skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Detecting anomalous behavior via user authentication graphs

Abstract

Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.

Inventors:
; ;
Publication Date:
Research Org.:
Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1459424
Patent Number(s):
10,015,175
Application Number:
15/099,898
Assignee:
Los Alamos National Security, LLC (Los Alamos, NM); New Mexico Tech Research Foundation (Socorro, NM) LANL
DOE Contract Number:
AC52-06NA25396
Resource Type:
Patent
Resource Relation:
Patent File Date: 2016 Apr 15
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Kent, Alexander, Neil, Joshua, and Liebrock, Lorie. Detecting anomalous behavior via user authentication graphs. United States: N. p., 2018. Web.
Kent, Alexander, Neil, Joshua, & Liebrock, Lorie. Detecting anomalous behavior via user authentication graphs. United States.
Kent, Alexander, Neil, Joshua, and Liebrock, Lorie. Tue . "Detecting anomalous behavior via user authentication graphs". United States. doi:. https://www.osti.gov/servlets/purl/1459424.
@article{osti_1459424,
title = {Detecting anomalous behavior via user authentication graphs},
author = {Kent, Alexander and Neil, Joshua and Liebrock, Lorie},
abstractNote = {Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Jul 03 00:00:00 EDT 2018},
month = {Tue Jul 03 00:00:00 EDT 2018}
}

Patent:

Save / Share: