Digital weapons factory and digital operations center for producing, deploying, assessing, and managing digital defects
First Claim
1. A method of rapidly producing a cyber response tool, the method comprising:
- detecting a threat object, during a first phase, with one or more sensor platforms;
modeling a lifecycle of the detected threat object;
identifying vulnerabilities of the lifecycle based on the model;
providing a set of cyber response tools;
determining whether each cyber response tool of a set of cyber response tools is effective in exploiting and manipulating the threat vulnerabilities based on an observation of the effectiveness of the cyber response tool by the one or more sensor platforms;
identifying one or more effective portions of one or more of the cyber response tools that correspond to the identified vulnerabilities;
creating a new cyber response tool based on the identified vulnerabilities and the one or more effective portions; and
applying the new cyber response tool to the threat object and/or to a device that is operatively connectable to the threat object.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of rapidly producing a new cyber response tool (e.g., in near-real-time) by matching vulnerabilities of enemy threats (e.g., a missile and/or a tank) to corresponding portions of other response tools that effectively exploit the matched vulnerability. An iterative framework may be utilized to repeatedly prioritize a set of cyber response tools based on a corresponding probability of success. For example, a computer or computer network may implement the iterative framework to carry out the probability computation and corresponding cyber response tool prioritization. If a total probability of success is below a given threshold (e.g., 95%), then creation of one or more new cyber response tools may be initiated. The probability of success may be a function of time (e.g., ten minutes before an expected launch) and/or a function of a phase of a lifecycle of the enemy threat (e.g., a launch phase).
11 Citations
20 Claims
-
1. A method of rapidly producing a cyber response tool, the method comprising:
-
detecting a threat object, during a first phase, with one or more sensor platforms; modeling a lifecycle of the detected threat object; identifying vulnerabilities of the lifecycle based on the model; providing a set of cyber response tools; determining whether each cyber response tool of a set of cyber response tools is effective in exploiting and manipulating the threat vulnerabilities based on an observation of the effectiveness of the cyber response tool by the one or more sensor platforms; identifying one or more effective portions of one or more of the cyber response tools that correspond to the identified vulnerabilities; creating a new cyber response tool based on the identified vulnerabilities and the one or more effective portions; and applying the new cyber response tool to the threat object and/or to a device that is operatively connectable to the threat object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of rapidly producing a cyber response tool, the method comprising:
-
detecting a threat object, during a first phase, with one or more sensor platforms; modeling a lifecycle of the detected threat object; identifying vulnerabilities of the lifecycle based on the model; searching for a cyber response tool in a set of cyber response tools in a database; determining whether each cyber response tool of a set of cyber response tools is effective in exploiting and manipulating the threat vulnerabilities based on an observation of the effectiveness of the cyber response tool by the one or more sensor platforms; identifying one or more effective portions of one or more of the cyber response tools that correspond to the identified vulnerabilities; creating a new cyber response tool based on the identified vulnerabilities and the one or more effective portions; and applying the new cyber response tool to the threat object and/or to a device that is operatively connectable to the threat object.
-
-
20. A system for rapidly producing a cyber response tool, the system comprising:
-
a detection module for detecting a threat object, during a first phase, with one or more sensor platforms; a modeling module for modeling a lifecycle of the detected threat object; an identification module for identifying vulnerabilities of the lifecycle based on the model; a storage module for providing a set of cyber response tools; a determination module for determining whether each cyber response tool of a set of cyber response tools is effective in exploiting and manipulating the threat vulnerabilities based on an observation of the effectiveness of the cyber response tool by the one or more sensor platforms; a second identification module for identifying one or more effective portions of one or more of the cyber response tools that correspond to the identified vulnerabilities; a matching module for creating a new cyber response tool based on the identified vulnerabilities and the one or more effective portions; and an implementation module for applying the new cyber response tool to the threat object and/or to a device that is operatively connectable to the threat object.
-
Specification