US 12,244,645 B2
Identifying outlier application connections to services with controlled confidence level and in real-time
Leonid Rodniansky, Allston, MA (US); Tania Butovsky, Needham, MA (US); and Mikhail Shpak, New York, NY (US)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Sep. 28, 2022, as Appl. No. 17/955,109.
Prior Publication US 2024/0106860 A1, Mar. 28, 2024
Int. Cl. H04L 9/40 (2022.01); H04L 41/16 (2022.01); H04L 43/0811 (2022.01)
CPC H04L 63/20 (2013.01) [H04L 41/16 (2013.01); H04L 43/0811 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
identifying one or more connections between a client application and one or more services, over a communication network;
determining to switch from an outlier connection learning phase to an outlier connection detection phase based on the identified or more connections, comprising:
determining, in real-time and based on a confidence level and a number of previously analyzed connections, to switch to the outlier connection detection phase;
determining, based on the switch to the outlier connection detection phase, that a first connection of the identified one or more connections is an outlier connection; and
acting to reduce a security risk relating to the first connection.