The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Feb. 15, 2022
Filed:
Jun. 02, 2017
National Ict Australia Limited, Eveleigh, AU;
Nick Van Beest, Eveleigh, AU;
Ingo Weber, Eveleigh, AU;
National ICT Australia Limited, Eveleigh, AU;
Abstract
This disclosure relates to analyzing log data of a system. This comprises evaluating a first graph model with multiple log events in the log data. The first graph model comprises a first set of nodes connected by a first set of edges representing a first behaviour. A processor determines a first correspondence value based on the first graph model and indicative of a correspondence between the multiple log events and the first behaviour. The processor repeats the steps of evaluating the first graph model for one or more further graph models representing one or more further behaviors and determining the first correspondence value to determine one or more further correspondence values. The processor finally determines a classification of the multiple log events as representing one of the behaviors based on the correspondence values. The use of multiple graph models allows a more granular classification than binary intrusion detection.