System For Convergence Of Alarms From Medical Equipment
US-2016148496-A1 · May 26, 2016 · US
System, apparatus, and method for detecting home anomalies
US9712549B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9712549-B2 |
| Application number | US-201514592707-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 8, 2015 |
| Priority date | Jan 8, 2015 |
| Publication date | Jul 18, 2017 |
| Grant date | Jul 18, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An anomaly detection system includes appliances connected to a network and circuitry configured to receive statuses of the appliances. Patterns of use are determined for the appliances including time periods in which the appliances are most likely to be used. The circuitry is also configured to determine that anomalous events have occurred when an amount of deviation from a normal baseline status for the appliances is greater than a predetermined threshold. Cyber-attack events are detected based on changes to network configuration settings of the appliances. Alerts are output to an external device based on the one or more anomalous events and/or cyber-attack events related to the appliances. The patterns of use are updated based on the status of the appliances and a response from the external device related to the anomalous events or cyber-attack events.
First claim
Opening claim text (preview).
The invention claimed is: 1. An anomaly detection system comprising: at least one appliance configured to connect to at least one network; and circuitry configured to receive, from the at least one appliance, a status based on at least one of a setting, an operational sate, or sensor values associated with the at least one appliance, monitor the received status of the at least one appliance over one or more periods of time including at least one of a time of day, day of a week, or season to generate historical data for the status of the at least one appliance, determine patterns of use for the at least one appliance by applying learning techniques to the generated historical data of the at least one appliance, determine a normal baseline status based on the patterns of use of the at least one appliance, determine, based on the patterns of use, one or more anomalous events have occurred when an amount of deviation in the status of the at least one appliance from the normal baseline status for the at least one appliance is greater than a predetermined threshold, detect that the one or more anomalous events are cyber-attack events based on changes to network configuration settings of the at least one appliance, classify the one or more anomalous events as at least one of an appliance failure, an attack, and danger to a homeowner based on the status of the at least one appliance and the patterns of use, wherein the circuitry classifies an anomalous event as a danger to homeowner based on an absence of appliance use without a received indication that the homeowner is away from home, update the patterns of use for the at least one appliance based on at least one of the status of the at least one appliance and a response from the at least one external device related to the one or more anomalous events, determine, based on the patterns of use of the at least one appliance, a predetermined sampling rate for receiving the status of the at least one appliance wherein the predetermined sampling rate increases as a probability of use of the at least one appliance increases, and output alerts, to at least one external device, based the determining of an occurrence of an anomalous event and based on the classification of the anomalous event. 2. The system of claim 1 , wherein the at least one appliance is operated remotely via the at least one external device. 3. The system of claim 1 , wherein the circuitry is further configured to output the alerts to the at least one external device via at least one of a text message, email, voice call, or application notification. 4. The system of claim 3 , wherein the circuitry is further configured to prioritize the alerts based on a predetermined severity level of the one or more anomalous events. 5. The system of claim 4 , wherein the circuitry is further configured to output the alerts to a secondary external device when a first predetermined time period of non-response from the at least one external device has passed. 6. The system of claim 5 , wherein the circuitry is further configured to output the alerts to an emergency response system when a second predetermined time period of non-response from the secondary external device has passed. 7. The system of claim 5 , wherein the circuitry is further configured to confirm an abnormality of the one or more anomalous events based on the response received from the at least one external device. 8. The system of claim 1 , wherein the circuitry is further configured to monitor and control distribution to the at least one appliance via a smart grid. 9. The system of claim 8 , wherein the circuitry is further configured to determine the one or more anomalous events based on detected changes in at least one of voltage and current for the at least one appliance based on input from a smart grid serving the at least one appliance. 10. The system of claim 9 , wherein the circuitry is further configured to detect power failures at the at least one appliance based on a loss of the voltage or the current supplied to the at least one appliance by the smart grid. 11. The system of claim 1 , wherein the circuitry is further configured to detect the cyber-attack events based on at least one of a reduction in communication speed for the at least one network, a compromising of an IP address of the at least one appliance, and an execution of malicious software. 12. The system of claim 1 , wherein the circuitry is further configured to determine the probability of use of the at least one appliance based on a time of day. 13. The system of claim 12 , wherein the circuitry is further configured to determine the probability of use of the at least one appliance based on at least one of a week, month, season, or year. 14. The system of claim 1 , wherein the circuitry is further configured to determine one or more normal events have occurred when the amount of deviation from the normal baseline status is less than the predetermined threshold. 15. The system of claim 1 , wherein the circuitry is further configured to classify the one or more anomalous events as at least one of failures, attacks, or dangers to a homeowner based on the status of the at least one appliance and the patterns of use. 16. The system of claim 15 , wherein the circuitry is further configured to prioritize the attacks and the dangers to the homeowner higher than the failures. 17. The system of claim 1 , wherein the circuitry receives power from more than one redundant power source. 18. An apparatus for detecting anomalous events, comprising: circuitry configured to receive, from at least one appliance, a status based on at least one of a setting, an operational sate, or sensor values associated with the at least one appliance, monitor the received status of the at least one appliance over one or more periods of time including at least one of a time of day, day of a week, or season to generate historical data for the status of the at least one appliance, determine patterns of use for the at least one appliance by applying learning techniques to the generated historical data of the at least one appliance, determine a normal baseline status based on the patterns of use of the at least one appliance, determine, based on the patterns of use, one or more anomalous events have occurred when an amount of deviation in the status of the at least one appliance from the normal baseline status for the at least one appliance is greater than a predetermined threshold, detect that the one or more anomalous events are cyber-attack events based on changes to network configuration settings of the at least one appliance, classify the one or more anomalous events as at least one of an appliance failure, an attack, and danger to a homeowner based on the status of the at least one appliance and the patterns of use, wherein the circuitry classifies an anomalous event as a danger to homeowner based on an absence of appliance use without a received indication that the homeowner is away from home, update the patterns of use for the at least one appliance based on at least one of the status of the at least one appliance and a response from the at least one external device related to the one or more anomalous events or the cyber-attack events, determine, based on the patterns of use of the at least one appliance, a predetermined sampling rate for receiving the status of the at least one appliance wherein the predetermined sampling rate increases as a probability of use of the at least one appliance increases, and output alerts, to at least one exte
Assignees
Inventors
Classifications
Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks · CPC title
the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms · CPC title
Event detection, e.g. attack signature detection · CPC title
- H04L63/1425Primary
Traffic logging, e.g. anomaly detection · CPC title
Information technology specific aspects, e.g. CAD, simulation, modelling, system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9712549B2 cover?
- An anomaly detection system includes appliances connected to a network and circuitry configured to receive statuses of the appliances. Patterns of use are determined for the appliances including time periods in which the appliances are most likely to be used. The circuitry is also configured to determine that anomalous events have occurred when an amount of deviation from a normal baseline stat…
- Who is the assignee on this patent?
- Almurayh Abdullah Saeed, Univ Imam Abdulrahman Bin Faisal
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1425. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 18 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).