Relating to the monitoring of network security

Siraj Shaikh (Inventor), Harsha Kumara Kalutarage (Inventor)

    Research output: Patent

    Abstract

    The present invention provides a target centric monitoring of a network enabling a likelihood score for the existence of an attack to be calculated. The score is calculated by monitoring a plurality of network nodes for a range of symptoms. Detected symptoms are then profiled using a classical Bayesian-based framework such that a node score is calculated for every node. The node scores are compared against reference activity so as to identify deviations from reference activity. The reference activity may comprise peer analysis comparing the node scores against the nodes scores or per nodes and discord analysis comparing the node score of a particular node against historical behaviour. Based on the deviations, the method can enable the calculation of a likelihood of suspicious activity for each node.
    Original languageEnglish
    Patent numberUS10681059B2
    IPCH04L 29/06
    Priority date25/05/16
    Filing date25/05/16
    Publication statusPublished - 9 Jun 2020

    Fingerprint

    Dive into the research topics of 'Relating to the monitoring of network security'. Together they form a unique fingerprint.

    Cite this