Skip to Content
Find More Like This
Return to Search

Detection of anomalous events

United States Patent

June 7, 2016
View the Complete Patent at the US Patent & Trademark Office
Oak Ridge National Laboratory - Visit the Partnerships Directorate Website
A system is described for receiving a stream of events and scoring the events based on anomalousness and maliciousness (or other classification). The system can include a plurality of anomaly detectors that together implement an algorithm to identify low-probability events and detect atypical traffic patterns. The anomaly detector provides for comparability of disparate sources of data (e.g., network flow data and firewall logs.) Additionally, the anomaly detector allows for regulatability, meaning that the algorithm can be user configurable to adjust a number of false alerts. The anomaly detector can be used for a variety of probability density functions, including normal Gaussian distributions, irregular distributions, as well as functions associated with continuous or discrete variables.
Ferragut; Erik M. (Oak Ridge, TN), Laska; Jason A. (Oak Ridge, TN), Bridges; Robert A. (Knoxville, TN)
UT-Batelle, LLC (Oak Ridge, TN)
14/ 103,703
December 11, 2013
ACKNOWLEDGMENT OF GOVERNMENT SUPPORT This invention was made with government support under Contract No. DE-AC05-00OR22725 awarded by the U.S. Department of Energy. The government has certain rights in the invention.