{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-11956260","patent":{"patent_number":"US-11956260","title":"Attack monitoring service that selectively analyzes connection graphs for suspected attack paths","assignee":null,"inventors":[],"filing_date":"2023-05-08T00:00:00.000Z","publication_date":"2024-04-09T00:00:00.000Z","cpc_codes":["H04L","G06F","H04L","H04L","H04L"],"num_claims":19,"abstract":"Systems and methods are disclosed to implement a cyberattack detection system that monitors a computer network for lateral movement. In embodiments, the system uses network data from a computer network to build a baseline of connection behaviors for the network. Connection graphs are generated from new network data that indicate groups of nodes that made connections with one another during a last time interval. The graphs are analyzed for connection behavior anomalies and ranked to determine a subset of graphs with suspected lateral movement. Graphs with suspected lateral movement may be further analyzed to determine a set of possible attack paths in the lateral movements. The suspected attack paths are reported to network administrators via a notification interface. Advantageously, the disclosed system is able to detect potential lateral movements in localized portions of a network by monitoring for connection behavior anomalies in network data gathered from the network."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Attack monitoring service that selectively analyzes connection graphs for suspected attack paths","description":"Systems and methods are disclosed to implement a cyberattack detection system that monitors a computer network for lateral movement. In embodiments, the system uses network data from a computer networ","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-11956260","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-11956260","citation_suggestion":"Patentable. \"Attack monitoring service that selectively analyzes connection graphs for suspected attack paths\" (US-11956260). https://patentable.app/patents/US-11956260","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-11956260","json":"https://patentable.app/api/llm-context/US-11956260","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-31T09:44:48.673Z"}