Global to push GA events into
skip to main content

Title: Detecting anomalous behavior via user authentication graphs

Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.
Inventors:
; ;
Issue Date:
OSTI Identifier:
1459424
Assignee:
Los Alamos National Security, LLC (Los Alamos, NM); New Mexico Tech Research Foundation (Socorro, NM) LANL
Patent Number(s):
10,015,175
Application Number:
15/099,898
Contract Number:
AC52-06NA25396
Resource Relation:
Patent File Date: 2016 Apr 15
Research Org:
Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING