公开(公告)号：GB2529122A

公开(公告)日：2016-02-10

申请号：GB201521731

申请日：2014-02-24

Applicant: IBM

Inventor： CHRISTODORESCU MIHAI ,  HU XIN ,  SCHALES DOUGLAS LEE ,  SAILER REINER ,  STOECKLIN MARC P ,  WANG TING

IPC: G06F17/30

Abstract: A distributed feature collection and correlation engine is provided, Feature extraction comprises obtaining one or more data records; extracting information from the one or more data records based on domain knowledge; transforming the extracted information into a key/value pair comprised of a key K and a value V, wherein the key comprises a feature identifier; and storing the key/value pair in a feature store database if the key/value pair does not already exist in the feature store database using a de-duplication mechanism. Features extracted from data records can be queried by obtaining a feature store database comprised of the extracted features stored as a key/value pair comprised of a key K and a value V, wherein the key comprises a feature identifier; receiving a query comprised of at least one query key; retrieving values from the feature store database that match the query key; and returning one or more retrieved key/value pairs.

公开(公告)号：CA2874097C

公开(公告)日：2020-09-22

申请号：CA2874097

申请日：2013-03-21

Applicant: IBM

Inventor： CHRISTODORESCU MIHAI ,  RAO JOSYULA R ,  SAILER REINER ,  SCHALES DOUGLAS LEE

IPC: G06Q10/10 ,  H04L12/58

Abstract: Methods and apparatus are provided for detecting unauthorized bulk forwarding of sensitive data over a network. A bulk forwarding of email from a first network environment is automatically detected by determining an arrival rate for internal emails received from within the first network environment into one or more user accounts; determining a sending rate for external emails sent from the one or more user accounts to a second network environment; and detecting the bulk forwarding of email from a given user account by comparing the arrival rate for internal emails and the sending rate for external emails. The bulk forwarding of email from a given user account can be detected by determining whether statistical models of the arrival rate for internal emails and of the sending rate for external emails are correlated in time.

公开(公告)号：GB2515974A

公开(公告)日：2015-01-07

申请号：GB201420108

申请日：2013-03-21

Applicant: IBM

Inventor： CHRISTODORESCU MIHAI ,  RAO JOSYULA R ,  SAILER REINER ,  SCHALES DOUGLAS LEE

IPC: H04L12/58 ,  G06Q10/10

Abstract: Methods and apparatus are provided for detecting unauthorized bulk forwarding of sensitive data over a network. A bulk forwarding of email from a first network environment is automatically detected by determining an arrival rate for internal emails received from within the first network environment into one or more user accounts; determining a sending rate for external emails sent from the one or more user accounts to a second network environment; and detecting the bulk forwarding of email from a given user account by comparing the arrival rate for internal emails and the sending rate for external emails. The bulk forwarding of email from a given user account can be detected by determining whether statistical models of the arrival rate for internal emails and of the sending rate for external emails are correlated in time.

公开(公告)号：CA2874097A1

公开(公告)日：2013-12-19

申请号：CA2874097

申请日：2013-03-21

Applicant: IBM

Inventor： CHRISTODORESCU MIHAI ,  RAO JOSYULA R ,  SAILER REINER ,  SCHALES DOUGLAS LEE

IPC: G06Q10/10 ,  H04L12/58

Abstract: Methods and apparatus are provided for detecting unauthorized bulk forwarding of sensitive data over a network. A bulk forwarding of email from a first network environment is automatically detected by determining an arrival rate for internal emails received from within the first network environment into one or more user accounts; determining a sending rate for external emails sent from the one or more user accounts to a second network environment; and detecting the bulk forwarding of email from a given user account by comparing the arrival rate for internal emails and the sending rate for external emails. The bulk forwarding of email from a given user account can be detected by determining whether statistical models of the arrival rate for internal emails and of the sending rate for external emails are correlated in time.