Features generation for use in computer network intrusion detection
1. Field of the Invention Detecting harmful or illegal intrusions into a computer network or into restricted portions of a computer network uses a features generator or builder to generate a feature reflecting changes in user and user group behavior over time. User and user group historical means an...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Diep, Thanh A Botros, Sherif M Izenson, Martin D |
| description | 1. Field of the Invention
Detecting harmful or illegal intrusions into a computer network or into restricted portions of a computer network uses a features generator or builder to generate a feature reflecting changes in user and user group behavior over time. User and user group historical means and standard deviations are used to generate a feature that is not dependent on rigid or static rule sets. These statistical and historical values are calculated by accessing user activity data listing activities performed by users on the computer system. Historical information is then calculated based on the activities performed by users on the computer system. The feature is calculated using the historical information based on the user or group of users activities. The feature is then utilized by a model to obtain a value or score which indicates the likelihood of an intrusion into the computer network. The historical values are adjusted according to shifts in normal behavior of users of the computer system. This allows for calculation of the feature to reflect changing characteristics of the users on the computer system. |
| format | Patent |
| fullrecord | <record><control><sourceid>uspatents_EFH</sourceid><recordid>TN_cdi_uspatents_grants_06671811</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>06671811</sourcerecordid><originalsourceid>FETCH-uspatents_grants_066718113</originalsourceid><addsrcrecordid>eNqNyksKwkAQRdGeOBB1D7UBwUaIzkOCC3AuRXwJQa0O9cHta4MLcHThctap7cEeCqMJAmWfi9BYlMJAs9BQXks4lAT-Lvr4Ptewqu5wDNVv02rkp2H36yZR313byz5sYYe43SblmkPTnPI55-Mf5AOPlTQN</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Features generation for use in computer network intrusion detection</title><source>USPTO Issued Patents</source><creator>Diep, Thanh A ; Botros, Sherif M ; Izenson, Martin D</creator><creatorcontrib>Diep, Thanh A ; Botros, Sherif M ; Izenson, Martin D ; Visa Internation Service Association</creatorcontrib><description>1. Field of the Invention
Detecting harmful or illegal intrusions into a computer network or into restricted portions of a computer network uses a features generator or builder to generate a feature reflecting changes in user and user group behavior over time. User and user group historical means and standard deviations are used to generate a feature that is not dependent on rigid or static rule sets. These statistical and historical values are calculated by accessing user activity data listing activities performed by users on the computer system. Historical information is then calculated based on the activities performed by users on the computer system. The feature is calculated using the historical information based on the user or group of users activities. The feature is then utilized by a model to obtain a value or score which indicates the likelihood of an intrusion into the computer network. The historical values are adjusted according to shifts in normal behavior of users of the computer system. This allows for calculation of the feature to reflect changing characteristics of the users on the computer system.</description><language>eng</language><creationdate>2003</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/6671811$$EPDF$$P50$$Guspatents$$Hfree_for_read</linktopdf><link.rule.ids>230,308,776,798,881,64012</link.rule.ids><linktorsrc>$$Uhttps://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/6671811$$EView_record_in_USPTO$$FView_record_in_$$GUSPTO$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Diep, Thanh A</creatorcontrib><creatorcontrib>Botros, Sherif M</creatorcontrib><creatorcontrib>Izenson, Martin D</creatorcontrib><creatorcontrib>Visa Internation Service Association</creatorcontrib><title>Features generation for use in computer network intrusion detection</title><description>1. Field of the Invention
Detecting harmful or illegal intrusions into a computer network or into restricted portions of a computer network uses a features generator or builder to generate a feature reflecting changes in user and user group behavior over time. User and user group historical means and standard deviations are used to generate a feature that is not dependent on rigid or static rule sets. These statistical and historical values are calculated by accessing user activity data listing activities performed by users on the computer system. Historical information is then calculated based on the activities performed by users on the computer system. The feature is calculated using the historical information based on the user or group of users activities. The feature is then utilized by a model to obtain a value or score which indicates the likelihood of an intrusion into the computer network. The historical values are adjusted according to shifts in normal behavior of users of the computer system. This allows for calculation of the feature to reflect changing characteristics of the users on the computer system.</description><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2003</creationdate><recordtype>patent</recordtype><sourceid>EFH</sourceid><recordid>eNqNyksKwkAQRdGeOBB1D7UBwUaIzkOCC3AuRXwJQa0O9cHta4MLcHThctap7cEeCqMJAmWfi9BYlMJAs9BQXks4lAT-Lvr4Ptewqu5wDNVv02rkp2H36yZR313byz5sYYe43SblmkPTnPI55-Mf5AOPlTQN</recordid><startdate>20031230</startdate><enddate>20031230</enddate><creator>Diep, Thanh A</creator><creator>Botros, Sherif M</creator><creator>Izenson, Martin D</creator><scope>EFH</scope></search><sort><creationdate>20031230</creationdate><title>Features generation for use in computer network intrusion detection</title><author>Diep, Thanh A ; Botros, Sherif M ; Izenson, Martin D</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-uspatents_grants_066718113</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2003</creationdate><toplevel>online_resources</toplevel><creatorcontrib>Diep, Thanh A</creatorcontrib><creatorcontrib>Botros, Sherif M</creatorcontrib><creatorcontrib>Izenson, Martin D</creatorcontrib><creatorcontrib>Visa Internation Service Association</creatorcontrib><collection>USPTO Issued Patents</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Diep, Thanh A</au><au>Botros, Sherif M</au><au>Izenson, Martin D</au><aucorp>Visa Internation Service Association</aucorp><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Features generation for use in computer network intrusion detection</title><date>2003-12-30</date><risdate>2003</risdate><abstract>1. Field of the Invention
Detecting harmful or illegal intrusions into a computer network or into restricted portions of a computer network uses a features generator or builder to generate a feature reflecting changes in user and user group behavior over time. User and user group historical means and standard deviations are used to generate a feature that is not dependent on rigid or static rule sets. These statistical and historical values are calculated by accessing user activity data listing activities performed by users on the computer system. Historical information is then calculated based on the activities performed by users on the computer system. The feature is calculated using the historical information based on the user or group of users activities. The feature is then utilized by a model to obtain a value or score which indicates the likelihood of an intrusion into the computer network. The historical values are adjusted according to shifts in normal behavior of users of the computer system. This allows for calculation of the feature to reflect changing characteristics of the users on the computer system.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_uspatents_grants_06671811 |
| source | USPTO Issued Patents |
| title | Features generation for use in computer network intrusion detection |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-01T04%3A23%3A25IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-uspatents_EFH&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Diep,%20Thanh%20A&rft.aucorp=Visa%20Internation%20Service%20Association&rft.date=2003-12-30&rft_id=info:doi/&rft_dat=%3Cuspatents_EFH%3E06671811%3C/uspatents_EFH%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |