Client-driven randomized and changing media access control (mac) address (rcm) mechanism
US-2024422202-A1 · Dec 19, 2024 · US
Community-Based Anomaly Detection Policy Sharing Among Organizations
US2020244705A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2020244705-A1 |
| Application number | US-201916257351-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jan 25, 2019 |
| Priority date | Jan 25, 2019 |
| Publication date | Jul 30, 2020 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques are provided for community-based anomaly detection policy sharing among organizations. One method comprises obtaining a cluster of organizations derived from clustering multiple organizations based on predefined clustering parameters; obtaining multiple policies from the organizations in the cluster; selecting one of the obtained plurality of policies based on a predefined policy sharing criteria; and sharing the selected policy with one or more of the organizations in the cluster. A use of the selected policy by one or more of the organizations is optionally simulated to evaluate a performance of the selected policy. The selected policy is optionally normalized and/or abstracted prior to being shared with organizations in the at least one cluster. A given policy obtained from the organizations in the cluster is optionally weighted based on an influence rating of one or more source organizations that provided the given policy.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method, comprising: obtaining at least one cluster of organizations derived from clustering a plurality of organizations based on one or more predefined clustering parameters; obtaining a plurality of policies from at least one of the plurality of organizations in the at least one cluster; selecting, using at least one processing device, at least one of the obtained plurality of policies based on a predefined policy sharing criteria; and sharing the at least one selected policy with one or more of the plurality of organizations in the at least one cluster. 2 . The method of claim 1 , further comprising the step of simulating a use of the at least one selected policy by one or more of the plurality of organizations to evaluate a performance of the at least one selected policy. 3 . The method of claim 1 , further comprising the step of normalizing the at least one selected policy prior to the sharing step. 4 . The method of claim 1 , further comprising the step of abstracting the at least one selected policy prior to the sharing step. 5 . The method of claim 1 , wherein the predefined clustering parameters comprise one or more of an industry type, a number of users, a number of locations, a number of protected applications, an application type, a customer characterization and an overall security score. 6 . The method of claim 1 , wherein the predefined policy sharing criteria comprises one or more of a percentage and a number of the plurality of organizations that employ the at least one selected policy prior to the sharing. 7 . The method of claim 1 , further comprising the step of ranking the at least one selected policy based on an indicator of importance. 8 . The method of claim 1 , further comprising the step of weighting a given policy obtained from the plurality of organizations in the at least one cluster based on an influence rating of one or more source organizations that provided the given policy. 9 . A system, comprising: a memory; and at least one processing device, coupled to the memory, operative to implement the following steps: obtaining at least one cluster of organizations derived from clustering a plurality of organizations based on one or more predefined clustering parameters; obtaining a plurality of policies from at least one of the plurality of organizations in the at least one cluster; selecting at least one of the obtained plurality of policies based on a predefined policy sharing criteria; and sharing the at least one selected policy with one or more of the plurality of organizations in the at least one cluster. 10 . The system of claim 9 , further comprising the step of simulating a use of the at least one selected policy by one or more of the plurality of organizations to evaluate a performance of the at least one selected policy. 11 . The system of claim 9 , further comprising the step of one or more of normalizing and abstracting the at least one selected policy prior to the sharing step. 12 . The system of claim 9 , wherein the predefined clustering parameters comprise one or more of an industry type, a number of users, a number of locations, a number of protected applications, an application type, a customer characterization and an overall security score. 13 . The system of claim 9 , further comprising the step of ranking the at least one selected policy based on an indicator of importance. 14 . The system of claim 9 , further comprising the step of weighting a given policy obtained from the plurality of organizations in the at least one cluster based on an influence rating of one or more source organizations that provided the given policy. 15 . A computer program product, comprising a tangible machine-readable storage medium having encoded therein executable code of one or more software programs, wherein the one or more software programs when executed by at least one processing device perform the following steps: obtaining at least one cluster of organizations derived from clustering a plurality of organizations based on one or more predefined clustering parameters; obtaining a plurality of policies from at least one of the plurality of organizations in the at least one cluster; selecting at least one of the obtained plurality of policies based on a predefined policy sharing criteria; and sharing the at least one selected policy with one or more of the plurality of organizations in the at least one cluster. 16 . The computer program product of claim 15 , further comprising the step of simulating a use of the at least one selected policy by one or more of the plurality of organizations to evaluate a performance of the at least one selected policy. 17 . The computer program product of claim 15 , further comprising the step of one or more of normalizing and abstracting the at least one selected policy prior to the sharing step. 18 . The computer program product of claim 15 , wherein the predefined clustering parameters comprise one or more of an industry type, a number of users, a number of locations, a number of protected applications, an application type, a customer characterization and an overall security score. 19 . The computer program product of claim 15 , further comprising the step of ranking the at least one selected policy based on an indicator of importance. 20 . The computer program product of claim 15 , further comprising the step of weighting a given policy obtained from the plurality of organizations in the at least one cluster based on an influence rating of one or more source organizations that provided the given policy.
Assignees
Inventors
Classifications
- H04L63/205Primary
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
- G06Q10/0639Primary
Performance analysis of employees; Performance analysis of enterprise or organisation operations · CPC title
involving simulating, designing, planning or modelling of a network · CPC title
Assignment of logical groups to network elements · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2020244705A1 cover?
- Techniques are provided for community-based anomaly detection policy sharing among organizations. One method comprises obtaining a cluster of organizations derived from clustering multiple organizations based on predefined clustering parameters; obtaining multiple policies from the organizations in the cluster; selecting one of the obtained plurality of policies based on a predefined policy sha…
- Who is the assignee on this patent?
- Emc Ip Holding Co Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/205. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jul 30 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).