The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Nov. 16, 2021
Filed:
Dec. 19, 2019
Exabeam, Inc., Foster City, CA (US);
Derek Lin, San Mateo, CA (US);
Anying Li, San Francisco, CA (US);
Ryan Foltz, Foster City, CA (US);
Domingo Mihovilovic, Menlo Park, CA (US);
Sylvain Gil, San Francisco, CA (US);
Barry Steiman, San Ramon, CA (US);
Exabeam, Inc., Foster City, CA (US);
Abstract
The present disclosure describes a self-learning system, method, and computer program for detecting cybersecurity threats in a computer network based on anomalous user behavior and multi-domain data. A computer system tracks user behavior during a user session across multiple data domains. For each domain observed in a user session, a domain risk is calculated. The user's session risk is then calculated as the weighted sum of the domain risks. A domain risk is based on individual event-level risk probabilities and a session-level risk probability from the domain. The individual event-level risk probabilities and a session-level risk probability for a domain are derived from user events of the domain during the session and are based on event-feature indicators and session-feature indicators for the domain.