Ranking content using sharing attribution
US-10372768-B1 · Aug 6, 2019 · US
Community-based anomaly detection policy sharing among organizations
US11283841B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11283841-B2 |
| Application number | US-201916257351-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 25, 2019 |
| Priority date | Jan 25, 2019 |
| Publication date | Mar 22, 2022 |
| Grant date | Mar 22, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques are provided for community-based anomaly detection policy sharing among organizations. One method comprises obtaining a cluster of organizations derived from clustering multiple organizations based on predefined clustering parameters; obtaining multiple policies from the organizations in the cluster; selecting one of the obtained plurality of policies based on a predefined policy sharing criteria; and sharing the selected policy with one or more of the organizations in the cluster. A use of the selected policy by one or more of the organizations may be simulated to evaluate a performance of the selected policy. The selected policy may be normalized and/or abstracted prior to being shared with organizations in the cluster. A given policy obtained from the organizations in the cluster may be weighted based on an influence rating of one or more source organizations that provided the given policy.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: obtaining a first cluster, of a plurality of clusters, comprised of a plurality of first organizations derived from clustering a plurality of organizations based on one or more predefined clustering parameters; obtaining a plurality of policies from at least one of the plurality of first organizations in the first cluster; selecting, using at least one processing device, at least one of the obtained plurality of policies based at least in part on one or more of: (i) a percentage and (ii) a total number of first organizations in the first cluster that employ the at least one selected policy; and sharing the at least one selected policy with one or more of the first organizations in the first cluster, wherein the total number of first organizations in the first cluster that employ the at least one selected policy is determined prior to the sharing; wherein the method is performed by at least one processing device comprising a processor coupled to a memory. 2. The method of claim 1 , further comprising simulating a use of the at least one selected policy by one or more of the plurality of organizations to evaluate a performance of the at least one selected policy. 3. The method of claim 1 , further comprising normalizing the at least one selected policy prior to the sharing step. 4. The method of claim 1 , further comprising abstracting the at least one selected policy prior to the sharing step. 5. The method of claim 1 , wherein the predefined clustering parameters comprise one or more of an industry type, a number of users, a number of locations, a number of protected applications, an application type, a customer characterization and an overall security score. 6. The method of claim 1 , further comprising ranking the at least one selected policy based at least in part on the percentage of first organizations that share each of the plurality of policies as an indicator of importance. 7. The method of claim 1 , further comprising weighting a given policy obtained from the plurality of first organizations in the first cluster based on an influence rating of one or more source organizations that provided the given policy. 8. The method of claim 1 , further comprising determining whether to share the at least one selected policy to each of the first organizations that did not employ the at least one selected policy prior to the sharing. 9. A system, comprising: a memory; and at least one processing device, coupled to the memory, operative to implement the following steps: obtaining a first cluster, of a plurality of clusters, comprised of a plurality of first organizations derived from clustering a plurality of organizations based on one or more predefined clustering parameters; obtaining a plurality of policies from at least one of the plurality of first organizations in the first cluster; selecting, using at least one processing device, at least one of the obtained plurality of policies based at least in part on one or more of: (i) a percentage and (ii) a total number of first organizations in the first cluster that employ the at least one selected policy; and sharing the at least one selected policy with one or more of the first organizations in the first cluster, wherein the total number of first organizations in the first cluster that employ the at least one selected policy is determined prior to the sharing. 10. The system of claim 9 , further comprising the step of simulating a use of the at least one selected policy by one or more of the plurality of organizations to evaluate a performance of the at least one selected policy. 11. The system of claim 9 , further comprising the step of one or more of normalizing and abstracting the at least one selected policy prior to the sharing step. 12. The system of claim 9 , wherein the predefined clustering parameters comprise one or more of an industry type, a number of users, a number of locations, a number of protected applications, an application type, a customer characterization and an overall security score. 13. The system of claim 9 , further comprising the step of ranking the at least one selected policy based at least in part on the percentage of first organizations that share each of the plurality of policies as an indicator of importance. 14. The system of claim 9 , further comprising the step of weighting a given policy obtained from the plurality of first organizations in the first cluster based on an influence rating of one or more source organizations that provided the given policy. 15. A computer program product, comprising a non-transitory machine-readable storage medium having encoded therein executable code of one or more software programs, wherein the one or more software programs when executed by at least one processing device perform the following steps: obtaining a first cluster, of a plurality of clusters, comprised of a plurality of first organizations derived from clustering a plurality of organizations based on one or more predefined clustering parameters; obtaining a plurality of policies from at least one of the plurality of first organizations in the first cluster; selecting, using at least one processing device, at least one of the obtained plurality of policies based at least in part on one or more of: (i) a percentage and (ii) a total number of first organizations in the first cluster that employ the at least one selected policy; and sharing the at least one selected policy with one or more of the first organizations in the first cluster, wherein the total number of first organizations in the first cluster that employ the at least one selected policy is determined prior to the sharing. 16. The computer program product of claim 15 , further comprising the step of simulating a use of the at least one selected policy by one or more of the plurality of organizations to evaluate a performance of the at least one selected policy. 17. The computer program product of claim 15 , further comprising the step of one or more of normalizing and abstracting the at least one selected policy prior to the sharing step. 18. The computer program product of claim 15 , wherein the predefined clustering parameters comprise one or more of an industry type, a number of users, a number of locations, a number of protected applications, an application type, a customer characterization and an overall security score. 19. The computer program product of claim 15 , further comprising the step of ranking the at least one selected policy based at least in part on the percentage of first organizations that share each of the plurality of policies as an indicator of importance. 20. The computer program product of claim 15 , further comprising the step of weighting a given policy obtained from the plurality of first organizations in the first cluster based on an influence rating of one or more source organizations that provided the given policy.
Assignees
Inventors
Classifications
- H04L63/205Primary
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
- G06Q10/0639Primary
Performance analysis of employees; Performance analysis of enterprise or organisation operations · CPC title
Assignment of logical groups to network elements · CPC title
involving simulating, designing, planning or modelling of a network · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11283841B2 cover?
- Techniques are provided for community-based anomaly detection policy sharing among organizations. One method comprises obtaining a cluster of organizations derived from clustering multiple organizations based on predefined clustering parameters; obtaining multiple policies from the organizations in the cluster; selecting one of the obtained plurality of policies based on a predefined policy sha…
- Who is the assignee on this patent?
- Emc Ip Holding Co Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/205. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 22 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).