-
公开(公告)号:US08214364B2
公开(公告)日:2012-07-03
申请号:US12124274
申请日:2008-05-21
IPC分类号: G06F17/30
CPC分类号: G06F21/552 , G06F21/316
摘要: Embodiments of the invention provide a method for detecting changes in behavior of authorized users of computer resources and reporting the detected changes to the relevant individuals. The method includes evaluating actions performed by each user against user behavioral models and business rules. As a result of the analysis, a subset of users may be identified and reported as having unusual or suspicious behavior. In response, the management may provide feedback indicating that the user behavior is due to the normal expected business needs or that the behavior warrants further review. The management feedback is available for use by machine learning algorithms to improve the analysis of user actions over time. Consequently, investigation of user actions regarding computer resources is facilitated and data loss is prevented more efficiently relative to the prior art approaches with only minimal disruption to the ongoing business processes.
摘要翻译: 本发明的实施例提供了一种用于检测计算机资源的授权用户的行为变化并将检测到的变化报告给相关个人的方法。 该方法包括评估每个用户针对用户行为模型和业务规则执行的动作。 作为分析的结果,可以识别和报告用户的一部分具有不寻常或可疑行为。 作为回应,管理层可以提供反馈意见,指出用户行为是由于正常的预期业务需求或行为值得进一步审查。 管理反馈可供机器学习算法使用,以改善用户随时间的行为分析。 因此,相对于现有技术方法,对于计算机资源的用户行为的调查被有助于更有效地防止数据丢失,而对正在进行的业务流程的中断只是最小的。
-
公开(公告)号:US20090292743A1
公开(公告)日:2009-11-26
申请号:US12124274
申请日:2008-05-21
IPC分类号: G06F12/00
CPC分类号: G06F21/552 , G06F21/316
摘要: Embodiments of the invention provide a method for detecting changes in behavior of authorized users of computer resources and reporting the detected changes to the relevant individuals. The method includes evaluating actions performed by each user against user behavioral models and business rules. As a result of the analysis, a subset of users may be identified and reported as having unusual or suspicious behavior. In response, the management may provide feedback indicating that the user behavior is due to the normal expected business needs or that the behavior warrants further review. The management feedback is available for use by machine learning algorithms to improve the analysis of user actions over time. Consequently, investigation of user actions regarding computer resources is facilitated and data loss is prevented more efficiently relative to the prior art approaches with only minimal disruption to the ongoing business processes.
摘要翻译: 本发明的实施例提供了一种用于检测计算机资源的授权用户的行为变化并将检测到的变化报告给相关个人的方法。 该方法包括评估每个用户针对用户行为模型和业务规则执行的动作。 作为分析的结果,可以识别和报告用户的一部分具有不寻常或可疑行为。 作为回应,管理层可以提供反馈意见,指出用户行为是由于正常的预期业务需求或行为值得进一步审查。 管理反馈可供机器学习算法使用,以改善用户随时间的行为分析。 因此,相对于现有技术方法,对于计算机资源的用户行为的调查被有助于更有效地防止数据丢失,而对正在进行的业务流程的中断只是最小的。
-
公开(公告)号:US20090293121A1
公开(公告)日:2009-11-26
申请号:US12124237
申请日:2008-05-21
CPC分类号: G06F21/316
摘要: Embodiments of the invention provide a method for detecting changes in behavior of authorized users of computer resources and reporting the detected changes to the relevant individuals. The method includes evaluating actions performed by each user against user behavioral models and business rules. As a result of the analysis, a subset of users may be identified and reported as having unusual or suspicious behavior. In response, the management may provide feedback indicating that the user behavior is due to the normal expected business needs or that the behavior warrants further review. The management feedback is available for use by machine learning algorithms to improve the analysis of user actions over time. Consequently, investigation of user actions regarding computer resources is facilitated and data loss is prevented more efficiently relative to the prior art approaches with only minimal disruption to the ongoing business processes.
摘要翻译: 本发明的实施例提供了一种用于检测计算机资源的授权用户的行为变化并将检测到的变化报告给相关个人的方法。 该方法包括评估每个用户针对用户行为模型和业务规则执行的动作。 作为分析的结果,可以识别和报告用户的一部分具有不寻常或可疑行为。 作为回应,管理层可以提供反馈意见,指出用户行为是由于正常的预期业务需求或行为值得进一步审查。 管理反馈可供机器学习算法使用,以改善用户随时间的行为分析。 因此,相对于现有技术方法,对于计算机资源的用户行为的调查被有助于更有效地防止数据丢失,而对正在进行的业务流程的中断只是最小的。
-
-
搜索结果
3 条记录 (耗时 0.018 秒)
