Providing alerts based on unstructured information methods and apparatus

US 9,503,464 B2
Filed: 01/04/2016
Issued: 11/22/2016
Est. Priority Date: 03/15/2013
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus comprising:

an interface configured to receive unstructured information; and

a hardware processor configured to;

determine a threat score for the unstructured information by comparing at least some of the unstructured information to pre-identified information associated with a numerical value;

responsive to the threat score exceeding a predetermined threshold, determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information by;

determining a first label for an urgency field of the Common Alerting Protocol file,determining a second label for a severity field of the Common Alerting Protocol file,determining a third label for a category field of the Common Alerting Protocol file, anddetermining a fourth label for a certainty field of the Common Alerting Protocol file;

create the Common Alerting Protocol file that includes the determined labels;

identify text located within the unstructured information that summarizes at least some of the content within the unstructured information;

determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text; and

transmit the Common Alerting Protocol file to a decision system to determine at least one of a security risk or a safety risk for one or more subscribing clients.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and apparatus for providing alerts based on unstructured information are disclosed. An example apparatus includes an interface configured to receive unstructured information and a processor configured to determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information. The processor determines, for example, a first label for an urgency field, a second label for a severity field, a third label for a category field, and a fourth label for a certainty field of the Common Alerting Protocol file. The example processor is configured to create the Common Alerting Protocol file that includes the determined labels and transmit the Common Alerting Protocol file to a decision system to determine a security risk or a safety risk for one or more subscribing clients.

30 Citations

View as Search Results

21 Claims

1. An apparatus comprising:
- an interface configured to receive unstructured information; and
  
  a hardware processor configured to;
  
  determine a threat score for the unstructured information by comparing at least some of the unstructured information to pre-identified information associated with a numerical value;
  
  responsive to the threat score exceeding a predetermined threshold, determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the unstructured information by;
  
  determining a first label for an urgency field of the Common Alerting Protocol file,determining a second label for a severity field of the Common Alerting Protocol file,determining a third label for a category field of the Common Alerting Protocol file, anddetermining a fourth label for a certainty field of the Common Alerting Protocol file;
  
  create the Common Alerting Protocol file that includes the determined labels;
  
  identify text located within the unstructured information that summarizes at least some of the content within the unstructured information;
  
  determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text; and
  
  transmit the Common Alerting Protocol file to a decision system to determine at least one of a security risk or a safety risk for one or more subscribing clients.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The apparatus of claim 1, wherein the processor is configured to:
    - identify geographic location information located within the unstructured information; and
      
      determine a geographic location label for a geographic Common Alerting Protocol field of the Common Alerting Protocol file using the geographic location information.
  - 3. The apparatus of claim 2, wherein the geographic location label includes at least one of a city name and a country name, an address, and a latitude and longitude.
  - 4. The apparatus of claim 3, wherein the geographic location label includes at least one of a graphic image of a map related to the geographic location information, a link to a map related to the geographic location information, and an embedded map related to the geographic location information.
  - 5. The apparatus of claim 1, wherein the processor is configured to identify the text that summarizes at least some of the content by matching terms or phrases of the content to pre-identified content.
  - 6. The apparatus of claim 1, wherein the text includes metadata related to the unstructured information.
  - 7. The apparatus of claim 1, wherein the unstructured information includes at least one of text, a picture, a video, and audio.
  - 8. The apparatus of claim 7, wherein the processor is configured to include (i) the at least one of the text, the picture, the video, and the audio, or (ii) a link to the at least one of the text, the picture, the video, and the audio within the description Common Alerting Protocol field of the Common Alerting Protocol file.
  - 9. The apparatus of claim 1, wherein the processor is configured to:
    - generate threat scores respectively for the Common Alerting Protocol fields of the Common Alerting Protocol file based on the unstructured information; and
      
      store the threat scores to the Common Alerting Protocol file.
  - 10. The apparatus of claim 9, wherein the processor is configured to specify in the Common Alerting Protocol file that the threat scores are to be displayed adjacent to the respective labels.
  - 11. The apparatus of claim 9, wherein the processor is configured to determine the labels for the Common Alerting Protocol fields based on the respective threat scores.

