专利检索 ap:("BULL SAS") AND inv:"Michael Granitzer" 第 1 页

1.

发明授权
Method for intrusion detection to detect malicious insider threat activities and system for intrusion detection 有权

公开(公告)号：US12105801B2

公开(公告)日：2024-10-01

申请号：US17775261

申请日：2020-03-30

申请人： BULL SAS

发明人： Mathieu Garchery , Michael Granitzer

IPC分类号： G06F21/56 , G06F21/31

CPC分类号： G06F21/566 , G06F21/316

摘要： A method and system for intrusion detection to detect malicious insider threat activities within a network user profiles. The method includes determining a behavior pattern for each user profile based on activity events, wherein the determination of the behavior pattern is executed by a Recurrent Neural Network. The method includes determining normal activity events and abnormal activity events for each user profile based on the behavior patterns, wherein the determination of the normal activity events and the abnormal activity events is executed by a Feed-Forward Neural Network. The method includes evaluating whether a recorded activity event is a normal activity event or an abnormal activity event based on the behavior pattern and the determined normal activity events and abnormal events for that user profile. The method includes detecting malicious activity for the user profile, if the recorded activity event is evaluated as an abnormal activity event.

2.

发明授权
Method for intrusion detection to detect malicious insider threat activities and system for intrusion detection 有权

公开(公告)号：US12058158B2

公开(公告)日：2024-08-06

申请号：US17869730

申请日：2022-07-20

申请人： BULL SAS

发明人： Mathieu Garchery , Zerhoudi Saber , Michael Granitzer

IPC分类号： H04L9/40 , H04L67/306 , H04L67/50

CPC分类号： H04L63/1425 , H04L67/306 , H04L67/535

摘要： A method and system for intrusion detection to detect malicious insider threat activities within a network of user profiles. The method includes training a Neural Network on multiple sets of user profile data for multiple user profiles and on multiple sets of activity data of the multiple user profiles of the network, such that the Neural Network is capable of predicting for future dates activities for multiple user profiles. The method includes applying the trained Neural Network on the set of further user profile data of the further user profile, predicting an activity of the further user profile based on the multiple sets of activity data by the trained Neural Network, observing activity of the further user profile, applying the trained Neural Network on the observed activity, and detecting malicious activity for the further user profile by the trained Neural Network, if the observed activity deviates from the predicted activity.