×

METHOD AND SYSTEM FOR TRAINING A BIG DATA MACHINE TO DEFEND

  • US 20170169360A1
  • Filed: 12/16/2016
  • Published: 06/15/2017
  • Est. Priority Date: 04/02/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method for training a big data machine to defend an enterprise system comprising:

  • retrieving log lines belonging to one or more log line parameters from one or more enterprise system data sources and from incoming data traffic to the enterprise system;

    computing one or more features from the log lines;

    wherein computing one or more features includes one or more statistical processes;

    applying the one or more features to an adaptive rules model;

    wherein the adaptive rules model comprises one or more identified threat labels;

    further wherein applying the one or more features to an adaptive rules model comprises;

    blocking one or more features that has one or more identified threat labels;

    generating a features matrix from said applying the one or more features to an adaptive rule module;

    executing at least one detection method from a first group of statistical outlier detection methods and at least one detection method from a second group of statistical outlier detection methods on one or more features matrix, to identify statistical outliers;

    wherein the first group of statistical outlier detection methods includes a matrix decomposition-based outlier process, a replicator neural networks process and a joint probability process andthe second group of statistical outlier detection methods includes a matrix decomposition-based outlier process, a replicator neural networks process and a joint probability process;

    wherein the at least one detection method from a first group of statistical outlier detection methods and the at least one detection method from a second group of statistical outlier detection methods are different;

    generating an outlier scores matrix from each detection method of said first and second group of statistical outlier detection methods;

    converting each outlier scores matrix to a top scores model;

    combining each top scores model using a probability model to create a single top scores vector;

    generating a GUI output of at least one of;

    an output of the single top scores vector and the adaptive rules model;

    labeling the said output to create one or more labeled features matrix;

    creating a supervised learning module with the one or more labeled features matrix to update the one or more identified threat labels for performing at least one of;

    further refining adaptive rules model for identification of statistical outliers;

    andpreventing access by categorized threats by detecting new threats in real time and reducing the time elapsed between threat detection of the enterprise system.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×