Artificial intelligence with cyber security

US 10,158,653 B1
Filed: 12/04/2015
Issued: 12/18/2018
Est. Priority Date: 12/04/2015
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for detecting security threats over a network, and for performing cyber-security defense by taking remedial action on detected threats, comprising:

collecting security information data over the network, from a plurality of appliances and application layers;

based on the collected security information data, assessing a risk component of the collected security information and identifying based on pre-determined criteria, one or more security risks from the collected data by performing cognitive cyber-security analytics in an artificial neural network implemented method; and

based on the assessed risk component and the identified one or more security risks, triggering a remedial action;

wherein the assessing is based on a pre-configured library, a periodic surveying, a periodic change managing, and a periodic reconfiguration;

autonomically learning a behavior profile of the plurality of appliances or application layers; and

based on the learned behavior profile, autonomically learning of attack profiles and circumvention techniques used to target the network, the appliances and the application layers.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cyber security system that uses artificial intelligence, such neural networks, to monitor the security of a computer network and take automated remedial action based on the monitoring. The security system autonomically learns behavior profiles, attack profiles and circumvention techniques used to target the network. The remedial action taken by the system includes isolating any misuse that has been identified, surveilling the misuse in the isolated environment, analyzing its behavior profile and reconfiguring the network to enhance security.

45 Citations

View as Search Results

10 Claims

1. A computer implemented method for detecting security threats over a network, and for performing cyber-security defense by taking remedial action on detected threats, comprising:
- collecting security information data over the network, from a plurality of appliances and application layers;
  
  based on the collected security information data, assessing a risk component of the collected security information and identifying based on pre-determined criteria, one or more security risks from the collected data by performing cognitive cyber-security analytics in an artificial neural network implemented method; and
  
  based on the assessed risk component and the identified one or more security risks, triggering a remedial action;
  
  wherein the assessing is based on a pre-configured library, a periodic surveying, a periodic change managing, and a periodic reconfiguration;
  
  autonomically learning a behavior profile of the plurality of appliances or application layers; and
  
  based on the learned behavior profile, autonomically learning of attack profiles and circumvention techniques used to target the network, the appliances and the application layers.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer implemented method of claim 1 further comprising in identifying based on pre-determined criteria, one or more security risks from the collected data, at least one of evaluating, simulating and recognizing a usage pattern.
  - 3. The computer implemented method of claim 1 wherein, in identifying based on pre-determined criteria, one or more security risks from the collected data the cognitive cyber-security analytics in the artificial neural network implemented method further comprises autonomic machine learning for recognition of threat patterns, vulnerabilities, anomalous behavior, malicious attack or misuse of network or application assets.
  - 4. The computer implemented method of claim 1 further comprising:
    - data collection via a data collection layer;
      
      artificial intelligence machine learning based on the collected data and assessment, via an artificial intelligence machine learning layer; and
      
      wherein the assessment further comprises natural language processing, a periodic reconnaissance, and a periodic risk assessment.
  - 5. The computer implemented method of claim 1 further comprising:
    - analyzing and identifying a risk profile of an appliance or application based on the assessed risk level and the one or more identified security risks;
      
      automatically isolating any misuse that has been identified with the identified security risk profiles and automatically implementing surveillance of the misuse in the isolated environment; and
      
      analyzing the security and behavior profile data collected from the surveillance of the isolated misuse.

6. A computer automated system comprising a non-transitory machine readable medium having encoded instructions and coupled to a hardware processor, wherein the encoded instructions when executed by the hardware processor, cause the computer automated system to:
- collect by the hardware processor, security information data over a network, from a plurality of appliances and application layers and store the collected security information data in the non-transitory machine readable medium;
  
  based on the collected security information data, assess a risk component of the collected security information and identify based on pre-determined criteria, one or more security risks from the collected data via a cognitive cyber-security analytics in an artificial neural network implementation; and
  
  based on the assessed risk component and the identified one or more security risks, trigger a remedial action;
  
  wherein the assessing is based on a pre-configured library, a periodic surveying, a periodic change managing, and a periodic reconfiguration;
  
  autonomically learn a behavior profile of the plurality of appliances or application layers; and
  
  based on the learned behavior profile, autonomically learn of attack profiles and circumvention techniques used to target the network, the appliances and the application layers.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6 wherein the system is further caused to:
    - in identifying based on pre-determined criteria, one or more security risks from the collected data, at least one of evaluate, simulate and recognize a usage pattern.
  - 8. The system of claim 6 whereinthe cognitive cyber-security analytics in the artificial neural network implementation further comprises autonomic machine learning for recognition of threat patterns, vulnerabilities, anomalous behavior, malicious attack or misuse of network or application assets.
  - 9. The system of claim 6 wherein the system is further caused to:
    - collect the data via a data collection layer;
      
      learn, based on the collected data and assessment, via an artificial intelligence machine learning layer; and
      
      wherein the assessment further comprises natural language processing in a natural language processing layer, a periodic reconnaissance, and a periodic risk assessment.
  - 10. The computer automated system of claim 6, wherein the computer automated system is further caused to:
    - analyze and identify a risk profile of an appliance or application based on the assessed risk level and the one or more identified security risks;
      
      automatically isolate any misuse that has been identified with the identified security risk profiles and automatically implement surveillance of the misuse in the isolated environment; and
      
      analyze the security and behavior profile data collected from the surveillance of the isolated misuse.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nautilus True LLC
Original Assignee
Nautilus Data Technologies, Inc.
Inventors
Magcale, Arnold, Kekai, Daniel
Primary Examiner(s)
Alata, Ayoub

Application Number

US14/959,608
Time in Patent Office

1,110 Days
Field of Search
US Class Current
CPC Class Codes

G06N 3/08   Learning methods

H04L 63/1408   by monitoring network traff...

H04L 63/1441   Countermeasures against mal...

Artificial intelligence with cyber security

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

45 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Artificial intelligence with cyber security

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links