System for monitoring and addressing events based on triplet metric analysis

US 10,142,363 B2
Filed: 06/23/2016
Issued: 11/27/2018
Est. Priority Date: 06/23/2016
Status: Active Grant

First Claim

Patent Images

1. A system for monitoring and addressing events based on triplet metric analysis, the system comprising:

one or more memory devices; and

one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute computer-readable program code to;

transmit control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset;

receive the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages;

apply an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset;

identify a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor;

identify a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means;

identify a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset;

calculate a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;

R=|avb|sin(θ

)sin(φ

)wherein;

R is the threat-based exposure value calculated with the threat-based exposure model;

a is the identified threat actor value;

v is the identified threat means value;

b is the identified targeted asset value;

θ

is a degree of relation between the threat actor and the threat means; and

φ

is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;

calculate a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets;

in response to calculating the threat-based exposure value, transmit control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model;

receive, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and

in response to receiving instructions to print the threat-based exposure model, transmit control signals configured to cause a three-dimensional printer system to print the threat-based exposure model.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention provide a system for monitoring and addressing events based on triplet metric analysis. In some embodiments, the system transmits control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmits the new data input back to the system. From the new data input, the system may identify actors, actor values, means, means values, assets, and asset values associated with certain events. The system may then determine a model based on the new data input and transmit control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the model.

13 Citations

View as Search Results

12 Claims

1. A system for monitoring and addressing events based on triplet metric analysis, the system comprising:
- one or more memory devices; and
  
  one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute computer-readable program code to;
  
  transmit control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset;
  
  receive the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages;
  
  apply an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset;
  
  identify a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor;
  
  identify a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means;
  
  identify a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset;
  
  calculate a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
  
  R=|avb|sin(θ
  
  )sin(φ
  
  )wherein;
  
  R is the threat-based exposure value calculated with the threat-based exposure model;
  
  a is the identified threat actor value;
  
  v is the identified threat means value;
  
  b is the identified targeted asset value;
  
  θ
  
  is a degree of relation between the threat actor and the threat means; and
  
  φ
  
  is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;
  
  calculate a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets;
  
  in response to calculating the threat-based exposure value, transmit control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model;
  
  receive, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and
  
  in response to receiving instructions to print the threat-based exposure model, transmit control signals configured to cause a three-dimensional printer system to print the threat-based exposure model.
- View Dependent Claims (2, 3, 4)
- - 2. The system of claim 1, wherein the three-dimensional representation of the threat-based exposure model comprises a two-dimensional display of the threat-based exposure model, wherein a vantage point of the threat-based exposure model is moveable about the two-dimensional display.
  - 3. The system of claim 1, wherein the three-dimensional representation of the threat-based exposure model comprises a virtual reality representation of the threat-based exposure model, and wherein the computing device system associated with the user comprises a virtual reality device.
  - 4. The system of claim 1, wherein the one or more processing devices are configured to, in response to calculating the total threat-based exposure value, transmit control signals configured to cause the computing device system associated with the user to display a three-dimensional representation of the total threat-based exposure value.

5. A computer program product for monitoring and addressing events based on triplet metricanalysis, the computer program product comprising at least one non-transitory computer readable medium comprising computer readable instructions, the instructions comprising instructions for:
- transmitting control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset;
  
  receiving the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages;
  
  applying an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset;
  
  identifying a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor;
  
  identifying a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means;
  
  identifying a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset;
  
  calculating a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
  
  R=|avb|sin(θ
  
  )sin(φ
  
  )wherein;
  
  R is the threat-based exposure value calculated with the threat-based exposure model;
  
  a is the identified threat actor value;
  
  v is the identified threat means value;
  
  b is the identified targeted asset value;
  
