Cybersecurity system with differentiated capacity to deal with complex cyber attacks
First Claim
Patent Images
1. An aviation cyber security system comprising:
- a reactive sublayer that monitors and tracks cybersecurity sublayer data for forensic analysis, the cybersecurity sublayer data comprising data from across an aviation ecosystem that is selected from the group consisting of viruses, malware, domain name servers (DNS), denial of service (DOS) attacks, and Internet Protocol (IP) addresses and domains;
a resilient overlayer that monitors, tracks, and measures cybersecurity overlayer data across a plurality of cyber environments comprising an aviation cyber environment, the cybersecurity overlayer data comprising events and news data relating to the cyber security system'"'"'s global goals, wherein the overlayer is disjoint from the sublayer;
an anticipatory layer that monitors and tracks cybersecurity anticipatory layer data generated from an industry ecosystem for analysis, the anticipatory layer data being selected from the group consisting of viruses, malware, domain name servers (DNS), denial of service (DOS) attacks, and Internet Protocol (IP) addresses and domains, wherein the anticipatory layer is disjoint from the overlayer and from the reactive sublayer;
a complex adaptive system (CAS) algorithm that is used to learn, predict, and take action based on the cybersecurity sublayer data, the cybersecurity overlayer data, and the cybersecurity anticipatory layer data, to feed information to a machine learning module, and to identify probable developing threat regions based at least in part of the cybersecurity overlayer data; and
at least one bi-directional connection module that facilitates a feedback loop throughout the system, wherein the feedback loop comprises the machine learning module, wherein the overlayer and the sublayer exchange cybersecurity data via the at least one bi-directional connection module, and the exchanged cybersecurity data is correlated.
1 Assignment
0 Petitions
Accused Products
Abstract
An improved cyber security protection system with differentiated capacity to deal with complex cyber attacks in complex, highly-connected industries. The system architecture is goal-oriented and separates security goals and concerns by layers that are assigned specific functions to address only those goals. The functions operate concurrently within the layers and provide insight on their respective layers. The layers are interconnected with connection modules using bi-directional interfacing to establish a feedback look within the entire system. Complex adaptive systems (CAS) algorithms are used to identify the probably threats to the system.
22 Citations
10 Claims
-
1. An aviation cyber security system comprising:
-
a reactive sublayer that monitors and tracks cybersecurity sublayer data for forensic analysis, the cybersecurity sublayer data comprising data from across an aviation ecosystem that is selected from the group consisting of viruses, malware, domain name servers (DNS), denial of service (DOS) attacks, and Internet Protocol (IP) addresses and domains; a resilient overlayer that monitors, tracks, and measures cybersecurity overlayer data across a plurality of cyber environments comprising an aviation cyber environment, the cybersecurity overlayer data comprising events and news data relating to the cyber security system'"'"'s global goals, wherein the overlayer is disjoint from the sublayer; an anticipatory layer that monitors and tracks cybersecurity anticipatory layer data generated from an industry ecosystem for analysis, the anticipatory layer data being selected from the group consisting of viruses, malware, domain name servers (DNS), denial of service (DOS) attacks, and Internet Protocol (IP) addresses and domains, wherein the anticipatory layer is disjoint from the overlayer and from the reactive sublayer; a complex adaptive system (CAS) algorithm that is used to learn, predict, and take action based on the cybersecurity sublayer data, the cybersecurity overlayer data, and the cybersecurity anticipatory layer data, to feed information to a machine learning module, and to identify probable developing threat regions based at least in part of the cybersecurity overlayer data; and at least one bi-directional connection module that facilitates a feedback loop throughout the system, wherein the feedback loop comprises the machine learning module, wherein the overlayer and the sublayer exchange cybersecurity data via the at least one bi-directional connection module, and the exchanged cybersecurity data is correlated. - View Dependent Claims (2, 3, 4)
-
-
5. An aviation cybersecurity system having at least one cybersecurity goal of predicting complex threats, the cybersecurity system comprising:
-
a first layer that addresses the cybersecurity goal by monitoring and tracking cybersecurity first layer data generated from inputs managed by an aviation entity managing the cybersecurity system, wherein the first layer is reactive; a second layer that addresses the cybersecurity goal by monitoring and tracking cybersecurity second layer data generated from an industry ecosystem for analysis, the second layer data being selected from the group consisting of viruses, malware, domain name servers (DNS), denial of service (DOS) attacks, and Internet Protocol (IP) addresses and domains, wherein the second layer is anticipatory and disjoint from the first layer; a third layer that addresses the cybersecurity goal by monitoring, tracking, and measuring cybersecurity third layer data across a plurality of cyber environments comprising an aviation cyber environment, the third layer data comprising events and news data relating to the cybersecurity goal from a global perspective, wherein the third layer is resilient and disjoint from the first layer and the second layer; and a complex adaptive system (CAS) algorithm that is used to learn, predict, and take action based on the first layer data, second layer data, and third layer data, to feed information to a machine learning module, and to identify probable developing threat regions based at least in part of the cybersecurity third layer data; and at least one bi-directional connection module that facilitates a feedback loop throughout the system, wherein the feedback loop comprises the machine learning module, wherein the first layer, second layer, and third layer exchange cybersecurity data after the cybersecurity data has been processed within the respective layers via the at least one bi-directional connection module, and the exchanged cybersecurity data is correlated. - View Dependent Claims (6, 7, 8, 9, 10)
-
Specification