Method of detecting anomalous behaviour in a computer network
Method of detecting anomalous behaviour in a computer network comprising the steps of - monitoring network traffic flowing in a computer network system, - authenticating users to which network packets of the network traffic are associated, - extracting parameters associated to the network packets for each user, said parameters including at least the type (T) of network services, - forming symbols based on a combination of one or more of said parameters, and - modelling and analysing individual user behaviour based on sequences of occurrence of said symbols (S).
34932063
Alternative title(s) : (de) Verfahren zur detektion des anomalen benutzerverhaltens in einem rechnernetzwerk (fr) Procédé de détection d'une conduite anormale dans un réseau informatique
TTO:6.0466
Patent number | Country code | Kind code | Date issued |
US8631464 | US | B2 | 2014-01-14 |
US2007240207 | US | A1 | 2007-10-11 |
EP1738551 | EP | A1 | 2007-01-03 |
WO2005104482 | WO | A1 | 2005-11-03 |
EP1589716 | EP | A1 | 2005-10-26 |