Forecasting and classifying cyber-attacks using neural embeddings
First Claim
1. A method comprising:
- constructing a first collection, the first collection comprising a first feature vector and a Q&
A feature vector;
constructing a second collection from the first collection by inserting noise data in at least one of the first feature vector and the Q&
A feature vector, wherein the noise is inserted by changing an existing value in the first feature vector by a random amount;
further constructing a third collection by using at least one of (i) combining, to crossover, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fourth collection, wherein the second and the fourth collections have a property similar to one another, and (ii) combining, to migrate, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fifth collection, wherein the second and the fifth collections have a property distinct from one another;
aging, using a forecasting configuration, a first feature vector of the third collection to generate a changed feature vector, the changed feature vector containing feature values expected at a future time;
predicting, by inputting the changed feature vector in a trained neural network, a probability of the cyber-attack occurring at the future time.
2 Assignments
0 Petitions
Accused Products
Abstract
A first collection including a first feature vector and a Q&A feature vector is constructed. A second collection is constructed from the first collection by inserting noise in at least one of the vectors. A third collection is constructed by crossing over at least one the vectors of the second collection with a corresponding vector of a fourth collection, migrating at least one of the vectors of the second collection with a corresponding vector of a fifth collection, or both. Using a forecasting configuration, a vector of the third collection is aged to generate a changed feature vector, the changed feature vector containing feature values expected at a future time. The changed feature vector is input into a trained neural network to predict a probability of the cyber-attack occurring at the future time.
-
Citations
21 Claims
-
1. A method comprising:
-
constructing a first collection, the first collection comprising a first feature vector and a Q&
A feature vector;constructing a second collection from the first collection by inserting noise data in at least one of the first feature vector and the Q&
A feature vector, wherein the noise is inserted by changing an existing value in the first feature vector by a random amount;further constructing a third collection by using at least one of (i) combining, to crossover, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fourth collection, wherein the second and the fourth collections have a property similar to one another, and (ii) combining, to migrate, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fifth collection, wherein the second and the fifth collections have a property distinct from one another;aging, using a forecasting configuration, a first feature vector of the third collection to generate a changed feature vector, the changed feature vector containing feature values expected at a future time; predicting, by inputting the changed feature vector in a trained neural network, a probability of the cyber-attack occurring at the future time. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer program product comprising one or more computer-readable storage medium, and program instructions stored on at least one of the one or more storage medium, the stored program instructions comprising:
-
program instructions to construct a first collection, the first collection comprising a first feature vector and a Q&
A feature vector;program instructions to construct a second collection from the first collection by inserting noise data in at least one of the first feature vector and the Q&
A feature vector, wherein the noise is inserted by changing an existing value in the first feature vector by a random amount;program instructions to further construct a third collection by using at least one of (i) combining, to crossover, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fourth collection, wherein the second and the fourth collections have a property similar to one another, and (ii) combining, to migrate, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fifth collection, wherein the second and the fifth collections have a property distinct from one another;program instructions to age, using a forecasting configuration, a first feature vector of the third collection to generate a changed feature vector, the changed feature vector containing feature values expected at a future time; program instructions to predict, by inputting the changed feature vector in a trained neural network, a probability of the cyber-attack occurring at the future time.
-
-
21. A computer system comprising one or more processors, one or more computer-readable memories, and one or more computer-readable storage medium, and program instructions stored on at least one of the one or more storage medium for execution by at least one of the one or more processors via at least one of the one or more memories, the stored program instructions comprising:
-
program instructions to construct a first collection, the first collection comprising a first feature vector and a Q&
A feature vector;program instructions to construct a second collection from the first collection by inserting noise data in at least one of the first feature vector and the Q&
A feature vector, wherein the noise is inserted by changing an existing value in the first feature vector by a random amount;program instructions to further construct a third collection by using at least one of (i) combining, to crossover, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fourth collection, wherein the second and the fourth collections have a property similar to one another, and (ii) combining, to migrate, at least one of a first feature vector and a Q&
A feature vector of the second collection with a corresponding at least one of a first feature vector and a Q&
A feature vector of a fifth collection, wherein the second and the fifth collections have a property distinct from one another;program instructions to age, using a forecasting configuration, a first feature vector of the third collection to generate a changed feature vector, the changed feature vector containing feature values expected at a future time; program instructions to predict, by inputting the changed feature vector in a trained neural network, a probability of the cyber-attack occurring at the future time.
-
Specification