首页>
外国专利>
Automatically detecting insider threats using user collaboration patterns
Automatically detecting insider threats using user collaboration patterns
展开▼
机译:使用用户协作模式自动检测内部威胁
展开▼
页面导航
摘要
著录项
相似文献
摘要
Automatically detecting insider threats using user collaboration patterns. In one embodiment, a method may include identifying collaborative access of one or more network resources in a network between a target user using a target network device and other users using other network devices in the network during multiple prior time periods and during a current time period, generating prior collaboration graphs for the prior time periods, generating an average collaboration graph by combining the prior collaboration graphs, generating a current collaboration graph for the current time period, generating an anomaly score by comparing the current collaboration graph to the average collaboration graph, determining that the collaborative access of the one or more network resources during the current time period is anomalous by determining that the anomaly score exceeds a threshold, and, in response to the anomaly score exceeding the threshold, performing a security action on the target network device.
展开▼