Artificial intelligence with cyber security
First Claim
Patent Images
1. A computer implemented method for detecting security threats over a network, and for performing cyber-security defense by taking remedial action on detected threats, comprising:
- collecting security information data over the network, from a plurality of appliances and application layers;
based on the collected security information data, assessing a risk component of the collected security information and identifying based on pre-determined criteria, one or more security risks from the collected data by performing cognitive cyber-security analytics in an artificial neural network implemented method; and
based on the assessed risk component and the identified one or more security risks, triggering a remedial action;
wherein the assessing is based on a pre-configured library, a periodic surveying, a periodic change managing, and a periodic reconfiguration;
autonomically learning a behavior profile of the plurality of appliances or application layers; and
based on the learned behavior profile, autonomically learning of attack profiles and circumvention techniques used to target the network, the appliances and the application layers.
6 Assignments
0 Petitions
Accused Products
Abstract
A cyber security system that uses artificial intelligence, such neural networks, to monitor the security of a computer network and take automated remedial action based on the monitoring. The security system autonomically learns behavior profiles, attack profiles and circumvention techniques used to target the network. The remedial action taken by the system includes isolating any misuse that has been identified, surveilling the misuse in the isolated environment, analyzing its behavior profile and reconfiguring the network to enhance security.
45 Citations
10 Claims
-
1. A computer implemented method for detecting security threats over a network, and for performing cyber-security defense by taking remedial action on detected threats, comprising:
-
collecting security information data over the network, from a plurality of appliances and application layers; based on the collected security information data, assessing a risk component of the collected security information and identifying based on pre-determined criteria, one or more security risks from the collected data by performing cognitive cyber-security analytics in an artificial neural network implemented method; and based on the assessed risk component and the identified one or more security risks, triggering a remedial action; wherein the assessing is based on a pre-configured library, a periodic surveying, a periodic change managing, and a periodic reconfiguration; autonomically learning a behavior profile of the plurality of appliances or application layers; and based on the learned behavior profile, autonomically learning of attack profiles and circumvention techniques used to target the network, the appliances and the application layers. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer automated system comprising a non-transitory machine readable medium having encoded instructions and coupled to a hardware processor, wherein the encoded instructions when executed by the hardware processor, cause the computer automated system to:
-
collect by the hardware processor, security information data over a network, from a plurality of appliances and application layers and store the collected security information data in the non-transitory machine readable medium; based on the collected security information data, assess a risk component of the collected security information and identify based on pre-determined criteria, one or more security risks from the collected data via a cognitive cyber-security analytics in an artificial neural network implementation; and based on the assessed risk component and the identified one or more security risks, trigger a remedial action; wherein the assessing is based on a pre-configured library, a periodic surveying, a periodic change managing, and a periodic reconfiguration; autonomically learn a behavior profile of the plurality of appliances or application layers; and based on the learned behavior profile, autonomically learn of attack profiles and circumvention techniques used to target the network, the appliances and the application layers. - View Dependent Claims (7, 8, 9, 10)
-
Specification