Apparatuses, methods and systems for a cyber threat confidence rating visualization and editing user interface

US 10,511,621 B1
Filed: 03/10/2017
Issued: 12/17/2019
Est. Priority Date: 07/23/2014
Status: Active Grant

First Claim

Patent Images

1. A non-transitory medium storing code representing a plurality of processor-executable instructions, the code comprising code to cause the processor to:

display, concurrently;

(1) a graphical representation of a plurality of characteristics of a potential cyber threat to at least one targeted system, the potential cyber threat being associated with a malicious source, and (2) a graphical representation of a first cyber threat confidence score for the potential cyber threat, the cyber threat confidence score being based at least in part on plurality of characteristics of the potential cyber threat;

detect a user interaction with the graphical representation of the plurality of characteristics, the user interaction representing a user-specified adjustment for a characteristic from the plurality of characteristics of the potential cyber threat;

modify a value of the characteristic based on the user-specified adjustment for the characteristic to produce a modified plurality of characteristics of the potential cyber threat;

automatically update the cyber threat confidence score, in response to producing the modified plurality of characteristics of the potential cyber threat, to generate an updated cyber threat confidence score based at least in part on the modified plurality of characteristics of the potential cyber threat; and

provide, to a user, a graphical representation of the modified plurality of characteristics of the potential cyber threat, and a graphical representation of the updated cyber threat confidence score.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The cyber threat intelligence confidence rating visualization and editing user interface technology (hereinafter “TIC”) provides a user interface that allows a user (e.g., a cyber threat analyst, etc.) to submit ratings for various characteristics associated with a cyber threat indicator. In one embodiment, the TIC may instantiate a user interactive risk evaluation component having a user interface input element for a user to submit calculation weights for one or more characteristics of a cyber threat; generate a graphical representation of a cyber threat confidence score for user interface display via the user interactive risk evaluation component; and dynamically adjust the graphical representation of the threat confidence score using at least one of the one or more characteristics weighted by the user configured weight.

Citations

22 Claims

1. A non-transitory medium storing code representing a plurality of processor-executable instructions, the code comprising code to cause the processor to:
- display, concurrently;
  
  (1) a graphical representation of a plurality of characteristics of a potential cyber threat to at least one targeted system, the potential cyber threat being associated with a malicious source, and (2) a graphical representation of a first cyber threat confidence score for the potential cyber threat, the cyber threat confidence score being based at least in part on plurality of characteristics of the potential cyber threat;
  
  detect a user interaction with the graphical representation of the plurality of characteristics, the user interaction representing a user-specified adjustment for a characteristic from the plurality of characteristics of the potential cyber threat;
  
  modify a value of the characteristic based on the user-specified adjustment for the characteristic to produce a modified plurality of characteristics of the potential cyber threat;
  
  automatically update the cyber threat confidence score, in response to producing the modified plurality of characteristics of the potential cyber threat, to generate an updated cyber threat confidence score based at least in part on the modified plurality of characteristics of the potential cyber threat; and
  
