Utilizing Big Data Analytics to Optimize Information Security Monitoring And Controls
First Claim
Patent Images
1. A method comprising:
- obtaining one or more responses of a security sensor to events from each of a plurality of sources;
clustering each of the sources into one or more clusters, based on an amount of responses of the security sensor to the events from that source;
training a classifier with the sources and the clusters they belong; and
reconfiguring the security sensor based on the classifier.
0 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein is a method comprising: obtaining one or more responses of a security sensor to events from each of a plurality of sources; clustering each of the sources into one or more clusters, based on an amount of responses of the security sensor to the events from that source; training a classifier with the sources and the clusters they belong; and reconfiguring the security sensor based on the classifier.
29 Citations
24 Claims
-
1. A method comprising:
-
obtaining one or more responses of a security sensor to events from each of a plurality of sources; clustering each of the sources into one or more clusters, based on an amount of responses of the security sensor to the events from that source; training a classifier with the sources and the clusters they belong; and reconfiguring the security sensor based on the classifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
obtaining one or more responses of a security sensor to events from each a plurality of sources; training a classifier with the sources and the responses; reconfiguring the security sensor based on the classifier. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system comprising:
-
a data collection module configured to obtain events from each of a plurality of sources; a clustering module configured to cluster each of the sources into one or more clusters, based on an amount of responses of a security sensor to the events from that source; a classifier training module configured to train a classifier with the sources and the clusters they belong; and a sensor reconfiguration module configured to reconfigure the security sensor based on the classifier. - View Dependent Claims (22, 23, 24)
-
Specification