中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

15 records (took 0.014 seconds)

    Adaptive anomaly detection for computer systems
    1.
    发明授权
    Adaptive anomaly detection for computer systems 有权

    公开(公告)号:US11122065B2

    公开(公告)日:2021-09-14

    申请号:US16103108

    申请日:2018-08-14

    Applicant: VMware, Inc.

    Inventor: Bin Zan Dexiang Wang Zhen Mo Vijay Ganti

    IPC: H04L29/06 G06K9/62

    Abstract: Feature vectors are abstracted from data describing application processes. The feature vectors are grouped to define non-anomalous clusters of feature vectors corresponding to normal application behavior. Subsequent feature vectors are considered anomalous if they do not fall within one of the non-anomalous clusters; alerts are issued for anomalous feature vectors. In addition, the subsequent feature vectors may be used to regroup feature vectors to adapt to changes in what constitutes normal application behavior.

    Machine Learning-Based Techniques for Representing Computing Processes as Vectors
    2.
    发明申请
    Machine Learning-Based Techniques for Representing Computing Processes as Vectors 有权

    公开(公告)号:US20210027121A1

    公开(公告)日:2021-01-28

    申请号:US16518808

    申请日:2019-07-22

    Applicant: VMware, Inc.

    Inventor: Bin Zan Zhen Mo Vamsi Akkineni Vijay Ganti

    IPC: G06K9/72 G06K9/62 G06N3/08 G06F17/16

    Abstract: Machine learning-based techniques for representing computing processes as vectors are provided. In one set of embodiments, a computer system can receive a name of a computing process and context information pertaining to the computing process. The computer system can further train a neural network based on the name and the context information, where the training results in determination of weight values for one or more hidden layers of the neural network. The computer system can then generate, based on the weight values, a vector representation of the computing process that encodes the context information and can perform one or more analyses using the vector representation.

    Holo-entropy adaptive boosting based anomaly detection
    4.
    发明授权
    Holo-entropy adaptive boosting based anomaly detection 有权

    公开(公告)号:US11620180B2

    公开(公告)日:2023-04-04

    申请号:US16205138

    申请日:2018-11-29

    Applicant: VMware, Inc.

    Inventor: Zhen Mo Bin Zan Vijay Ganti Vamsi Akkineni HengJun Tian

    IPC: G06F9/44 G06F11/07 G06F21/56 G06F11/34 G06N20/20 G06F9/455 H04L9/40

    Abstract: A computer-implemented method for determining whether data is anomalous includes generating a holo-entropy adaptive boosting model using, at least in part, a set of normal data. The holo-entropy adaptive boosting model includes a plurality of holo-entropy models and associated model weights for combining outputs of the plurality of holo-entropy models. The method further includes receiving additional data, and determining at least one of whether the additional data is normal or abnormal relative to the set of normal data or a score indicative of how abnormal the additional data is using, at least in part, the generated holo-entropy adaptive boosting model.

    Holo-entropy based alarm scoring approach
    5.
    发明授权
    Holo-entropy based alarm scoring approach 有权

    公开(公告)号:US11258655B2

    公开(公告)日:2022-02-22

    申请号:US16212170

    申请日:2018-12-06

    Applicant: VMware, Inc.

    Inventor: Zhen Mo Dexiang Wang Bin Zan Vijay Ganti Amit Chopra Ruimin Sun

    IPC: H04L12/24 G06F9/455

    Abstract: A method for managing alarms in a virtual machine environment includes receiving alarm data related to a process and storing the alarm data in a database, where the alarm data comprises one or more features. The method further includes retrieving intended state information for the process and comparing the one more features of the alarm data to the intended state information to determine whether the alarm is an outlier. The method also includes computing a normal score for the alarm if the alarm is not an outlier, and computing an abnormal score for the alarm if the alarm is an outlier. The method also includes sending a notification for the alarm and the computed score.

    Performing cybersecurity operations based on impact scores of computing events over a rolling time interval
    7.
    发明授权
    Performing cybersecurity operations based on impact scores of computing events over a rolling time interval 有权

    公开(公告)号:US11689545B2

    公开(公告)日:2023-06-27

    申请号:US17151142

    申请日:2021-01-16

    Applicant: VMware, Inc.

    Inventor: Zhen Mo Ereli Eran Barak Raz Vijay Ganti

    IPC: H04L9/40

    CPC classification number: H04L63/1416 H04L63/0263 H04L63/1441 H04L63/20

    Abstract: The disclosure herein describes automatically performing security operations associated with a client system based on aggregated event impact scores of computing events during a rolling time interval. Event data is obtained, wherein the event data is from a plurality of computing devices of the client system associated with computing events occurring during a time interval after an endpoint of the rolling time interval. Event impact scores are calculated for the computing events of the obtained event data over the time interval based at least on cardinality estimation. The calculated event impact scores are merged into the set of aggregated event impact scores associated with the rolling time interval and event impact scores associated with an expired time interval are removed from the set of aggregated event impact scores. Based on the set of aggregated event impact scores, at least one security operation is performed for at least one computing event.

    Distributed Representations of Computing Processes and Events
    8.
    发明申请
    Distributed Representations of Computing Processes and Events 有权

    公开(公告)号:US20230013574A1

    公开(公告)日:2023-01-19

    申请号:US17375702

    申请日:2021-07-14

    Applicant: VMware, Inc.

    Inventor: Mahmood Sharif Vijay Ganti

    IPC: G06F9/30 G06K9/62 G06N3/08 G06F9/54

    Abstract: Techniques for generating distributed representations of computing processes and events are provided. According to one set of embodiments, a computer system can receive occurrence data pertaining to a plurality of computing processes and a plurality of events associated with the plurality of computing processes. The computer system can then generate, based on the occurrence data, (1) a set of distributed process representations that includes, for each computing process, a representation that encodes a sequence of events associated with the computing process in the occurrence data, and (2) a set of distributed event representations that includes, for each event, a representation that encodes one or more event properties associated with the event and one or more events that occur within a window of the event in the occurrence data.

    Event-triggered behavior analysis
    10.
    发明授权
    Event-triggered behavior analysis 有权

    公开(公告)号:US11295011B2

    公开(公告)日:2022-04-05

    申请号:US16242396

    申请日:2019-01-08

    Applicant: VMware, Inc.

    Inventor: Ruimin Sun Vijay Ganti Zhen Mo Bin Zan Vamsi Akkineni

    IPC: G06F21/55 G06N20/00 G06F21/56 G06K9/62 G06F21/53

    Abstract: Certain aspects herein provide a system and method for performing behavior analysis for a computing device by a computing system. In certain aspects, a method includes detecting an event occurring at the computing device at a first time, determining, based on the detecting, an event category of the event, and collecting first one or more behaviors associated with the determined event category occurring on the computing device based. The method also includes comparing the first one or more behaviors with a dataset indicating one or more expected behaviors of the computing device associated with the event. Upon determining that at least one of the first one or more behaviors corresponds to an unexpected behavior based on the comparing, the method further includes taking one or more remedial actions.

Patent Agency Ranking