Providing alerts based on unstructured information methods and apparatus
First Claim
1. An apparatus comprising:
- an interface configured to receive unstructured information; and
a hardware processor configured to;
determine a threat score for the unstructured information by comparing at least some of the unstructured information to pre-identified information associated with a numerical value;
responsive to the threat score exceeding a predetermined threshold, determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information by;
determining a first label for an urgency field of the Common Alerting Protocol file,determining a second label for a severity field of the Common Alerting Protocol file,determining a third label for a category field of the Common Alerting Protocol file, anddetermining a fourth label for a certainty field of the Common Alerting Protocol file;
create the Common Alerting Protocol file that includes the determined labels;
identify text located within the unstructured information that summarizes at least some of the content within the unstructured information;
determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text; and
transmit the Common Alerting Protocol file to a decision system to determine at least one of a security risk or a safety risk for one or more subscribing clients.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method, and apparatus for providing alerts based on unstructured information are disclosed. An example apparatus includes an interface configured to receive unstructured information and a processor configured to determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information. The processor determines, for example, a first label for an urgency field, a second label for a severity field, a third label for a category field, and a fourth label for a certainty field of the Common Alerting Protocol file. The example processor is configured to create the Common Alerting Protocol file that includes the determined labels and transmit the Common Alerting Protocol file to a decision system to determine a security risk or a safety risk for one or more subscribing clients.
-
Citations
21 Claims
-
1. An apparatus comprising:
-
an interface configured to receive unstructured information; and a hardware processor configured to; determine a threat score for the unstructured information by comparing at least some of the unstructured information to pre-identified information associated with a numerical value; responsive to the threat score exceeding a predetermined threshold, determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information by; determining a first label for an urgency field of the Common Alerting Protocol file, determining a second label for a severity field of the Common Alerting Protocol file, determining a third label for a category field of the Common Alerting Protocol file, and determining a fourth label for a certainty field of the Common Alerting Protocol file; create the Common Alerting Protocol file that includes the determined labels; identify text located within the unstructured information that summarizes at least some of the content within the unstructured information; determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text; and transmit the Common Alerting Protocol file to a decision system to determine at least one of a security risk or a safety risk for one or more subscribing clients. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus comprising:
-
a content interface communicatively coupled to the Internet and configured to receive unstructured information from at least one data source; a hardware processor communicatively coupled to the content interface and configured to; determine a threat score for the unstructured information by comparing at least some of the unstructured information to pre-identified information related to a numerical value; responsive to the threat score exceeding a predetermined threshold, determine labels for at least two Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the received unstructured information by determining at least two of; a first label for an urgency field of the Common Alerting Protocol file, a second label for a severity field of the Common Alerting Protocol file, a third label for a category field of the Common Alerting Protocol file, and a fourth label for a certainty field of the Common Alerting Protocol file; create the Common Alerting Protocol file that includes the determined labels; identify text located within the unstructured information that summarizes a portion of the content within the received unstructured information; determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text; compare information within the Common Alerting Protocol file to information within previously created Common Alerting Protocol files; conditioned on the information within the Common Alerting Protocol file not matching the information within the previously created Common Alerting Protocol files, transmit the Common Alerting Protocol file to a decision system to determine at least one of a security risk or a safety risk for one or more subscribing clients; and conditioned on the information within the Common Alerting Protocol file matching the information within at least one previously created Common Alerting Protocol file, discarding the Common Alerting Protocol file. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A system comprising:
-
a moderation server communicatively coupled to at least one data source and comprising a hardware processor and a memory storing instructions that when executed, cause the hardware processor to; receive unstructured information from the at least one data source; determine a threat level for the unstructured information; responsive to the threat level exceeding a predetermined threshold, determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the received unstructured information by; determining a first label for an urgency field of the Common Alerting Protocol file, determining a second label for a severity field of the Common Alerting Protocol file, determining a third label for a category field of the Common Alerting Protocol file, and determining a fourth label for a certainty field of the Common Alerting Protocol file; create the Common Alerting Protocol file that includes the determined labels; identify text located within the unstructured information that summarizes at least some of the content within the received unstructured information; determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text; transmit the Common Alerting Protocol file; a decision server communicatively coupled to the moderation server and configured to; receive the Common Alerting Protocol file; aggregate the Common Alerting Protocol file with other Common Alerting Protocol files related to a similar threat; analyze the aggregated Common Alerting Protocol files to determine whether there is a security or safety risk a client; and transmit an alert to device of the client responsive to determining there is a security or safety risk to the client based on the aggregated Common Alerting Protocol files. - View Dependent Claims (18, 19, 20, 21)
-
Specification