DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Detecting anomalous behavior via user authentication graphs

Abstract

Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.

Inventors:
; ;
Issue Date:
Research Org.:
Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1568618
Patent Number(s):
10356107
Application Number:
16/014,026
Assignee:
Triad National Security, LLC (Los Alamos, NM); New Mexico Tech Research Park Corporation (Socorro, NM)
Patent Classifications (CPCs):
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
DOE Contract Number:  
AC52-06NA25396
Resource Type:
Patent
Resource Relation:
Patent File Date: 06/21/2018
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Kent, Alexander D., Neil, Joshua Charles, and Liebrock, Lorie. Detecting anomalous behavior via user authentication graphs. United States: N. p., 2019. Web.
Kent, Alexander D., Neil, Joshua Charles, & Liebrock, Lorie. Detecting anomalous behavior via user authentication graphs. United States.
Kent, Alexander D., Neil, Joshua Charles, and Liebrock, Lorie. Tue . "Detecting anomalous behavior via user authentication graphs". United States. https://www.osti.gov/servlets/purl/1568618.
@article{osti_1568618,
title = {Detecting anomalous behavior via user authentication graphs},
author = {Kent, Alexander D. and Neil, Joshua Charles and Liebrock, Lorie},
abstractNote = {Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2019},
month = {7}
}

Works referenced in this record:

Use of interactive messaging channels to verify endpoints
patent, July 2013


System and method for dynamically limiting robot access to server data
patent, December 2003


System for slowing password attacks
patent, November 2012


User login monitoring device and method
patent, March 2017