Peer-based abnormal host detection for enterprise security systems

Invention Grant

US10367842B2 Peer-based abnormal host detection for enterprise security systems 有权

Please log in to see more content

Patent Title: Peer-based abnormal host detection for enterprise security systems
Application No.: US15902318

Application Date: 2018-02-22
Publication No.: US10367842B2

Publication Date: 2019-07-30
Inventor: Zhengzhang Chen , LuAn Tang , Zhichun Li , Cheng Cao
Applicant: NEC Laboratories America, Inc.
Applicant Address: JP
Assignee: NEC Corporation
Current Assignee: NEC Corporation
Current Assignee Address: JP
Agent Joseph Kolodka
Main IPC: H04L29/06
IPC: H04L29/06 ; G06F21/55

Peer-based abnormal host detection for enterprise security systems

Abstract:

Systems and methods for determining a risk level of a host in a network include modeling a target host's behavior based on historical events recorded at the target host. One or more original peer hosts having behavior similar to the target host's behavior are determined. An anomaly score for the target host is determined based on how the target host's behavior changes relative to behavior of the one or more original peer hosts over time. A security management action is performed based on the anomaly score.

Public/Granted literature

US20180183824A1 PEER-BASED ABNORMAL HOST DETECTION FOR ENTERPRISE SECURITY SYSTEMS Public/Granted day:2018-06-28

Information query

Espacenet