The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Nov. 10, 2020
Filed:
Apr. 11, 2016
International Business Machines Corporation, Armonk, NY (US);
Allon Adir, Kiryat Tivon, IL;
Ehud Aharoni, Kfar Saba, IL;
Lev Greenberg, Haifa, IL;
Oded Margalit, Ramat Gan, IL;
Rosa Miroshnikov, On, CA;
Oded Sofer, Midreshet Ben Gurion, IL;
Boris Rozenberg, Ramat Gan, IL;
International Business Machines Corporation, Armonk, NY (US);
Abstract
Embodiments of the present invention may provide the capability to identify security breaches in computer systems from clustering properties of clusters generated based on monitored behavior of users of the computer systems by using techniques that provide improved performance and reduced resource requirements. For example, behavior of users or resources may be monitored and analyzed to generate clusters and train clustering models. Labeling information relating to some user or resource may be received. When users or resources are clustered and when a cluster contains some labeled users/resources then an anomaly score can be determined for a user/resource belonging to the cluster. A user or resource may be detected to be an outlier of at least one cluster to which the user or resource has been assigned, and an alert indicating detection of the outlier may be generated.