首页> 外国专利> System and method for detecting potential threats by monitoring user and system behavior associated with computer and network activity

System and method for detecting potential threats by monitoring user and system behavior associated with computer and network activity

机译：通过监视与计算机和网络活动关联的用户和系统行为来检测潜在威胁的系统和方法

页面导航

摘要
著录项
相似文献

摘要

A system and method is provided to monitor user and system behavior associated with computer and network activity to determine deviations from normal behavior that represent a potential cyber threat or cyber malicious activity. The system and method uses a multi-factor behavioral and activity analysis approach to determine when a trusted insider might be exhibiting threatening behavior or when a user's computer or network credentials have been compromised and are in use by a third-party. As a result, changes in insider behavior that could be indicative of malicious intent can be detected, or an external entity masquerading as a legitimate user can be detected.

机译：提供一种系统和方法，以监视与计算机和网络活动相关联的用户和系统行为，以确定与代表潜在网络威胁或网络恶意活动的正常行为的偏离。该系统和方法使用多因素行为和活动分析方法来确定受信任的内部人员何时可能表现出威胁性行为，或者何时用户的计算机或网络凭据已被泄露并被第三方使用。结果，可以检测到可能表明恶意意图的内部行为的变化，或者可以检测到伪装成合法用户的外部实体。

著录项

公开/公告号US9117076B2

专利类型
公开/公告日2015-08-25

原文格式PDF
申请/专利权人 MATTHEW G. DEVOST;
展开▼

申请/专利号US201313829613
发明设计人 MATTHEW G. DEVOST;
展开▼

申请日2013-03-14
分类号G06F21/56;G06F21/31;
国家 US
入库时间 2022-08-21 15:20:46

相似文献

专利
外文文献
中文文献