×

MALICIOUS ACTIVITY DETECTION ON A COMPUTER NETWORK AND NETWORK METADATA NORMALISATION

  • US 20180248902A1
  • Filed: 08/30/2016
  • Published: 08/30/2018
  • Est. Priority Date: 08/28/2015
  • Status: Abandoned Application
First Claim
Patent Images

1. A method for identifying abnormal user interactions within one or more monitored computer networks, comprising the steps of:

  • receiving metadata from one or more devices within the one or more monitored computer networks;

    identifying from the metadata events corresponding to a plurality of user interactions with the monitored computer networks;

    extracting relevant parameters from the metadata and mapping said relevant parameters to a common data schema, thereby creating normalised user interaction data;

    storing the normalised user interaction event data from the identified said events corresponding to a plurality of user interactions with the monitored computer networks;

    testing the normalised user interaction event data against a probabilistic model of expected user interactions to identify abnormal user interactions; and

    updating said probabilistic model from said stored user interaction event data.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×