公开(公告)号：US10824535B1

公开(公告)日：2020-11-03

申请号：US16266447

申请日：2019-02-04

Applicant: State Farm Mutual Automobile Insurance Company

Inventor： Rajiv Shah ,  Shannon Morrison ,  Jeremy Cunningham ,  Taylor Smith ,  Sripriya Sundararaman ,  Jing Wan ,  Jeffrey Hevrin ,  Ronald Duehr ,  Brad Sliz ,  Lucas Allen

IPC: G06F11/00 ,  G06F11/34 ,  G06F11/30

Abstract: A computer-implemented method for determining features of a dataset that are indicative of anomalous behavior of one or more computers in a large group of computers comprises (1) receiving log files including a plurality of entries of data regarding connections between a plurality of computers belonging to an organization and a plurality of websites outside the organization, each entry being associated with the actions of one computer, (2) executing a time series decomposition algorithm on a portion of the features of the data to generate a first list of features, (3) implementing a plurality of traffic dispersion graphs to generate a second list of features, and (4) implementing an autoencoder and a random forest regressor to generate a third list of features.

公开(公告)号：US11321214B1

公开(公告)日：2022-05-03

申请号：US17068821

申请日：2020-10-12

Applicant: STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANY

Inventor： Rajiv Shah ,  Shannon Morrison ,  Jeremy Cunningham ,  Taylor Smith ,  Sripriya Sundararaman ,  Jing Wan ,  Jeffrey Hevrin ,  Ronald Duehr ,  Brad Sliz ,  Lucas Allen

IPC: G06F11/00 ,  G06F11/34 ,  G06F11/30

Abstract: A computer-implemented method for determining features of a dataset that are indicative of anomalous behavior of one or more computers in a large group of computers comprises (1) receiving log files including a plurality of entries of data regarding connections between a plurality of computers belonging to an organization and a plurality of websites outside the organization, each entry being associated with the actions of one computer, (2) executing a time series decomposition algorithm on a portion of the features of the data to generate a first list of features, (3) implementing a plurality of traffic dispersion graphs to generate a second list of features, and (4) implementing an autoencoder and a random forest regressor to generate a third list of features.

公开(公告)号：US10652257B1

公开(公告)日：2020-05-12

申请号：US15643716

申请日：2017-07-07

Applicant: STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANY

Inventor： Rajiv Shah ,  Shannon Morrison ,  Jeremy Cunningham ,  Taylor Smith ,  Sripriya Sundararaman ,  Jing Wan ,  Jeffrey Hevrin ,  Ronald Duehr ,  Brad Sliz ,  Lucas Allen

IPC: H04L29/06

Abstract: A computer-implemented method for detecting anomalous behavior of one or more computers in a large group of computers comprises (1) receiving log files including a plurality of entries of data regarding connections between a plurality of computers belonging to an organization and a plurality of websites outside the organization, each entry being associated with the actions of one computer, (2) applying a first plurality of algorithms to determine features of the data which may contribute to anomalous behavior of the computers, and (3) applying a second plurality of algorithms to determine which computers are behaving anomalously based upon the features.

公开(公告)号：US10248533B1

公开(公告)日：2019-04-02

申请号：US15643757

申请日：2017-07-07

Applicant: STATE FARM MUTUAL AUTOMOBILE INSURANCE COMPANY

Inventor： Rajiv Shah ,  Shannon Morrison ,  Jeremy Cunningham ,  Taylor Smith ,  Sripriya Sundararaman ,  Jing Wan ,  Jeffrey Hevrin ,  Ronald Duehr ,  Brad Sliz ,  Lucas Allen

IPC: G06F11/00 ,  G06F11/34 ,  G06F11/30

Abstract: A computer-implemented method for determining features of a dataset that are indicative of anomalous behavior of one or more computers in a large group of computers comprises (1) receiving log files including a plurality of entries of data regarding connections between a plurality of computers belonging to an organization and a plurality of websites outside the organization, each entry being associated with the actions of one computer, (2) executing a time series decomposition algorithm on a portion of the features of the data to generate a first list of features, (3) implementing a plurality of traffic dispersion graphs to generate a second list of features, and (4) implementing an autoencoder and a random forest regressor to generate a third list of features.

公开(公告)号：US11310253B1

公开(公告)日：2022-04-19

申请号：US16842351

申请日：2020-04-07

Applicant: State Farm Mutual Automobile Insurance Company

Inventor： Rajiv Shah ,  Shannon Morrison ,  Jeremy Cunningham ,  Taylor Smith ,  Sripriya Sundararaman ,  Jing Wan ,  Jeffrey Hevrin ,  Ronald Duehr ,  Brad Sliz ,  Lucas Allen

IPC: H04L29/06

Abstract: A computer-implemented method for detecting anomalous behavior of one or more computers in a large group of computers comprises (1) receiving log files including a plurality of entries of data regarding connections between a plurality of computers belonging to an organization and a plurality of websites outside the organization, each entry being associated with the actions of one computer, (2) applying a first plurality of algorithms to determine features of the data which may contribute to anomalous behavior of the computers, and (3) applying a second plurality of algorithms to determine which computers are behaving anomalously based upon the features.