Detection of anomalous events

Ferragut, Erik M.; Laska, Jason A.; Bridges, Robert A.

Title: Detection of anomalous events

Patent · Tue Jun 07 00:00:00 EDT 2016

OSTI ID:1255959

Ferragut, Erik M.; Laska, Jason A.; Bridges, Robert A.

A system is described for receiving a stream of events and scoring the events based on anomalousness and maliciousness (or other classification). The system can include a plurality of anomaly detectors that together implement an algorithm to identify low-probability events and detect atypical traffic patterns. The anomaly detector provides for comparability of disparate sources of data (e.g., network flow data and firewall logs.) Additionally, the anomaly detector allows for regulatability, meaning that the algorithm can be user configurable to adjust a number of false alerts. The anomaly detector can be used for a variety of probability density functions, including normal Gaussian distributions, irregular distributions, as well as functions associated with continuous or discrete variables.

View Patent

Cite

Export

Save

Research Organization:: Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)

Sponsoring Organization:: USDOE

DOE Contract Number:: AC05-00OR22725

Assignee:: UT-Batelle, LLC (Oak Ridge, TN)

Patent Number(s):: 9,361,463

Application Number:: 14/103,703

OSTI ID:: 1255959

Resource Relation:: Patent File Date: 2013 Dec 11

Country of Publication:: United States

Language:: English

References (8)

Integration of Self-Organizing Map (SOM) and Kernel Density Estimation (KDE) for network intrusion detection Cao, Yuan; He, Haibo; Man, Hong SPIE Europe Security + Defence, SPIE Proceedings https://doi.org/10.1117/12.834890	conference	September 2009
Anomaly detection: A survey Chandola, Varun; Banerjee, Arindam; Kumar, Vipin ACM Computing Surveys, Vol. 41, Issue 3, p. 1-58 https://doi.org/10.1145/1541880.1541882	journal	July 2009
VAST Challenge 2012: Visual analytics for big data Cook, Kristin; Grinstein, Georges; Whiting, Mark 2012 IEEE Conference on Visual Analytics Science and Technology (VAST) https://doi.org/10.1109/VAST.2012.6400529	conference	October 2012
An Intrusion-Detection Model Denning, D. E. IEEE Transactions on Software Engineering, Vol. SE-13, Issue 2 https://doi.org/10.1109/TSE.1987.232894	journal	February 1987
Tracking User Mobility to Detect Suspicious Behavior Tandon, Gaurav; Chan, Philip K. Proceedings of the 2009 SIAM International Conference on Data Mining https://doi.org/10.1137/1.9781611972795.75	conference	December 2013
Method and apparatus for detecting malicious code in an information handling system Obrecht, Mark; Alagna, Michael Tony; Payne, Andy https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/7748039 US Patent Document 7,748,039	patent	June 2010
Computer-implemented modeling systems and methods for analyzing and predicting computer network intrusions Wu, Lizhong; Barker, Terrance Gordon; Desai, Vijay S. https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8015133 US Patent Document 8,015,133	patent	September 2011
Statistical method and system for network anomaly detection Mullarkey, Peter; Johns, Michael Charles https://doi.org/https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8601575 US Patent Document 8,601,575	patent	December 2013

Similar Records

Real-time detection and classification of anomalous events in streaming data

Patent · Tue Apr 19 00:00:00 EDT 2016 · OSTI ID:1255959

Ferragut, Erik M.; Goodall, John R.; Iannacone, Michael D.; +2 more

Compression Analytics for Classification and Anomaly Detection within Network Communication

Journal Article · Fri Oct 26 00:00:00 EDT 2018 · IEEE Transactions on Information Forensics and Security · OSTI ID:1255959

Ting, Christina; Field, Richard; Fisher, Andrew; +1 more

Profile-based adaptive anomaly detection for network security.

Technical Report · Tue Nov 01 00:00:00 EST 2005 · OSTI ID:1255959

Zhang, Pengchu C; Durgin, Nancy Ann

Related Subjects

97 MATHEMATICS AND COMPUTING
99 GENERAL AND MISCELLANEOUS

Title: Detection of anomalous events

Citation Formats

References (8)

Similar Records

Related Subjects