying security breaches in a computer system comprising:

  • monitoring behavior of users or resources of at least one computer system and storing information on the monitored behaviors;

    analyzing the stored information on the monitored behaviors to generate clusters and train clustering models;

    receiving information relating to labeling to a user or resource;

    determining and scoring anomalies between a user or resource and at least one cluster to which the user or resource has been assigned;

    detecting a user or resource to be an outlier of at least one cluster to which the user or resource has been assigned; and

    generating an alert indicating detection of the outlier.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×