  provide, to a user, a graphical representation of the modified plurality of characteristics of the potential cyber threat, and a graphical representation of the updated cyber threat confidence score.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The non-transitory medium of claim 1, wherein:
    - the plurality of characteristics includes a weighting for each value from a set of values of the plurality of characteristics,the user-specified adjustment for the characteristic from the plurality of characteristics is a user-specified weighting for that characteristic, andthe code to modify includes code to modify the value of the characteristic based on the user-specified weighting to change the weighting for that characteristic when the cyber threat confidence score is updated.
  - 3. The non-transitory medium of claim 1, wherein:
    - the plurality of characteristics includes a numerical value for each value from a set of values of the plurality of characteristics,the user-specified adjustment for the characteristic from the plurality of characteristics is a user-specified numerical value for that characteristic, andthe code to modify includes code to modify the value of the characteristic based on the user-specified numerical value to change the numerical value for that characteristic when the cyber threat confidence score is updated.
  - 4. The non-transitory medium of claim 1, wherein:
    - the graphical representation of the plurality of characteristics includes a horizontally-oriented bar having a length corresponding to a magnitude associated with that characteristic,the user-specified adjustment for the characteristic being represented within the user interface by a user-specified modification to the length of the horizontally-oriented bar for that characteristic.
  - 5. The non-transitory medium of claim 1, wherein:
    - the graphical representation of the plurality of characteristics includes a horizontally-oriented bar having a middle point corresponding to a numerical value and a length corresponding to a weighting, andthe user-specified adjustment for the characteristic is represented within the user interface by a user-specified modification to at least one of the middle point or the length of the horizontally-oriented bar for that characteristic.
  - 6. The non-transitory medium of claim 1, wherein the characteristic associated with the user-specified adjustment is at least one of a criticality of the potential cyber threat, a classification of the potential cyber threat, or a source of the potential cyber threat.
  - 7. The non-transitory medium of claim 1, wherein:
    - the updated cyber threat confidence score is updated dynamically within the user interface in response to receiving the user-specified adjustment for the characteristic from the plurality of characteristics.
  - 8. The non-transitory medium of claim 1, wherein the code further comprises code to cause the processor to generate a graphical representation of a further cyber threat confidence score separate from and with the graphical representation of the updated cyber threat confidence within the user interface,the further cyber threat confidence score being different from the updated cyber threat confidence score,the further cyber threat confidence score being based at least in part on a further plurality of characteristics different from the modified plurality of characteristics.
  - 9. The non-transitory medium of claim 1, wherein the code further comprises code to cause the processor to:
    - generate a graphical representation of a further cyber threat confidence score separate from and with the graphical representation of the updated cyber threat confidence score within the user interface, the further cyber threat confidence score being different from the updated cyber threat confidence score, the further cyber threat confidence score being based at least in part on a further plurality of characteristics different from the modified plurality of characteristics;
      
      receive, from the user via the user interface, a user selection of the graphical representation of the further cyber threat confidence score; and
      
      generate, via the user interface and in response to receiving the user selection, a graphical representation of the further plurality of characteristics, the graphical representation of the further plurality of characteristics separately representing each characteristic from the further plurality of characteristics and a value of that characteristic.
  - 10. The non-transitory medium of claim 1, wherein the user-specified adjustment is associated with one of sliding or dragging at least a portion of the graphical representation of the first set of values.
  - 11. The non-transitory medium of claim 1, the code further comprising code to cause the processor to generate a graphical representation of the updated cyber threat confidence score in response to the user-specified adjustment.
  - 12. The non-transitory medium of claim 1, wherein a position of the graphical representation of the plurality of characteristics is associated with a current value of at least one characteristic from the plurality of characteristics.

13. A non-transitory medium storing code representing a plurality of processor-executable instructions, the code comprising code to cause the processor to:
- display, concurrently;
  
  (1) a graphical representation of a cyber threat confidence score, and (2) a graphical representation of a plurality of characteristics of a potential cyber threat to at least one targeted system, the cyber threat confidence score being based at least in part on the plurality of characteristics of the potential cyber threat;
  
  detect a user interaction with the graphical representation of the cyber threat confidence score, the user representation representing a user-specified adjustment for the cyber threat confidence score;
  
  define an updated cyber threat confidence score based on the user-specified adjustment for the cyber threat confidence score;
  
  automatically update the plurality of characteristics of the potential cyber threat, to generate an updated plurality of characteristics of the potential cyber threat based at least in part on the updated cyber threat confidence score; and
  
  provide, to a user, a graphical representation of the updated plurality of characteristics of the cyber threat.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The non-transitory medium of claim 13, wherein the graphical representation of the updated plurality of characteristics of the potential cyber threat separately represents a value of each characteristic from the updated plurality of characteristics of the potential cyber threat.
  - 15. The non-transitory medium of claim 13, wherein:
    - the graphical representation of the updated plurality of characteristics of the potential cyber threat separately represents a value of each characteristic from the updated plurality of characteristics, andthe plurality of characteristics is updated dynamically within the user interface in response to receiving the user-specified adjustment for the cyber threat confidence score.
  - 16. The non-transitory medium of claim 13, wherein:
    - the code to cause the processor to provide includes code to cause the processor to generate (1) a first graphical representation of the updated cyber threat confidence score, and (2) a second graphical representation of the updated cyber threat confidence score,the second graphical representation of the updated cyber threat confidence score being physically positioned within the user interface and across the graphical representation of the updated plurality of characteristics of the potential cyber threat.
  - 17. The non-transitory medium of claim 13, wherein:
    - the code to cause the processor to provide includes code to cause the processor to generate (1) a first graphical representation of the updated cyber threat confidence score, and (3) a second graphical representation of the updated cyber threat confidence score,the first graphical representation of the updated cyber threat confidence score being a numerical value,the second graphical representation of the updated cyber threat confidence score being physically positioned within the user interface and across the graphical representation of the updated plurality of characteristics of the cyber threat, the second graphical representation of the updated cyber threat confidence score being user selectable to specify a user-specified adjustment.
  - 18. The non-transitory medium of claim 13, wherein the code further comprises code to cause the processor to:
    - generate a graphical representation of a further cyber threat confidence score separate from and with the graphical representation of the updated cyber threat confidence within the user interface,the further cyber threat confidence score being different from the updated cyber threat confidence score,the further cyber threat confidence score being based at least in part on a further plurality of characteristics different from the updated plurality of characteristics of the cyber threat.
  - 19. The non-transitory medium of claim 13, wherein the code further comprises code to cause the processor to:
    - generate a graphical representation of a further cyber threat confidence score separate from and with the graphical representation of the updated cyber threat confidence within the user interface, the further cyber threat confidence score being different from the updated cyber threat confidence score, the further cyber threat confidence score being based at least in part on a further plurality of characteristics different from the updated plurality of characteristics of the cyber threat;
      
