Skip to Content
Find More Like This
Return to Search

Method for detecting sophisticated cyber attacks

United States Patent

November 18, 2008
View the Complete Patent at the US Patent & Trademark Office
Oak Ridge National Laboratory - Visit the Partnerships Directorate Website
A method of analyzing computer intrusion detection information that looks beyond known attacks and abnormal access patterns to the critical information that an intruder may want to access. Unique target identifiers and type of work performed by the networked targets is added to audit log records. Analysis using vector space modeling, dissimilarity matrix comparison, and clustering of the event records is then performed.
Potok; Thomas E. (Oak Ridge, TN)
UT-Battelle, LLC (Oak Ridge, TN)
11/ 135,147
May 23, 2005
STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT The United States Government has rights in this invention pursuant to Contract No. DE-AC05-00OR22725 between the United States Department of Energy and UT-Battelle, LLC.