12. An apparatus comprising:
- a content interface communicatively coupled to the Internet and configured to receive unstructured information from at least one data source;
  
  a hardware processor communicatively coupled to the content interface and configured to;
  
  determine a threat score for the unstructured information by comparing at least some of the unstructured information to pre-identified information related to a numerical value;
  
  responsive to the threat score exceeding a predetermined threshold, determine labels for at least two Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the received unstructured information by determining at least two of;
  
  a first label for an urgency field of the Common Alerting Protocol file,a second label for a severity field of the Common Alerting Protocol file,a third label for a category field of the Common Alerting Protocol file, anda fourth label for a certainty field of the Common Alerting Protocol file;
  
  create the Common Alerting Protocol file that includes the determined labels;
  
  identify text located within the unstructured information that summarizes a portion of the content within the received unstructured information;
  
  determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text;
  
  compare information within the Common Alerting Protocol file to information within previously created Common Alerting Protocol files;
  
  conditioned on the information within the Common Alerting Protocol file not matching the information within the previously created Common Alerting Protocol files, transmit the Common Alerting Protocol file to a decision system to determine at least one of a security risk or a safety risk for one or more subscribing clients; and
  
  conditioned on the information within the Common Alerting Protocol file matching the information within at least one previously created Common Alerting Protocol file, discarding the Common Alerting Protocol file.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The apparatus of claim 12, wherein the processor is configured to:
    - determine a client identified within the unstructured information or related to a geographic location specified within the unstructured information; and
      
      at least one of (i) transmit an identifier of the client to the decision system in conjunction with the Common Alerting Protocol file, and (ii) store the identifier of the client to the Common Alerting Protocol file.
  - 14. The apparatus of claim 13, wherein the processor is configured to determine the client by:
    - comparing at least one of a client employee name, a client facility address, and a client product name to the content within the unstructured information; and
      
      conditioned upon a match occurring during the comparison, at least one of (i) transmitting the matching information with the Common Alerting Protocol file, and (ii) storing the matching information to the Common Alerting Protocol file.
  - 15. The apparatus of claim 12, wherein the processor is configured to:
    - determine a geographic location specified within the unstructured information;
      
      determine clients related to the geographic location; and
      
      create a copy of the Common Alerting Protocol file for each of the determined clients, each copy including an identifier of the respective client for transmission to the decision system.
  - 16. The apparatus of claim 12, wherein the unstructured information includes information within a document or a data structure that is unlabeled or unclassified.

17. A system comprising:
- a moderation server communicatively coupled to at least one data source and comprising a hardware processor and a memory storing instructions that when executed, cause the hardware processor to;
  
  receive unstructured information from the at least one data source;
  
  determine a threat level for the unstructured information;
  
  responsive to the threat level exceeding a predetermined threshold, determine labels for Common Alerting Protocol fields of a Common Alerting Protocol file using at least some content within the received unstructured information by;
  
  determining a first label for an urgency field of the Common Alerting Protocol file,determining a second label for a severity field of the Common Alerting Protocol file,determining a third label for a category field of the Common Alerting Protocol file, anddetermining a fourth label for a certainty field of the Common Alerting Protocol file;
  
  create the Common Alerting Protocol file that includes the determined labels;
  
  identify text located within the unstructured information that summarizes at least some of the content within the received unstructured information;
  
  determine description information for a description Common Alerting Protocol field of the Common Alerting Protocol file using the identified text;
  
  transmit the Common Alerting Protocol file;
  
  a decision server communicatively coupled to the moderation server and configured to;
  
  receive the Common Alerting Protocol file;
  
  aggregate the Common Alerting Protocol file with other Common Alerting Protocol files related to a similar threat;
  
  analyze the aggregated Common Alerting Protocol files to determine whether there is a security or safety risk a client; and
  
  transmit an alert to device of the client responsive to determining there is a security or safety risk to the client based on the aggregated Common Alerting Protocol files.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The apparatus of claim 17, wherein the decision server is configured to:
    - display the labels for Common Alerting Protocol fields of the Common Alerting Protocol file;
      
      prompt a user to ignore or escalate the Common Alerting Protocol file;
      
      responsive to receiving a response to ignore, discard the Common Alerting Protocol file; and
      
      responsive to receiving a response to escalate, transmit the alert to the device of the client.
  - 19. The apparatus of claim 17, wherein the decision server is configured to transmit the alert to a public security force.
  - 20. The apparatus of claim 17, wherein the moderation server is configured to:
    - compare the received unstructured information to previously received unstructured information;
      
      conditioned on the unstructured information not matching the previously received unstructured information, determine the labels for the Common Alerting Protocol fields of the Common Alerting Protocol file; and
      
      conditioned on the unstructured information matching at least some previously received unstructured information, discarding the received unstructured information.
  - 21. The apparatus of claim 20, wherein discarding the received unstructured information includes filtering a redundant news story related to previously received new stories related to the same event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pinkerton Consulting & Investigations, Inc. (Securitas AB)
Original Assignee
Pinkerton Consulting & Investigations, Inc. (Securitas AB)
Inventors
Zahran, Jack I.
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Khan, Sher A

Application Number

US14/987,414
Publication Number

US 20160119370A1
Time in Patent Office

323 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/353   into predefined classes

G06F 21/55   Detecting local intrusion o...

H04L 63/1416   Event detection, e.g. attac...

Providing alerts based on unstructured information methods and apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Providing alerts based on unstructured information methods and apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links