首页>
外国专利>
Anomaly detection based on profile history and peer history
Anomaly detection based on profile history and peer history
展开▼
机译:基于配置文件历史记录和对等体历史记录的异常检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method and apparatus for automatic anomaly detection based on profile history and peer history are described. An anomaly detection system collects file-activity data pertaining to file accesses activities in a network share. The system computes file access patterns for the individual users and compares the individual user's file access pattern against a profile history to find a first deviation. The system also identifies a cluster of users from the group based on at least one of user collaborations of individual users of the group or a reporting structure of the group of users. When the first deviation is found, the system compares the user's file access pattern against a peer history of the other individual users in the cluster to find a second deviation. The system reports an anomaly in the file access patterns by the individual user when the first deviation and the second deviation are found.
展开▼