Skip to Content
Find More Like This
Return to Search

System and method for anomaly detection

United States Patent

June 15, 2010
View the Complete Patent at the US Patent & Trademark Office
Pacific Northwest National Laboratory - Visit the Technology Commercialization Program Website
A system and method for detecting one or more anomalies in a plurality of observations is provided. In one illustrative embodiment, the observations are real-time network observations collected from a stream of network traffic. The method includes performing a discrete decomposition of the observations, and introducing derived variables to increase storage and query efficiencies. A mathematical model, such as a conditional independence model, is then generated from the formatted data. The formatted data is also used to construct frequency tables which maintain an accurate count of specific variable occurrence as indicated by the model generation process. The formatted data is then applied to the mathematical model to generate scored data. The scored data is then analyzed to detect anomalies.
Scherrer; Chad (Pasco, WA)
Battelle Memorial Institute (Richland, WA)
11/ 423,046
June 8, 2006
GOVERNMENT RIGHTS This invention was made with Government support under Contract Number DE-AC05-76RL01830 awarded by the U.S. Department of Energy. The Government has certain rights in the invention.