首页>
外国专利>
SYSTEM AND METHOD FOR DETECTING ANOMALIES ASSOCIATED WITH NETWORK TRAFFIC TO CLOUD APPLICATIONS
SYSTEM AND METHOD FOR DETECTING ANOMALIES ASSOCIATED WITH NETWORK TRAFFIC TO CLOUD APPLICATIONS
展开▼
机译:用于检测与云业务相关的异常的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
An anomaly detection system is provided and includes a processor, a memory, and a security application that is stored in the memory and includes instructions. The instructions are configured to collect information of behavior data for the users of an organization accessing cloud applications via a distributed network. The behavior data includes one or more parameters tracked over time for the users. The instructions are further configured to: establish baselines for each of the users and for each of the cloud applications or types of cloud applications of the organization; detect anomalies based on the baselines; provide aggregated anomaly data by aggregating anomalies corresponding to two or more of the baselines and a same behavior or corresponding to multiple users of a same cloud application during a same period of time; determine a risk value based on the aggregated anomaly data; and perform a countermeasure based on the risk value.
展开▼