20240031378. ANOMALY DETECTION USING EMBEDDING SPACE REPRESENTATION OF SYSTEM STATES simplified abstract (Red Bend Ltd.)
ANOMALY DETECTION USING EMBEDDING SPACE REPRESENTATION OF SYSTEM STATES
Organization Name
Inventor(s)
Shachar Mendelowitz of Hertzeliya (IL)
ANOMALY DETECTION USING EMBEDDING SPACE REPRESENTATION OF SYSTEM STATES - A simplified explanation of the abstract
This abstract first appeared for US patent application 20240031378 titled 'ANOMALY DETECTION USING EMBEDDING SPACE REPRESENTATION OF SYSTEM STATES
Simplified Explanation
The patent application describes a method, system, and computer program product for detecting anomalies in system states using an embedding space representation. The system trains an anomaly detection model using an algorithm and reference vectors obtained through an embedding space representation process. The process maps system state snapshots from a training dataset to single point vectors in an embedding space, capturing features of each process operating in the system.
When a testing dataset is received, the system obtains vectors in the embedding space for each system state snapshot using the embedding space representation process. The anomaly detection model is then used to determine if any of the vectors indicate a cyber-attack on the system.
- Anomaly detection using embedding space representation of system states
- Training an anomaly detection model with an algorithm and reference vectors
- Mapping system state snapshots to single point vectors in an embedding space
- Capturing features of each process operating in the system
- Obtaining vectors in the embedding space for system state snapshots in a testing dataset
- Using the anomaly detection model to identify vectors indicative of a cyber-attack
Potential Applications
- Cybersecurity: Detecting cyber-attacks on systems by analyzing system state snapshots
- Intrusion Detection: Identifying anomalies in system states to detect unauthorized access or malicious activities
Problems Solved
- Early Detection: Detecting anomalies in system states before they cause significant damage or data breaches
- Efficient Analysis: Utilizing embedding space representation to efficiently analyze system state snapshots and identify potential cyber-attacks
Benefits
- Improved Security: Enhancing the ability to detect and prevent cyber-attacks on systems
- Real-time Monitoring: Providing real-time monitoring and detection of anomalies in system states
- Reduced False Positives: Minimizing false positive alerts by using an anomaly detection model trained with reference vectors
Original Abstract Submitted
a method, system, and computer program product for anomaly detection using embedding space representation of system states. an anomaly detection model is trained using an anomaly detection algorithm and a plurality of reference vectors obtained using an embedding space representation process configured for mapping to a single point vector in an embedding space each of a plurality of system state snapshots comprised in a training dataset and each capturing during a defined time window a plurality of features of each process operating in the system. responsive to receiving a testing dataset comprising one or more system state snapshots, one or more vectors in the embedding space are obtained using the embedding space representation process for mapping each system state snapshot in the testing dataset, and the anomaly detection model is used to determine whether a vector of the one or more vectors being indicative of a cyber-attack on the system.
