Abstract: Disclosed is a method and system for detecting malicious entities and malicious behavior in a time evolving network via a graph framework by modeling activity in a network graph representing associations between entities. The system utilizes classification methods to give score predictions indicative of a degree of suspected maliciousness, and presents a unified graph inference method for surfacing previously undetected malicious entities that utilizes both the structure and behavioral features to detect malicious entities.

Abstract: Disclosed is a data analysis and cybersecurity method, which forms a time-based series of behavioral features, and analyzes the series of behavioral features for attack detection, new features derivation, and/or features evaluation. Analyzing the time based series of behavioral features may comprise using a Feed-Forward Neural Networks (FFNN) method, a Convolutional Neural Networks (CNN) method, a Recurrent Neural Networks (RNN) method, a Long Short-Term Memories (LSTMs) method, a principal Component Analysis (PCA) method, a Random Forest pipeline method, and/or an autoencoder method. In one embodiment, the behavioral features of the time-based series of behavioral features comprise human engineered features, and/or machined learned features, wherein the method may be used to learn new features from historic features.

Abstract: Disclosed is a method and system for detecting malicious entities and malicious behavior in a time evolving network via a graph framework by modeling activity in a network graph representing associations between entities. The system utilizes classification methods to give score predictions indicative of a degree of suspected maliciousness, and presents a unified graph inference method for surfacing previously undetected malicious entities that utilizes both the structure and behavioral features to detect malicious entities.

Abstract: Disclosed is a data analysis and cybersecurity method, which forms a time-based series of behavioral features, and analyzes the series of behavioral features for attack detection, new features derivation, and/or features evaluation. Analyzing the time based series of behavioral features may comprise using a Feed-Forward Neural Networks (FFNN) method, a Convolutional Neural Networks (CNN) method, a Recurrent Neural Networks (RNN) method, a Long Short-Term Memories (LSTMs) method, a principal Component Analysis (PCA) method, a Random Forest pipeline method, and/or an autoencoder method. In one embodiment, the behavioral features of the time-based series of behavioral features comprise human engineered features, and/or machined learned features, wherein the method may be used to learn new features from historic features.