System and method of data collection, processing, analysis, and annotation for monitoring cyber-threats and the notification thereof to subscribers

US 20020038430A1
Filed: 09/13/2001
Published: 03/28/2002
Est. Priority Date: 09/13/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method for monitoring cyber-threats for subscribers of a cyber-threat alert service comprising:

collecting intelligence data, storing said data in a first data store, analyzing the data to determine if said intelligence data is to be retained, discarding data not to be retained while retaining data that satisfies a predetermined criteria, and distributing the retained data to selected subscribers.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for the collection, analysis, and distribution of cyber-threat alerts. The system collects cyber-threat intelligence data from a plurality of sources, and then preprocesses the intelligence data for further review by an intelligence analyst. The analyst reviews the intelligence data and determines whether it is appropriate for delivery to subscribing clients of the cyber-threat alert service. The system reformats and compiles the intelligence data and automatically delivers the intelligence data through a plurality of delivery methods.

Citations

12 Claims

1. A method for monitoring cyber-threats for subscribers of a cyber-threat alert service comprising:
- collecting intelligence data, storing said data in a first data store, analyzing the data to determine if said intelligence data is to be retained, discarding data not to be retained while retaining data that satisfies a predetermined criteria, and distributing the retained data to selected subscribers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as set forth in claim 1 further comprising creating a record in a second data store when intelligence data is retained.
  - 3. A method as set forth in claim 2 further including replicating the record in the second data store to a published database for making the intelligence data available to the subscribers.
  - 4. A method as set forth in claim 1 further including maintaining profiles of the subscribers of record in the data base such that data relevant to the profiles of the subscribers may be “
    - pushed”
      
      or “
      
      pulled”
      
      .
  - 5. The method as set forth in claim 4 wherein the collection of data includes initial filtering and categorization of the data based on keyword searching, pattern matching and content recognition.
  - 6. The method as set forth in claim 4 wherein retained data is further assessed to determine, recognize and identify redundant and conflicting items in the retained data.
  - 7. The method as set forth in claim 6 further comprising categorizing data that is not redundant into one or more queues.
  - 8. The method as set forth in claim 2 further including coding said record created according to the potential for the data to affect the infrastructure or information security of the subscribers.

9. A system for monitoring cyber-threats for subscribers of a cyber-threat alert service, comprising:
- a data collector 202 for capturing and collecting intelligence data from a plurality of data sources 201, a data filter and preprocessor connected to the data collector for filtering and categorizing the collected intelligence data, a first level data store for receiving filtered and categorized data, a second level data store, means for promoting to the first level data to the second level data store, means for tagging data to be promoted, and means for distributing tagged data to subscribers.
- View Dependent Claims (10, 11, 12)
- - 10. The system of claim 9, wherein the first level data store is a relational database management system.
  - 11. The system of claim 9, wherein the second level data store is a relational database management system.
  - 12. The system of claim 9, wherein the first level data store and the second level data store are relational database management systems.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
iDefense, Inc. (VeriSign, Inc.)
Original Assignee
iDefense, Inc. (VeriSign, Inc.)
Inventors
Edwards, Charles, Owen, Daniel, Nebel, Roger J., Migues, Samuel

Application Number

US09/950,820
Publication Number

US 20020038430A1
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

System and method of data collection, processing, analysis, and annotation for monitoring cyber-threats and the notification thereof to subscribers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of data collection, processing, analysis, and annotation for monitoring cyber-threats and the notification thereof to subscribers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links