首页> 外国专利> SYSTEM AND METHOD FOR DETECTING ANOMALIES ASSOCIATED WITH NETWORK TRAFFIC TO CLOUD APPLICATIONS

SYSTEM AND METHOD FOR DETECTING ANOMALIES ASSOCIATED WITH NETWORK TRAFFIC TO CLOUD APPLICATIONS

机译：用于检测与云业务相关的异常的系统和方法

页面导航

摘要
著录项
相似文献

摘要

An anomaly detection system is provided and includes a processor, a memory, and a security application that is stored in the memory and includes instructions. The instructions are configured to collect information of behavior data for the users of an organization accessing cloud applications via a distributed network. The behavior data includes one or more parameters tracked over time for the users. The instructions are further configured to: establish baselines for each of the users and for each of the cloud applications or types of cloud applications of the organization; detect anomalies based on the baselines; provide aggregated anomaly data by aggregating anomalies corresponding to two or more of the baselines and a same behavior or corresponding to multiple users of a same cloud application during a same period of time; determine a risk value based on the aggregated anomaly data; and perform a countermeasure based on the risk value.

机译：提供了一种异常检测系统，其包括处理器，存储器以及存储在存储器中并包括指令的安全应用程序。这些指令配置为收集行为数据的信息，以供组织的用户通过分布式网络访问云应用程序使用。行为数据包括随时间推移为用户跟踪的一个或多个参数。这些指令还被配置为：为组织的每个用户和每个云应用程序或云应用程序类型建立基线;根据基线检测异常;通过在相同的时间段内聚合对应于两个或多个基准以及相同行为或对应于同一云应用程序的多个用户的异常，提供聚合的异常数据;根据汇总的异常数据确定风险值;并根据风险值采取对策。

著录项

公开/公告号US2018234444A1

专利类型
公开/公告日2018-08-16

原文格式PDF
申请/专利权人 MICROSOFT TECHNOLOGY LICENSING LLC;
展开▼

申请/专利号US201715433058
发明设计人 SHAI KAPLAN;YONATAN MOST;
展开▼

申请日2017-02-15
分类号H04L29/06;
国家 US
入库时间 2022-08-21 13:00:02

相似文献

专利
外文文献
中文文献