Detecting anomalous behavior via user authentication graphs
Abstract
Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.
- Inventors:
- Issue Date:
- Research Org.:
- Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1568618
- Patent Number(s):
- 10356107
- Application Number:
- 16/014,026
- Assignee:
- Triad National Security, LLC (Los Alamos, NM); New Mexico Tech Research Park Corporation (Socorro, NM)
- Patent Classifications (CPCs):
-
H - ELECTRICITY H04 - ELECTRIC COMMUNICATION TECHNIQUE H04L - TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
- DOE Contract Number:
- AC52-06NA25396
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 06/21/2018
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Kent, Alexander D., Neil, Joshua Charles, and Liebrock, Lorie. Detecting anomalous behavior via user authentication graphs. United States: N. p., 2019.
Web.
Kent, Alexander D., Neil, Joshua Charles, & Liebrock, Lorie. Detecting anomalous behavior via user authentication graphs. United States.
Kent, Alexander D., Neil, Joshua Charles, and Liebrock, Lorie. Tue .
"Detecting anomalous behavior via user authentication graphs". United States. https://www.osti.gov/servlets/purl/1568618.
@article{osti_1568618,
title = {Detecting anomalous behavior via user authentication graphs},
author = {Kent, Alexander D. and Neil, Joshua Charles and Liebrock, Lorie},
abstractNote = {Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2019},
month = {7}
}
Works referenced in this record:
Use of interactive messaging channels to verify endpoints
patent, July 2013
- Hernacki, Brian J.; Satish, Sourabh
- US Patent Document 8,490,190
System and method for dynamically limiting robot access to server data
patent, December 2003
- Eichstaedt, Matthias; Emens, Michael; Kraft, Reiner
- US Patent Document 6,662,230
System for slowing password attacks
patent, November 2012
- Kahn, Clifford E.; Venable, Sr., Jeffrey C.; Chickering, Roger A.
- US Patent Document 8,312,540
User login monitoring device and method
patent, March 2017
- Liu, Fei; He, Wei Hong
- US Patent Document 9,602,526