Abstract: Significant and aggregate user authentication activity may be analyzed across a population of users and computers in one or more networks to differentiate between authorized users and intruders in a network, and/or to detect inappropriate behavior by otherwise authorized users. Dynamic graphs and graph models over user and computer authentication activity, including time-constrained models, may be used for the purposes of profiling and analyzing user behavior in computer networks. More specifically, an edge-based breadth first search of graphs may be used that enforces time-constraints while maintaining traditional breadth first search computational complexity equivalence.
Type:
Grant
Filed:
June 21, 2018
Date of Patent:
July 16, 2019
Assignees:
Triad National Security, LLC, New Mexico Tech Research Park Corporation
Inventors:
Alexander D. Kent, Joshua Charles Neil, Lorie Liebrock