Patent · US Active

Model-based computer attack analytics orchestration

US10262132B2 · kind B2 · utility

12Cited by

3References

20Claims

0Family size

Assignee

ENTIT SOFTWARE LLC · US

Inventors

Philipp Reinecke · Bristol, GB
Marco Casassa Mont · Bristol, GB
Yolanta Beresna · Bristol, GB

Key dates

Filing date	Jul 1, 2016
Grant date	Apr 16, 2019
Priority date	—
Expiry date	Feb 13, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Examples relate to model-based computer attack analytics orchestration. In one example, a computing device may: generate, using an attack model that specifies behavior of a particular attack on a computing system, a hypothesis for the particular attack, the hypothesis specifying, for a particular state of the particular attack, at least one attack action; identify, using the hypothesis, at least one analytics function for determining whether the at least one attack action specified by the hypothesis occurred on the computing system; provide an analytics device with instructions to execute the at least one analytics function on the computing system; receive analytics results from the analytics device; and update a state of the attack model based on the analytics results.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.