PATH SCANNING FOR THE DETECTION OF ANOMALOUS SUBGRAPHS, ANOMALY/CHANGE DETECTION AND NETWORK SITUATIONAL AWARENESS

PATH SCANNING FOR THE DETECTION OF ANOMALOUS SUBGRAPHS, ANOMALY/CHANGE DETECTION AND NETWORK SITUATIONAL AWARENESS

A computer-implemented method (600), comprising:collecting (620) data, by a computing system (102), from a plurality of host agents pertaining to network communications sent and received by respective hosts in a network;analyzing (630), by the computing system, the collected data to detect anomalous...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: NEIL, JOSHUA, CHARLES, BRUGH, ALEXANDER, WILLIAM, KENT, ALEXANDER, STORLIE, CURTIS, BYRON, UPHOFF, BENJAMIN, HASH, CURTIS, LEE, JR, FISK, MICHAEL, EDWARD
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A computer-implemented method (600), comprising:collecting (620) data, by a computing system (102), from a plurality of host agents pertaining to network communications sent and received by respective hosts in a network;analyzing (630), by the computing system, the collected data to detect anomalous behavior during a predetermined time period by applying a statistical model to a plurality of-paths in a graph on a sliding window basis; andwhen anomalous behavior is detected, providing (660), by the computing system (102), an indication that the anomalous behavior occurred during the predetermined time period.