18269982. METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS simplified abstract (Telefonaktiebolaget LM Ericsson (publ))
Contents
- 1 METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Unanswered Questions
- 1.11 Original Abstract Submitted
METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS
Organization Name
Telefonaktiebolaget LM Ericsson (publ)
Inventor(s)
Mahesh Babu Jayaraman of Bangalore (IN)
Kavita Padmanabhan of Bangalore (IN)
METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS - A simplified explanation of the abstract
This abstract first appeared for US patent application 18269982 titled 'METHOD AND NETWORK NODE FOR DETECTING ANOMALOUS ACCESS BEHAVIOURS
Simplified Explanation
The abstract describes a method for detecting anomalous access behaviors in a communication network by analyzing session logs and extracting session features to determine access behaviors associated with each session.
- The method involves obtaining session logs from network nodes, extracting session features, determining access behaviors based on the features, and detecting anomalous access behaviors through analysis.
- Access behaviors include session characteristics, user access characteristics, network node access characteristics, and command usage characteristics.
Potential Applications
This technology could be applied in various industries such as cybersecurity, network monitoring, and anomaly detection systems.
Problems Solved
This technology helps in identifying and preventing unauthorized access, security breaches, and abnormal activities within a communication network.
Benefits
The benefits of this technology include enhanced network security, early detection of potential threats, and improved overall network performance.
Potential Commercial Applications
One potential commercial application of this technology could be in the development of advanced intrusion detection systems for businesses and organizations.
Possible Prior Art
One possible prior art for this technology could be existing anomaly detection systems used in cybersecurity and network monitoring.
Unanswered Questions
How does this technology handle false positives in detecting anomalous access behaviors?
The method does not specify how it distinguishes between true anomalies and false positives in the detection process.
What is the scalability of this technology for large-scale communication networks?
The abstract does not mention the scalability of the method for detecting anomalous access behaviors in a network with a high number of nodes and sessions.
Original Abstract Submitted
Embodiments of the present disclosure provide a method, a network node, and a computer program product for detecting anomalous access behaviours in a plurality of network nodes in a communication network. The method is performed in a network in the communication network. The method includes obtaining session logs associated with the plurality of network nodes in the communication network. The method includes extracting session features for each session by evaluating the session logs associated with the plurality of network nodes. Further, the method includes determining access behaviours associated with each session based on the extracted session features, the access behaviours associated with each session including a representation indicative of one or more of session characteristics, user access characteristics, network node access characteristics and command usage characteristics. The method further includes detecting (S14) anomalous access behaviours by analysing the determined access behaviours.