| CPC H04L 63/1425 (2013.01) [G06F 15/76 (2013.01); G06N 3/044 (2023.01); G06N 3/045 (2023.01); G06N 3/047 (2023.01); G06N 3/088 (2013.01); G06N 7/01 (2023.01); G06N 20/00 (2019.01); G06N 20/10 (2019.01); H04L 41/0604 (2013.01); H04L 41/14 (2013.01); H04L 43/04 (2013.01); H04L 63/20 (2013.01); H04L 63/1416 (2013.01)] | 32 Claims |
|
1. A method for use in monitoring one or more platforms of one or more data systems, comprising:
receiving, at a processing system, system data generated by one or more source platforms and transmitted over at least one communications network;
first operating said processing system to prepare said system data for an analytics process so as to yield input data for said analytics process, said input data having one or more data features and observations for said data features, wherein said first processing comprises synthesizing at least one feature from said system data and the at least one feature enables processing to discriminate between benign activity and events of interest;
second operating said processing system to execute said analytics process with respect to said input data so as to yield output data, said analytics process involving at least one of data modeling, wherein a data model for said input data is developed, and data evaluation, wherein said data model is used to evaluate said input data; and
third operating said processing system to use said output data of said analytics process to provide information concerning at least one event of interest of the events of interest regarding said system data.
|