What technology area does this patent fall under?

Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu Jul 19 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Near Real-Time System or Network Incident Detection

US2018205751A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2018205751-A1
Application number	US-201715406059-A
Country	US
Kind code	A1
Filing date	Jan 13, 2017
Priority date	Jan 13, 2017
Publication date	Jul 19, 2018
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Systems and arrangements for performing a textual analysis to identify incidents likely to cause a significant business impact are provided. Historical data related to previously occurring incidents may be analyzed to determine a magnitude of impact of the incident. The magnitude may be compared to a predetermined threshold and, if above the threshold, the incident may be flagged as having a significant business impact. If the magnitude is below the threshold, the incident may be flagged as not having a significant business impact. The incidents in each group may then be analyzed to identify keywords, combinations, and/or sequences having a strong correlation to incidents having a significant business impact and incidents not having a significant business impact, which may form inclusion and exclusion criteria. Data from newly received incidents may be compared to the inclusion and exclusion criteria to determine whether the incident is likely to have a significant business impact.

First claim

Opening claim text (preview).

What is claimed is: 1 . A system or network incident detection and analysis computing system, comprising: at least one processor; a communication interface communicatively coupled to the at least one processor; and at least one memory storing computer-readable instructions that, when executed by the at least one processor, cause a textual analysis computing device of the system or network incident detection and analysis computing system to: receive and analyze historical system or network incident data including a plurality of historical incidents; quantify each historical incident of the plurality of historical incidents to determine a quantified magnitude of an impact of each historical incident; compare the quantified magnitude of the impact of each historical incident to a predetermined threshold to identify historical incidents having a quantified magnitude at or above the predetermined threshold and historical incidents having a quantified impact below the predetermined threshold; group historical incidents having a quantified impact at or above the predetermined threshold; group the historical incidents having a quantified impact below the predetermined threshold; perform a keyword analysis on the incidents having a quantified impact at or above the predetermined threshold to identify a first plurality of keywords in the incidents having a quantified impact at or above the predetermined threshold; analyze the identified first plurality of keywords to identify at least one combination of keywords of the first plurality of keywords having a correlation to at least one incident having a quantified impact at or above the predetermined threshold; perform a keyword analysis on the incidents having a quantified impact below the predetermined threshold to identify a second plurality of keywords in the incidents having a quantified impact below the predetermined threshold; analyze the identified second plurality of keywords to identify at least one combination of keywords of the second plurality of keywords having a correlation to at least one incident having a quantified impact below the predetermined threshold; based on the identified at least one combination of keywords of the first plurality of keywords, determine inclusion criteria for identifying incidents likely to have an impact above the predetermined threshold; based on the identified at least one combination of keywords of the second plurality of keywords, determine exclusion criteria for identifying incidents not likely to have an impact above the predetermined threshold; receive an incident and associated data; parse the associated data to identify one or more keywords; and evaluate the incident by comparing the identified one or more keywords to the inclusion criteria and the exclusion criteria to determine whether the incident is likely to have an impact above the predetermined threshold. 2 . The system or network incident detection and analysis computing system of claim 1 , further including instructions that, when executed, cause the textual analysis computing device to: analyze the identified first plurality of keywords to identify a first plurality of combinations of keywords of the first plurality of keywords having a correlation to at least one incident having a quantified impact at or above the predetermined threshold; analyze the first plurality of combinations of keywords of the first plurality of keywords to identify at least a first sequence of keywords having a correlation to at least one incident having a quantified impact at or above the predetermined threshold; analyze the identified second plurality of keywords to identify a second plurality of combinations of keywords of the second plurality of keywords having a correlation to at least one incident having a quantified impact below the predetermined threshold; and analyze the second plurality of combinations to identify at least a second sequence of keywords having a correlation to at least one incident having a quantified impact below the predetermined threshold. 3 . The system or network incident detection and analysis computing system of claim 2 , further including instructions that, when executed, cause the textual analysis computing device to: determine the inclusion criteria further based on the first plurality of combinations and the at least one sequence; and determine the exclusion criteria further based on the second plurality of combinations and the at least a second sequence. 4 . The system or network incident detection and analysis computing system of claim 1 , wherein evaluating the incident to determine whether it is likely to have an impact above the predetermined threshold based on the inclusion criteria and exclusion criteria further includes: responsive to determining that the received incident includes at least one combination of the first plurality of combinations and a sequence matching the inclusion criteria, flagging the incident as likely to have an impact at or above the predetermined threshold; and responsive to determining that the received incident includes at least one combination of the second plurality of combinations and a sequence matching the exclusion criteria, flagging the incident as likely to have an impact below the predetermined threshold. 5 . The system or network incident detection and analysis computing system of claim 4 , wherein flagging the incident as likely to have an impact at or above the predetermined threshold further includes transmitting the incident for priority action. 6 . The system or network incident detection and analysis computing system of claim 4 , wherein flagging the incident as likely to have an impact below the predetermined threshold further includes transmitting the incident with an indication that priority action does not apply. 7 . The system or network incident detection and analysis computing system of claim 1 , wherein the received data associated with the incident includes free-form text. 8 . A method, comprising: receiving and analyzing, by a system or network incident detection and analysis computing system, historical system or network incident data including a plurality of historical incidents; quantifying, by the system or network incident detection and analysis computing system, each historical incident of the plurality of historical incidents to determine a quantified magnitude of an impact of each historical incident; comparing, by the system or network incident detection and analysis computing system, the quantified magnitude of the impact of each historical incident to a predetermined threshold to identify historical incidents having a quantified magnitude at or above the predetermined threshold and historical incidents having a quantified impact below the predetermined threshold; grouping, by the system or network incident detection and analysis computing system, historical incidents having a quantified impact at or above the predetermined threshold; grouping, by the system or network incident detection and analysis computing system, the historical incidents having a quantified impact below the predetermined threshold; performing, by the system or network incident detection and analysis computing system, a keyword analysis on the incidents having a quantified impact at or above the predetermined threshold to identify a first plurality of keywords in the incidents having a quantified impact at or above the predetermined threshold; analyzing, by the system or network incident detection and analysis computing system, the identified first plurality of keywords to identify at least one combination of keywords of the first plurality of keywords having a correlation to at least one incident having a qu

Assignees

Bank Of America

Inventors

Classifications

G06F2221/034
Test or assess a computer or a system · CPC title
H04L63/1425Primary
Traffic logging, e.g. anomaly detection · CPC title
G06F21/552
involving long-term monitoring or reporting · CPC title

Patent family

Related publications grouped by family.

View patent family 62841733

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2018205751A1 cover?: Systems and arrangements for performing a textual analysis to identify incidents likely to cause a significant business impact are provided. Historical data related to previously occurring incidents may be analyzed to determine a magnitude of impact of the incident. The magnitude may be compared to a predetermined threshold and, if above the threshold, the incident may be flagged as having a si…
Who is the assignee on this patent?: Bank Of America
What technology area does this patent fall under?: Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu Jul 19 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).