×

ADVANCED CYBERSECURITY THREAT MITIGATION USING BEHAVIORAL AND DEEP ANALYTICS

  • US 20170324768A1
  • Filed: 07/20/2017
  • Published: 11/09/2017
  • Est. Priority Date: 10/28/2015
  • Status: Active Grant
First Claim
Patent Images

1. An advanced cyber decision platform for mitigation of cyberattacks, the platform comprising:

  • a time series data store comprising at least a processor, a memory, and a plurality of programming instructions stored in the memory and operating on the processor, wherein the programmable instructions, when operating on the processor, cause the processor to”

    monitor a plurality of network events;

    produce time-series data comprising at least a record of a network event and the time at which the event occurred;

    an observation and state estimation module comprising at least a processor, a memory, and a plurality of programming instructions stored in the memory and operating on the processor, wherein the programmable instructions, when operating on the processor, cause the processor to;

    monitor a plurality of connected resources on a network;

    produce a cyber-physical graph representing at least a portion of the plurality of connected resources, the cyber-physical graph comprising at least the logical relationships between the portion of the plurality of connected resources on the network and the physical relationships between any connected resources that comprise at least a hardware device;

    a directed computational graph module comprising at least a processor, a memory, and a plurality of programming instructions stored in the memory and operating on the processor, wherein the programmable instructions, when operating on the processor, cause the processor to;

    perform a plurality of analysis and transformation operations on at least a portion of the time-series data;

    perform a plurality of analysis and transformation operations on at least a portion of the cyber-physical graph; and

    an action-outcome simulation module comprising at least a processor, a memory, and a plurality of programming instructions stored in the memory and operating on the processor, wherein the programmable instructions, when operating on the processor, cause the processor to;

    produce a simulated network event comprising at least a simulated cyberattack;

    produce a plurality of security recommendations based at least in part on the results of analysis performed by the directed computational graph module.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×