Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Cyberanalysis workflow acceleration

A technology for analyzing systems and events, applied in machine learning, instrumentation, computing, etc., to solve problems such as overwhelm

Pending Publication Date: 2020-04-21
向心有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in many modern enterprise networks, the volume and velocity of cyber threat event logs often overwhelm human network analysts in investigating all events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cyberanalysis workflow acceleration
  • Cyberanalysis workflow acceleration
  • Cyberanalysis workflow acceleration

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] In the following description of various exemplary embodiments, reference is made to the accompanying drawings which form a part hereof, and in which is shown by way of illustration various embodiments in which aspects of the disclosure may be practiced. It is to be understood that other embodiments may be utilized and structural and functional modifications may be made without departing from the scope of the present disclosure. In addition, reference is made to specific applications, protocols, and embodiments in which aspects of the present disclosure may be practiced. It is to be understood that other applications, protocols, and embodiments may be utilized and structural and functional modifications may be made without departing from the scope of the present disclosure.

[0032] Various connections between elements are discussed in the following description. These connections are general and unless otherwise indicated they may be direct or indirect, wired or wireles...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A cyber threat intelligence (CTI) gateway device may receive rules for filtering TCP / IP packet communications events that are configured to cause the CTI gateway device to identify communications corresponding to indicators, signatures, and behavioral patterns of network threats. The CTI gateway device may receive packets that compose endpoint-to-endpoint communication events and, for each event,may determine that the event corresponds to criteria specified by a filtering rule. The criteria may correspond to one or more of the network threat indicators, signatures, and behavioral patterns. The CTI gateway may create a log of the threat event and forward the threat event log to a task queue managed by a cyberanalysis workflow application. Human cyberanalysts use the cyberanalysis workflowapplication to service the task queue by removing the task at the front of the queue, investigating the threat event, and deciding whether the event is a reportable finding that should be reported tothe proper authorities. In order to improve the efficiency of the workflow process, tasks in the queue are ordered by the likelihood, or probability, that cyberanalysts will determine the associated threat events to be reportable findings; thus, high-likelihood events are investigated first. Likelihoods are computed using human-designed algorithms and machine-learned algorithms that are applied tocharacteristics of the events. Low-likelihood events may be dropped from the work queue to further improve efficiency.

Description

Background technique [0001] With the continuous development of the information age, network security is becoming more and more important. Cyber ​​threats can take many forms (e.g., unauthorized requests or data transmissions, viruses, malware, massive web traffic designed to overwhelm network resources, etc.). Many organizations subscribe to cyber threat services, which regularly provide information associated with cyber threats, including, for example, cyber threat indicators (e.g., network addresses, Uniform Resource Identifiers (URIs), etc.), or threat signatures (e.g., malicious software file identifiers), or threat behaviors (eg, signature patterns of advanced persistent threats). The information provided by such services can be used by organizations to identify threats to their networks and related assets. For example, a network device may monitor network communications and utilize network addresses corresponding to threat indicators to identify any communications betw...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441H04L63/166G06N20/00G06F21/554G06F2221/034
Inventor 肖恩·摩尔乔纳森·罗杰斯杰西·帕内尔扎迦利·恩内德
Owner 向心有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com