SYSTEM AND METHOD THEREOF FOR CREATING PROGRAMMABLE SECURITY DECISION ENGINES IN A CYBER-SECURITY SYSTEM
First Claim
1. A method for generating a software decision engine (SDE) operable in a cyber-security system, comprising:
- determining, based on at least one input feature, at least one normalization function, wherein the at least one input feature defines an attribute of a data flow to be evaluated by the SDE;
receiving at least one engine rule describing an anomaly to be evaluated; and
creating an inference system including at least one inference unit, wherein each inference unit is determined based on one of the received at least one engine rule, wherein the inference system computes a score of anomaly (SoA) respective of the at least one input feature.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and method for adaptively securing a protected entity against cyber-threats. The method comprises: determining, based on at least one input feature, at least one normalization function, wherein the at least one input feature defines an attribute of a data flow to be evaluated by the SDE; receiving at least one engine rule describing an anomaly to be evaluated; and creating an inference system including at least one inference unit, wherein each inference unit is determined based on one of the received at least one engine rule, wherein the inference system computes a score of anomaly (SoA) respective of the at least one input feature.
43 Citations
22 Claims
-
1. A method for generating a software decision engine (SDE) operable in a cyber-security system, comprising:
-
determining, based on at least one input feature, at least one normalization function, wherein the at least one input feature defines an attribute of a data flow to be evaluated by the SDE; receiving at least one engine rule describing an anomaly to be evaluated; and creating an inference system including at least one inference unit, wherein each inference unit is determined based on one of the received at least one engine rule, wherein the inference system computes a score of anomaly (SoA) respective of the at least one input feature. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 19)
-
-
13. A system for generating a software decision engine (SDE) operable in a cyber-security system, comprising:
-
a processing unit; and a memory, the memory containing instructions that, when executed by the processing unit, configure the system to; determine, based on at least one input feature, at least one normalization function, wherein the at least one input feature defines an attribute of a data flow to be evaluated by the SDE; receive at least one engine rule describing an anomaly to be evaluated; and create an inference system including at least one inference unit, wherein each inference unit is determined based on one of the received at least one engine rule, wherein the inference system computes a score of anomaly (SoA) respective of the at least one input feature. - View Dependent Claims (14, 15, 16, 17, 18, 20, 21, 22)
-
Specification