{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-11277423","patent":{"patent_number":"US-11277423","title":"Anomaly-based malicious-behavior detection","assignee":null,"inventors":[],"filing_date":"2019-02-22T00:00:00.000Z","publication_date":"2022-03-15T00:00:00.000Z","cpc_codes":["H04L","G06F","G06F","G06F","H04L","H04L"],"num_claims":20,"abstract":"Example techniques detect incidents based on events from or at monitored computing devices. A control unit can detect events of various types within a time interval and aggregate the detected events into an incident. The control unit can detect patterns within the events based at least in part on predetermined criterion. In examples, the control unit can determine pattern scores for the patterns based on the probability of occurrence for the patterns and determine a composite score based on the pattern scores. The control unit can determine that an incident indicating malicious activity has been detected based in part determining that the composite score is above a predetermined threshold score. In some examples, the control unit can classify and rank the incidents. The control unit can determine if an incident indicates malicious activity including malware or targeted attack."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Anomaly-based malicious-behavior detection","description":"Example techniques detect incidents based on events from or at monitored computing devices. A control unit can detect events of various types within a time interval and aggregate the detected events i","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-11277423","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-11277423","citation_suggestion":"Patentable. \"Anomaly-based malicious-behavior detection\" (US-11277423). https://patentable.app/patents/US-11277423","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-11277423","json":"https://patentable.app/api/llm-context/US-11277423","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-30T14:57:08.390Z"}