  θ
  
  is a degree of relation between the threat actor and the threat means; and
  
  φ
  
  is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;
  
  calculating a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assets;
  
  in response to calculating the threat-based exposure value, transmitting control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model;
  
  receiving, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and
  
  in response to receiving instructions to print the threat-based exposure model, transmitting control signals configured to cause a three-dimensional printer system to print the threat-based exposure model.
- View Dependent Claims (6, 7, 8)
- - 6. The computer program product of claim 5, wherein the three-dimensional representation of the threat-based exposure model comprises a two-dimensional display of the threat-based exposure model, wherein a vantage point of the threat-based exposure model is moveable about the two-dimensional display.
  - 7. The computer program product of claim 5, wherein the three-dimensional representation of the threat-based exposure model comprises a virtual reality representation of the threat-based exposure model, and wherein the computing device system associated with the user comprises a virtual reality device.
  - 8. The computer program product of claim 5, wherein the computer readable instructions further comprise instructions, in response to calculating the total threat-based exposure value, transmitting control signals configured to cause the computing device system associated with the user to display a three-dimensional representation of the total threat-based exposure value.

9. A computer implemented method for monitoring and addressing events based on triplet metric analysis, said computer implemented method comprising:
- transmitting control signals to cause a vendor database system to continuously monitor a vendor database for a new data input and, in response to identifying the new data input, automatically transmit the new data input to the system, wherein the new data input comprises at least a threat actor, a threat means, and a targeted asset;
  
  receiving the new data input from the vendor database system, wherein the new data input comprises unformatted text of prose-form messages;
  
  applying an optical character recognition process to the unformatted text of prose-form messages to extract and identify the threat actor, the threat means, and the targeted asset;
  
  identifying a threat actor value based on a comparison of the threat actor to an actor value database, wherein the threat actor value comprises a scalar representation of capabilities of the threat actor;
  
  identifying a threat means value based on a comparison of the threat means to a means value database, wherein the threat means value comprises a scalar representation of effectiveness of the threat means;
  
  identifying a targeted asset value based on a comparison of the targeted asset to an asset value database, wherein the targeted asset value comprises a scalar representation of exposure potential of the targeted asset;
  
  calculating a threat-based exposure value with a threat-based exposure model that is based at least on the identified threat actor value, the identified threat means value, and the identified targeted asset value, wherein the threat-based exposure model comprises;
  
  R=|avb|sin(θ
  
  )sin(φ
  
  )wherein;
  
  R is the threat-based exposure value calculated with the threat-based exposure model;
  
  a is the identified threat actor value;
  
  v is the identified threat means value;
  
  b is the identified targeted asset value;
  
  θ
  
  is a degree of relation between the threat actor and the threat means; and
  
  φ
  
  is a degree of relation between the targeted asset and a combination of the identified threat actor and the identified threat means;
  
  calculating a total threat-based exposure value as a sum of R and a plurality of different threat-based exposure values associated with different combinations of threat actors, threat means, and targeted assetsin response to calculating the threat-based exposure value, transmitting control signals configured to cause a computing device system associated with a user to display a three-dimensional representation of the threat-based exposure model;
  
  receiving, from the user interface of the computing device system associated with the user, instructions to print the threat-based exposure model; and
  
  in response to receiving instructions to print the threat-based exposure model, transmitting control signals configured to cause a three-dimensional printer system to print the threat-based exposure model.
- View Dependent Claims (10, 11, 12)
- - 10. The computer implemented method of claim 9, wherein the three-dimensional representation of the threat-based exposure model comprises a two-dimensional display of the threat-based exposure model, wherein a vantage point of the threat-based exposure model is moveable about the two-dimensional display.
  - 11. The computer implemented method of claim 9, wherein the three-dimensional representation of the threat-based exposure model comprises a virtual reality representation of the threat-based exposure model, and wherein the computing device system associated with the user comprises a virtual reality device.
  - 12. The computer implemented method of claim 9, wherein the computer implemented method further comprises instructions, in response to calculating the total threat-based exposure value, transmitting control signals configured to cause the computing device system associated with the user to display a three-dimensional representation of the total threat-based exposure value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Carter, Lonnie Jason
Primary Examiner(s)
Potratz, Daniel B
Assistant Examiner(s)
Tran, Vu V

Application Number

US15/191,066
Publication Number

US 20170374092A1
Time in Patent Office

887 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/248   Presentation of query results

H04L 63/1433   Vulnerability analysis

H04W 12/12   Detection or prevention of ...

System for monitoring and addressing events based on triplet metric analysis

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System for monitoring and addressing events based on triplet metric analysis

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links