Network sampling based path decomposition and anomaly detection
According to examples, network sampling based path decomposition and anomaly detection may include evaluating computer-generated log file data to generate a master network graph that specifies known events and transitions between the known events, and decomposing the master network graph to generate...
Saved in:
Main Authors | , , |
---|---|
Format | Patent |
Language | English |
Published |
12.02.2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | According to examples, network sampling based path decomposition and anomaly detection may include evaluating computer-generated log file data to generate a master network graph that specifies known events and transitions between the known events, and decomposing the master network graph to generate a representative network graph that includes a reduced number of paths of the master network graph. A source may be monitored to determine a cyber security threat by receiving incoming log file data related to the source, comparing the incoming log file data related to the source to the representative network graph, and determining, based on the comparison of the incoming log file data related to the source to the representative network graph, an anomaly in the representative network graph. Further, based on the monitoring, a report indicative of the cyber security threat may be generated based on the anomaly in the representative network graph. |
---|---|
Bibliography: | Application Number: US201615150030 |