The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
May. 18, 2021
Filed:
Nov. 07, 2018
International Business Machines Corporation, Armonk, NY (US);
Long Vu, White Plains, NY (US);
Xuan-Hong Dang, Chappaqua, NY (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
For a plurality of hosts, observe first time-varying characteristics including network throughput, central processing unit (CPU) usage, and/or memory usage; second time-varying characteristics including software configuration; and time-invariant characteristics including hardware configuration, at a plurality of timestamps. Construct a restricted HMM configured to predict actual host states, wherein the first time-varying characteristics include observed variables. The current observed variables depend on current values of the hidden variables and prior timestamp distribution of the observed variables. The former in turn depend on prior timestamp values of the hidden variables, the time-invariant characteristics of the hosts. and current timestamp values of the second time-varying characteristics. Estimate parameters of the restricted HMM; run the restricted HMM with the estimated parameters for each of the hosts; analyze the results to identify at least one of the hosts which has a potential cybersecurity issue; and take at least one remedial action.