{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-9825978","patent":{"patent_number":"US-9825978","title":"Lateral movement detection","assignee":null,"inventors":[],"filing_date":"2017-01-16T00:00:00.000Z","publication_date":"2017-11-21T00:00:00.000Z","cpc_codes":["H04L","H04L","H04L","H04L","H04L"],"num_claims":20,"abstract":"Lateral movement detection may be performed by employing different detection models to score logon sessions. The different detection models may be implemented by and/or utilize counts computed from historical security event data. The different detection models may include probabilistic intrusion detection models for detecting compromised behavior based on logon behavior, a sequence of security events observed during a logon session, inter-event time between security events observed during a logon session, and/or an attempt to logon using explicit credentials. Scores for each logon session that are output by the different detection models may be combined to generate a ranking score for each logon session. A list of ranked alerts may be generated based on the ranking score for each logon session to identify compromised authorized accounts and/or compromised machines. An attack graph may be automatically generated based on compromised account-machine pairs to visually display probable paths of an attacker."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Lateral movement detection","description":"Lateral movement detection may be performed by employing different detection models to score logon sessions. The different detection models may be implemented by and/or utilize counts computed from hi","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-9825978","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-9825978","citation_suggestion":"Patentable. \"Lateral movement detection\" (US-9825978). https://patentable.app/patents/US-9825978","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-9825978","json":"https://patentable.app/api/llm-context/US-9825978","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-06-06T06:07:20.960Z"}