SecureWorks Corp.
SYSTEMS AND METHODS FOR IDENTIFYING ATTACK PATTERNS OR SUSPICIOUS ACTIVITY IN CLIENT NETWORKS

Last updated:

Abstract:

Systems and methods for identifying attack patterns or suspicious activity can include a profile builder, a primitive creator, and a compromise detector. The profile builder can populate one or more baseline activity profiles for each client of the plurality of clients or entities associated therewith. The primitive creator can create primitives by comparing identified or extracted features to information in the one or more baseline activity profiles. The compromise detector can receive primitives, and based on identified combinations or sequences of primitives, generate compromise events to be provided to clients.

Status:
Application
Type:

Utility

Filling date:

3 Sep 2020

Issue date:

3 Mar 2022