US 12,464,005 B1
Intelligent search network for time-based detection of compromised network nodes
Elise C. Soderholm, Eagan, MN (US); Sarah Margaret Bettendorf Larson, Clearwater, MN (US); Adam Michael Tangen, Minneapolis, MN (US); Christopher Kallas, Grafton, WI (US); and Xiaoqiao Wei, Rancho Mission Viejo, CA (US)
Assigned to U.S. BANCORP, NATIONAL ASSOCIATION, Minneapolis, MN (US)
Filed by U.S. Bancorp, National Association, Minneapolis, MN (US)
Filed on Jun. 25, 2025, as Appl. No. 19/249,918.
Application 19/249,918 is a continuation of application No. 19/196,527, filed on May 1, 2025, granted, now 12,375,518.
Application 19/196,527 is a continuation of application No. 19/040,705, filed on Jan. 29, 2025, granted, now 12,316,664, issued on May 27, 2025.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/1425 (2013.01) [H04L 63/1416 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method comprising:
obtaining, from an out-of-network data source, an anomaly indication for an event type associated with a set of event participant identifiers indicated by temporal sequences for a network;
generating, by analyzing sub-sequences within the temporal sequences for edge nodes indicating periods of inactivity, sets of event rate gradients associated with sets of time blocks based on event rates for events of the event type indicated by the temporal sequences;
determining a set of compromised nodes by selecting a set of time blocks for which an associated set of event rate gradients falls below an acceleration threshold; and
performing a search through the temporal sequences based on an expanded time window and the event type to obtain the set of compromised nodes.