Check Point Software Technologies Ltd.
METHOD AND SYSTEM FOR DETECTING MALICIOUS OR SUSPICIOUS ACTIVITY BY BASELINING HOST BEHAVIOR
Last updated:
Abstract:
The disclosed subject matter includes a system, which when installed in a specific host, such as an end point, or end point computer, will model its behavior over time, score new activities in real time and calculate outliers, by creating and analyzing vectors. The vectors are formed of feature values, extracted from executable processes, and the analysis includes the determining and evaluating the distance between a current vector and a cluster of vectors.
Status:
Application
Type:
Utility
Filling date:
27 Apr 2020
Issue date:
28 Oct 2021