The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 10, 2023
Filed:
Oct. 30, 2020
Splunk Inc., San Francisco, CA (US);
Sumit Singh Bagga, Castro Valley, CA (US);
Francis E. Gerard, Oakland, CA (US);
Robin Jinyang Hu, Fremont, CA (US);
Marios Iliofotou, San Jose, CA (US);
J. Evan Jordan, San Francisco, CA (US);
Amarendra Pendala, San Francisco, CA (US);
Sourabh Satish, Fremont, CA (US);
SPLUNK INC., San Francisco, CA (US);
Abstract
A method comprises acquiring anomaly data including a plurality of anomalies detected from streaming data, wherein each of the anomalies relates to an entity on or associated with a computer network. The method determines a risk score of each of the anomalies, and adjusts the risk score of an anomaly according to a set of factors. The method further determines, for each of a plurality of sliding time windows of different lengths, an entity score of the entity in relation to the sliding time window, based on an aggregation of risk scores of all anomalies related to the entity that were detected within the sliding time window, where the entity score corresponds to a risk level associated with the entity. An action to prevent the entity from performing an operation can be determined and caused to occur based on the entity score.