Detecting anomalous behavior via user authentication graphs

Title: Detecting anomalous behavior via user authentication graphs

Full Record
Similar

Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.

Inventors:: Kent, Alexander; Neil, Joshua; Liebrock, Lorie

Issue Date:: 2018-07-03

OSTI Identifier:: 1459424

Assignee:: Los Alamos National Security, LLC (Los Alamos, NM); New Mexico Tech Research Foundation (Socorro, NM) LANL

Patent Number(s):: 10,015,175

Application Number:: 15/099,898

Contract Number:: AC52-06NA25396

Resource Relation:: Patent File Date: 2016 Apr 15

Research Org:: Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

Sponsoring Org:: USDOE

Country of Publication:: United States

Language:: English

Subject:: 97 MATHEMATICS AND COMPUTING

Full Text
View Full Text

Similar records in DOepatents and OSTI.GOV collections:

System and method for ultrafast optical signal detecting via a synchronously coupled anamorphic light pulse encoded laterally

Patent Heebner, John E

In one general embodiment, a method for ultrafast optical signal detecting is provided. In operation, a first optical input signal is propagated through a first wave guiding layer of a waveguide. Additionally, a second optical input signal is propagated through a second wave guiding layer of the waveguide. Furthermore, an optical control signal is applied to a top of the waveguide, the optical control signal being oriented diagonally relative to the top of the waveguide such that the application is used to influence at least a portion of the first optical input signal propagating through the first wave guiding layermore »« less
Full Text Available August 2010
Method and apparatus for detecting a desired behavior in digital image data

Patent Kegelmeyer, Jr., W. Philip

A method for detecting stellate lesions in digitized mammographic image data includes the steps of prestoring a plurality of reference images, calculating a plurality of features for each of the pixels of the reference images, and creating a binary decision tree from features of randomly sampled pixels from each of the reference images. Once the binary decision tree has been created, a plurality of features, preferably including an ALOE feature (analysis of local oriented edges), are calculated for each of the pixels of the digitized mammographic data. Each of these plurality of features of each pixel are input into themore »« less
Full Text Available January 1997
Method and apparatus for detecting a desired behavior in digital image data

Patent Kegelmeyer, Jr., W. Philip

A method for detecting stellate lesions in digitized mammographic image data includes the steps of prestoring a plurality of reference images, calculating a plurality of features for each of the pixels of the reference images, and creating a binary decision tree from features of randomly sampled pixels from each of the reference images. Once the binary decision tree has been created, a plurality of features, preferably including an ALOE feature (analysis of local oriented edges), are calculated for each of the pixels of the digitized mammographic data. Each of these plurality of features of each pixel are input into themore »« less
Full Text Available January 1997
Interception and modification of network authentication packets with the purpose of allowing alternative authentication modes

Patent Kent, Alexander Dale

Methods and systems in a data/computer network for authenticating identifying data transmitted from a client to a server through use of a gateway interface system which are communicately coupled to each other are disclosed. An authentication packet transmitted from a client to a server of the data network is intercepted by the interface, wherein the authentication packet is encrypted with a one-time password for transmission from the client to the server. The one-time password associated with the authentication packet can be verified utilizing a one-time password token system. The authentication packet can then be modified for acceptance by the server,more »« less
Full Text Available September 2008
Authentication graphs: Analyzing user behavior within an enterprise network

Journal Article - in OSTI.gov collection Kent, Alexander D. ; Liebrock, Lorie M. ; Neil, Joshua C.

February 2015, Elsevier