USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION

Features of the present disclosure solve the above-identified problem by implementing user and entity behavior analytics (UEBA) system to group one or more computer machines into different clusters based on monitored behavior of the one or more computer machines. Specifically, a network device (e.g....

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	RATHEE PRACHI, KOULADJIE KAMBIZ, BLACKBIRD JOSEPH CARL NELSON, THAYER PETER, MANOHAR DEEPAK JAGANNATHAN
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue
container_start_page
container_title
container_volume
creator	RATHEE PRACHI KOULADJIE KAMBIZ BLACKBIRD JOSEPH CARL NELSON THAYER PETER MANOHAR DEEPAK JAGANNATHAN
description	Features of the present disclosure solve the above-identified problem by implementing user and entity behavior analytics (UEBA) system to group one or more computer machines into different clusters based on monitored behavior of the one or more computer machines. Specifically, a network device (e.g., administrator computer system) may monitor the activity of the one or more computer machines for apredetermined time period in order to identify the applications that the computer machines utilize. Based on the clustering and the identifying, the network device may automatically apply different access control policies for different clusters of machines and review those access control policies against future behavior periodically. By clustering machines based on usage behavior patterns and automatically recommending a rule set for deployment, the UEBA system may reduce potential points of failure for cybersecurity breaches. 本公开的特征通过实现用户和实体行为分析(UEBA)系统以基于一个或多个计算机机器的被监测行为来将一个或多个计算机机器分组到不同集群中来解决上述问题。具体地，网络设备(例如，管理员计算
format	Patent
fullrecord	<record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_CN112055854A</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>CN112055854A</sourcerecordid><originalsourceid>FETCH-epo_espacenet_CN112055854A3</originalsourceid><addsrcrecordid>eNqNyrEKwjAQANAsDqL-w_kBglULrme80MOSyOUS6FSKxEm0UP8fHfwAp7e8ueEUSYC8snZwogYzB8EW0GPbRY7ggsBVKH8LKmcCVEV7gZjEoSUQOierHPzSzO7DYyqrnwuzdqS22ZTx1ZdpHG7lWd699VW129b1sT7g_p_zAWLdLX0</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION</title><source>esp@cenet</source><creator>RATHEE PRACHI ; KOULADJIE KAMBIZ ; BLACKBIRD JOSEPH CARL NELSON ; THAYER PETER ; MANOHAR DEEPAK JAGANNATHAN</creator><creatorcontrib>RATHEE PRACHI ; KOULADJIE KAMBIZ ; BLACKBIRD JOSEPH CARL NELSON ; THAYER PETER ; MANOHAR DEEPAK JAGANNATHAN</creatorcontrib><description>Features of the present disclosure solve the above-identified problem by implementing user and entity behavior analytics (UEBA) system to group one or more computer machines into different clusters based on monitored behavior of the one or more computer machines. Specifically, a network device (e.g., administrator computer system) may monitor the activity of the one or more computer machines for apredetermined time period in order to identify the applications that the computer machines utilize. Based on the clustering and the identifying, the network device may automatically apply different access control policies for different clusters of machines and review those access control policies against future behavior periodically. By clustering machines based on usage behavior patterns and automatically recommending a rule set for deployment, the UEBA system may reduce potential points of failure for cybersecurity breaches. 本公开的特征通过实现用户和实体行为分析(UEBA)系统以基于一个或多个计算机机器的被监测行为来将一个或多个计算机机器分组到不同集群中来解决上述问题。具体地，网络设备(例如，管理员计算</description><language>chi ; eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20201208&DB=EPODOC&CC=CN&NR=112055854A$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20201208&DB=EPODOC&CC=CN&NR=112055854A$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>RATHEE PRACHI</creatorcontrib><creatorcontrib>KOULADJIE KAMBIZ</creatorcontrib><creatorcontrib>BLACKBIRD JOSEPH CARL NELSON</creatorcontrib><creatorcontrib>THAYER PETER</creatorcontrib><creatorcontrib>MANOHAR DEEPAK JAGANNATHAN</creatorcontrib><title>USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION</title><description>Features of the present disclosure solve the above-identified problem by implementing user and entity behavior analytics (UEBA) system to group one or more computer machines into different clusters based on monitored behavior of the one or more computer machines. Specifically, a network device (e.g., administrator computer system) may monitor the activity of the one or more computer machines for apredetermined time period in order to identify the applications that the computer machines utilize. Based on the clustering and the identifying, the network device may automatically apply different access control policies for different clusters of machines and review those access control policies against future behavior periodically. By clustering machines based on usage behavior patterns and automatically recommending a rule set for deployment, the UEBA system may reduce potential points of failure for cybersecurity breaches. 本公开的特征通过实现用户和实体行为分析(UEBA)系统以基于一个或多个计算机机器的被监测行为来将一个或多个计算机机器分组到不同集群中来解决上述问题。具体地，网络设备(例如，管理员计算</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyrEKwjAQANAsDqL-w_kBglULrme80MOSyOUS6FSKxEm0UP8fHfwAp7e8ueEUSYC8snZwogYzB8EW0GPbRY7ggsBVKH8LKmcCVEV7gZjEoSUQOierHPzSzO7DYyqrnwuzdqS22ZTx1ZdpHG7lWd699VW129b1sT7g_p_zAWLdLX0</recordid><startdate>20201208</startdate><enddate>20201208</enddate><creator>RATHEE PRACHI</creator><creator>KOULADJIE KAMBIZ</creator><creator>BLACKBIRD JOSEPH CARL NELSON</creator><creator>THAYER PETER</creator><creator>MANOHAR DEEPAK JAGANNATHAN</creator><scope>EVB</scope></search><sort><creationdate>20201208</creationdate><title>USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION</title><author>RATHEE PRACHI ; KOULADJIE KAMBIZ ; BLACKBIRD JOSEPH CARL NELSON ; THAYER PETER ; MANOHAR DEEPAK JAGANNATHAN</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_CN112055854A3</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>chi ; eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>RATHEE PRACHI</creatorcontrib><creatorcontrib>KOULADJIE KAMBIZ</creatorcontrib><creatorcontrib>BLACKBIRD JOSEPH CARL NELSON</creatorcontrib><creatorcontrib>THAYER PETER</creatorcontrib><creatorcontrib>MANOHAR DEEPAK JAGANNATHAN</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>RATHEE PRACHI</au><au>KOULADJIE KAMBIZ</au><au>BLACKBIRD JOSEPH CARL NELSON</au><au>THAYER PETER</au><au>MANOHAR DEEPAK JAGANNATHAN</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION</title><date>2020-12-08</date><risdate>2020</risdate><abstract>Features of the present disclosure solve the above-identified problem by implementing user and entity behavior analytics (UEBA) system to group one or more computer machines into different clusters based on monitored behavior of the one or more computer machines. Specifically, a network device (e.g., administrator computer system) may monitor the activity of the one or more computer machines for apredetermined time period in order to identify the applications that the computer machines utilize. Based on the clustering and the identifying, the network device may automatically apply different access control policies for different clusters of machines and review those access control policies against future behavior periodically. By clustering machines based on usage behavior patterns and automatically recommending a rule set for deployment, the UEBA system may reduce potential points of failure for cybersecurity breaches. 本公开的特征通过实现用户和实体行为分析(UEBA)系统以基于一个或多个计算机机器的被监测行为来将一个或多个计算机机器分组到不同集群中来解决上述问题。具体地，网络设备(例如，管理员计算</abstract><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier
ispartof
issn
language	chi ; eng
recordid	cdi_epo_espacenet_CN112055854A
source	esp@cenet
subjects	CALCULATING COMPUTING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY PHYSICS TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title	USER ENTITY BEHAVIORAL ANALYSIS FOR PREVENTATIVE ATTACK SURFACE REDUCTION
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T16%3A05%3A01IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=RATHEE%20PRACHI&rft.date=2020-12-08&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3ECN112055854A%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true