首页> 外国专利> System and method for detecting anomalies including detection and removal of outliers associated with network traffic to cloud applications

System and method for detecting anomalies including detection and removal of outliers associated with network traffic to cloud applications

机译：用于检测异常的系统和方法，包括检测和消除与到云应用程序的网络流量相关的异常值

页面导航

摘要
著录项
相似文献

摘要

An anomaly detection system is provided and includes a processor, a memory and a security application stored in the memory and including instructions. The instructions are for collecting behavior data corresponding to users of an organization accessing cloud applications. The behavior data includes parameters tracked over time for the users. The instructions are for: creating a first model based on the behavior data tracked for the users; creating a second model corresponding to a first user based on the parameters tracked for the users except the first user, where the second model excludes behavior data pertaining to the first user; scoring the second model based on the first model to generate a first score; determining whether the first user is an outlier based on the first score; and removing the behavior data corresponding to the first user from the first model if the first user is an outlier.

机译：提供了一种异常检测系统，其包括处理器，存储器和存储在该存储器中并包括指令的安全应用程序。这些说明用于收集与访问云应用程序的组织的用户相对应的行为数据。行为数据包括随时间推移为用户跟踪的参数。这些指令用于：根据为用户跟踪的行为数据创建第一个模型;基于为除第一用户之外的用户跟踪的参数，创建与第一用户相对应的第二模型，其中，第二模型不包括与第一用户有关的行为数据;基于第一模型对第二模型评分，以产生第一评分;根据所述第一得分，确定所述第一用户是否为离群值;如果第一用户是离群值，则从第一模型中删除与第一用户对应的行为数据。

著录项

公开/公告号US10326787B2

专利类型
公开/公告日2019-06-18

原文格式PDF
申请/专利权人 MICROSOFT TECHNOLOGY LICENSING LLC;
展开▼

申请/专利号US201715433039
发明设计人 ANTON WOLKOV;SHAI KAPLAN;YONATAN MOST;IDO BAR AV;
展开▼

申请日2017-02-15
分类号H04L29/06;G06F17/50;G06F21/55;H04L29/08;G06K9/62;
国家 US
入库时间 2022-08-21 12:16:10

相似文献

专利
外文文献
中文文献