      receive, from the user via the user interface, a user selection of the graphical representation of the further cyber threat confidence score; and
      
      provide, via the user interface and in response to receiving the user selection, a graphical representation of the further plurality of characteristics, the graphical representation of the further plurality of characteristics separately representing each characteristic from the further plurality of characteristics and a value of that characteristic.

20. A non-transitory medium storing code representing a plurality of processor-executable instructions, the code comprising code to cause the processor to:
- display, concurrently and via a user interface;
  
  (1) a graphical representation of a cyber threat confidence score, (2) a graphical representation of a second cyber threat confidence score, and (3) a graphical representation of a first set of values of a plurality of characteristics of a potential cyber threat to at least one targeted system, the first set of values of the plurality characteristics being associated with the first cyber threat confidence score, the graphical representation separately representing the value of each characteristic from the first set of values of the plurality of characteristics, the first cyber threat confidence score being based at least in part on the first set of values of the plurality of characteristics of the potential cyber threat, the second cyber threat confidence score being based at least in part on a second set of values of the plurality of characteristics;
  
  detect a user interaction with the graphical representation of the second cyber threat confidence score, the user interaction representing a user selection of the second cyber threat confidence score; and
  
  generate, automatically and in response to receiving the user selection, a graphical representation of the second set of values of the plurality of characteristics and remove the graphical representation of the first set of values, the graphical representation of the second set of values separately representing each characteristic and the value of that characteristic from the second set of values.
- View Dependent Claims (21, 22)
- - 21. The non-transitory medium of claim 20, wherein the code further comprises code to cause the processor to:
    - receive, from the user via the user interface and after the graphical representation of the second set of values of the plurality of characteristics is generated, a user-specified adjustment for a characteristic from the plurality of characteristics;
      
      modify a value of the characteristic based on the user-specified adjustment for the characteristic to produce a third set of values of the plurality of characteristics of the potential cyber threat;
      
      calculate a third cyber threat confidence score based at least in part on the third set of values of the plurality of characteristics of the potential cyber threat; and
      
      provide to the user an indication of the third cyber threat confidence score.
  - 22. The non-transitory medium of claim 20, wherein the code further comprises code to cause the processor to:
    - receive, from the user via the user interface and after the graphical representation of the second set of values of the plurality of characteristics is generated, a user-specified adjustment for the second cyber threat confidence score;
      
      define a third cyber threat confidence score based on the user-specified adjustment for the second cyber threat confidence score;
      
      calculate a third set of values of the plurality of characteristics of the potential cyber threat based at least in part on the third cyber threat confidence score; and
      
      provide to the user an indication of the third set of values of the plurality of characteristics.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lookingglass Cyber Solutions, LLC
Original Assignee
LookingGlass Cyber Solutions, Inc. (ZeroFox Holdings, Inc.)
Inventors
Thomson, Allan, Coleman, Christopher D.
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US15/456,263
Time in Patent Office

1,012 Days
Field of Search
US Class Current
CPC Class Codes

G06T 11/206   Drawing of charts or graphs

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

Apparatuses, methods and systems for a cyber threat confidence rating visualization and editing user interface

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatuses, methods and systems for a cyber threat confidence rating visualization and editing user interface

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links