The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jun. 16, 2020
Filed:
Sep. 28, 2017
Symantec Corporation, Mountain View, CA (US);
Saurabh Shintre, Sunnyvale, CA (US);
Sandeep Bhatkar, Sunnyvale, CA (US);
Ashwin Kumar Kayyoor, Sunnyvale, CA (US);
NortonLifeLock Inc., Tempe, AZ (US);
Abstract
A method for insider threat detection under user-resource bi-partite graphs is described. A computing device evaluates a bi-partite mapping of a set of users and a set of files, and performs a random-walk procedure initiating from a selected user of the set of users. The computing device computes a probability distribution associated with the access frequency of each alternate user and file of the random-walk procedure, and compares the probability distribution to one or more distributions associated with temporal periods prior to the initiated procedure. Based on the comparison, the computing device identifies points of maximum variance of the distribution. The computing device identifies the files of the set of files and users of the set of users associated with the points of maximum variance and access raw data to identify activity associated with the selected user and the identified resources.