logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 10339309 B1

PDFFull Text
Date of Patent:
Jul. 02, 2019

Filed:

Jun. 09, 2017

System for identifying anomalies in an information system

Applicant:

Bank of America Corporation, Charlotte, NC (US);

Inventors:

John Howard Kling, Cincinnati, OH (US);

Mark Earl Brubaker, Simi Valley, CA (US);

Ronald James Kuhlmeier, Simi Valley, CA (US);

Brian D. Diederich, Simi Valley, CA (US);

Brandon Matthew Sloane, Santa Barbara, CA (US);

Rachel Yun Kim Bierner, Los Angeles, CA (US);

Cora Yan Quon, Los Angeles, CA (US);

Assignee:

Bank of America Corporation, Charlotte, NC (US);

Attorneys:

Michael A. Springs

Moore & Van Allen PLLC

Peter B. Stewart

Primary Examiner:

Jason K Gee

Assistant Examiner:

Ka Shan Choy

Int. Cl.
CPC ...
G06F 21/00 (2013.01); G06F 21/55 (2013.01); G06F 16/28 (2019.01); G06F 16/901 (2019.01);
U.S. Cl.
CPC ...
G06F 21/554 (2013.01); G06F 16/285 (2019.01); G06F 16/9024 (2019.01); G06F 2221/034 (2013.01);
Abstract

A system for identifying anomalies in an information system is typically configured for: collecting information regarding a hierarchy of capabilities, a hierarchy of resources, capability instances, and resource instances of the information system; storing, in a graph database, nodes corresponding to the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting information regarding relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; defining, in the graph database, edges corresponding to the relationships among the hierarchy of capabilities, hierarchy of resources, capability instances, and resource instances; collecting event and/or state data for the information system; comparing the event and/or state data to the graph database and determining that an event and/or state is anomalous; and, in response to determining that the event and/or state is anomalous, taking an information security action.

Find Patent Forward Citations

Loading…